Password Security
The POSey Point-Of-Sale system allows extensive multi-level password
security.__Programs which allow data entry, or which provide access to
confidential data are protected from use by any person who is not assigned
the property password authority.__Access to the Cash Register is also
limited to clerks with the property password level assigned to them.
Each system user or clerk must be assigned a password to gain access to the
POSey programs.__The password may be unique for each individual, or more
commonly, groups of people with the same access level are assigned the same
password which provides the authorities for their job responsibilities.__For
example, four unique passwords might be created for clerical staff,
cashiers, managers, and the owners.__Each of these passwords is assigned
those authorities which each position requires, with the owner password
being a master-level password.
+--------------------------------------------------------------------------------+
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||| Password Entry |||||||||||||||||||||||||||||||||
|||||__Password:____________________________________Levels: 0 ù No access___||||||
|||||_______________________________________________________1 ù Read only___||||||
|||||_______________________________________________________2 ù Read update ||||||
|||||__Master ............_____Password editing ._____Keybd program ....____||||||
|||||__Clerk create/edit ._____Inventory ........_____Account editing ..____||||||
|||||__Configuration ....._____Unused ..........._____Report ...........____||||||
|||||__Exit to DOS ......._____Register ........._____Unused ...........____||||||
|||||----------------------------------+------------------------------------||||||
|||||_____Reports;_______(X)___(Z)_____|_________Register Functions_________||||||
|||||----------------------------------+------------------------------------||||||
|||||_____System ......._______________|______No sale ..............________||||||
|||||_____Inventory ...._______________|______Pre-Void Item.........________||||||
|||||_____Clerk ........_______________|______Void transaction .....________||||||
|||||_____Employee ....._______________|______Discount .............________||||||
|||||_____Open Account ._______________|______Refund ...............________||||||
|||||_____Guest Check .._______________|______Paid out .............________||||||
|||||__________________________________|______Post-Void Item .......________||||||
|||||__________________________________|______Receipt after sale ...________||||||
|||||__________________________________|______Duplicate Receipt.....________||||||
|||||__________________________________|______Vendacard Credit......________||||||
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|________________________________________________________________________________|
+--------------------------------------------------------------------------------+
Password Entry
The Password Entry program allows you to enter passwords into the POSey
system.__This program is located in the Time & Attendance Menu.__A variety
of authorities is permitted or denied by the use of passwords.__Some of
these protected activities are flagged yes or no, indicating whether a
person with this password may do those activities;
____Y = Authority is granted
____N = Authority is denied
Other activities have three levels of access;
____0 = No access is allowed
____1 = The person may view records or data
____2 = The person may view AND modify records or data
The passord entry screen is divided into three sections.__The top half of
the screen contains fields which determine main menu access to back office
programs and the cash register programs.__The bottom left section, labeled
reports, determines whether a person can view or print reports, and if they
can perform 'Z' reports.__The bottom right section of the screen contains
password authorities for those who are using the cash register.
Following is detailed description of each of the password authorities.
Main Menu Password Access
Master
A password with master level authority allows access to everything in the
POSey system.__Usually there will be only one master level password used in
the system, although the dealer may want to enter his own master level
password if he will be responsible for maintaining the system on a
continuing basis.__If the master level authority is marked 'Y', the other
fields in the password entry screen are ignored.
Password Editing
This field allows read or write access to the password entry program which
is the topic of this chapter.__No one should have access to this type of
authority except the person in charge of the system, like the owner or
manager.
Keyboard Programming
This password authority limits use of the register keyboard programming
section, including Key Programming, the Keymap Editor, and the Macro Editor.
This access should be reserved for someone with an understanding of how
keymaps and key programming are used in the system.
Clerk Create/Edit
Access to the clerk entry section of Time & Attendance is limited or allowed
by this password.__This would usually be a manager or someone in the payroll
department.
Inventory
This field allows/disallows access to the inventory menu programs, including
the purchase order programs, and other programs which may affect inventory
records or inventory levels.
Account Editing
The field restricts access to the A/R open account entry section, including
customer tracking.
Configuration
Configuration programs may only be used to the extent allowed by the
configuration authority password.__Granting access for viewing the
configuration info is a benign and sometimes useful action, but authority to
change configuration info should be reserved for those who are familiar with
the technical aspects of the system.
Reports
The bottom left portion of the screen is used for report access password
authorities.__In order for any access of Register reports at all, this field
must be set to 'Y'.__Note that the reports referred to here are the ones
available from the Register Report Menu.__The back-office reports are
covered by other password access fields.
Exit to DOS
When you hit the escape key at the POSey Main Menu, or when you select the
System Shutdown option from the Main Menu, the program will only grant
access to the MS-DOS prompt to those who have this password authority.__This
allows you to preclude all except the most clever employees from accessing
your DOS file system and configuration.
IMPORTANT NOTE: If you use the command line argument "/X" when invoking the
POSey MAINMENU.EXE, POSMAIN.EXE, or REGINIT.EXE program, the system
will not prompt for a password before exit to DOS.__This is true regardless
of the setting of this password authority.
Register
The bottom right section of the password entry screen is used to determine
the degree of Register access to which each person is entitled.__However,
entry into the Register program is dictated by the setting of this Register
access password.
Register Report Password Access
The bottom left part of the entry screen is used for allowing or
restricting access to the Register Reports.__These are the reports
available from the Register Report Menu.__Each field should be marked with a
'Y' or 'N'.
The report categories for password access follow the same breakdown as found
in the Register Report Menu.__For each category of report, you may choose to
allow reports to be viewed and printed ('X'), or to allow the report totals
to be cleared (referred to as a 'Z' report).
It would not be uncommon to allow view access to reports, although in most
situations a clerk would only need access to the clerk or guest check
reports.__System and inventory sales reports, as well as employee and open
account reports, may need to be protected from people who do not have
business with this information.__In any case, 'Z' report access should
probably be limited to persons with manager authority, or those in charge of
particular departments.
Register Access Password Authorities
The bottom right portion of the password entry screen is used to provide or
deny access to various Register functions.__If a clerk is assigned a
particular password authority, it means they can perform that function
without approval.__If they do not have the authority, the Register will pop
open a password entry screen and ask for the proper password to be entered.
No Sale
This password authority allows the clerk to do a no-sale at the cash
register.__A no-sale is defined as opening the cash drawer when no sale is
being tendered.__In other words, this would give the clerk full access to
the cash drawer at any time.
Note that in addition to having this password authority, the media key used
to open the drawer must have no-sale capability given to it in when it is
programmed for use with the Register, in order for the drawer to open for a
no-sale.
Pre-Void Item
This field allows the clerk to do a pre-void at the Register.__In the POSey
system a pre-void is defined as the voiding of an item before it is sent to
the remote or kitchen printer.__Pre-voiding is normally usually necessary
because the clerk hit the wrong key, and would not normally require manager
approval.
Void Transaction
To void the entire transaction at one time, the clerk must be assigned this
password authority.__This is also the password access that is checked when
in "86 mode", if you want to delete the entire list of items that have been
entered.
Of course all of the items in a sale could be voided one at a time by using
the item void key, perhaps with a lesser password authority.__But note that
voiding all of the items in a transaction does not nullify the current
transaction ... you must still complete the transaction in some way.__On the
other hand, a void transaction will actually finalize the transaction and
close it out.
When doing a post-void of a transaction, you must have void-transaction AND
post-void item password authority.
Note that post-voids can be either deletions (like a standard void), or they
can be promos, where the items to be voided are merely discounted (usually
by 100 percent).__One of these two different methods of post-voiding must be
selected when you set up post-void reasons.__See the section,
"Configuration, Post-Void Reason Entry" elsewhere in this manual.__If no
post-void reasons are configured, the Register will assume all post-voids
are deletions.
Discount
This field lets the clerk do discounts of items or of the entire
transaction.__The actual percentage amount of the discount which is applied
is set by the programming of the discount key.
For transaction discounts, a maximum number of discounts per transaction may
be stipulated when programming the key.__This maximum number of discounts
can only be overridden by someone with a master level password.
Refund
This password authority allows the clerk to issue refunds from the Cash
Register.__The most obvious way in which a refund may be issued is by using
the Refund key, but note that refunds may also occur in cases where coupons
total up to more than the amount of sale.
Paid Out
This field allows the clerk to do paid outs.__Paid outs may be cash paid to
customers or vendors from the Register with the paid out key, or in some
cases the paid out key may be used by management to remove money from the
till (even though the Pickup key is provided for this purpose).__This
password authority also provides access to tips paid out.
Post-Void Item
This field lets the clerk perform post-voids of an item.__A post-void is
defined as voiding an item that has already been sent to a remote or kitchen
printer.__Separate password authority is provided for post-voids because it
can usually be assumed that after printing in the kitchen, some product has
been used or wasted.__Note that post-voids can only occur when ringing up
sales in a guest check.__Items are sent to the kitchen printer each time the
guest check is serviced or printed.
IMPORTANT: If a post-void of the entire transaction is done, and the clerk
has neither the authority to do post-voids of items, or a void transaction,
the system will ask for a password twice in succession.__This is because it
is asking for a transaction void password first, and then for a post-void
item password.__To avoid this inconvenience, you might want to allow clerks
password authority to do pre-voids AND void transactions, but preclude them
from doing post-void of items.__Setup this way, the system will only ask for
one password when a transaction post-void is done.
Receipt After Sale
The POSey system has the ability to print a receipt after the sale.__This
allows you to set the receipt printer switch to 'N' so that a receipt is not
normally printed.__When the customer asks for a receipt, one can still be
printed using the receipt after sale capability.
This password authority allows the clerk to print the receipt after sale
from the Register.
Duplicate Receipt
If a customer asks for a duplicate copy of the receipt, one can be printed
at any time before the NEXT transaction is finalized.__The ability to print
duplicate receipts can be limited using this password authority.
Vendacard Credit
This password authority allows a clerk to add additional credit to a
vendacard.__The vendacard is a magstripe card that can be encoded with a
dollar amount that can be tendered against a sale.__This option is only used
in a system that has an XCP vendacard reader attached.
Default Password
When the POSey system is first installed, or when using our DEMO data files,
the default password is "1234".__This is a master level password that will
permit you to do anything the system allows.__If you want to test out some
of the password protection features of the Register, you will need to create
an additional password that has fewer authorities.
IMPORTANT NOTE: Do not delete the last master level password from the
system.__If you delete the password record for the password "1234", make
sure you have created another master level password to take its place.__If
you delete all the passwords with password editing capability from the
password file, and then exit the program, you will not again be able to gain
access to the password file.
Creating and Editing Passwords
In the first field of the password editing screen, enter the password you
want to create or edit.__If the password currently exists, it will be
displayed on the screen.__Otherwise a blank screen will be displayed.__Fill
in all the fields with the access levels appropriate for this password.
Then press F-10 to save the record.
All numeric fields that are left blank will assume a value of zero.__Yes/no
fields that are left blank will default to 'N'.
Passwords may be composed of numbers or letters, or a mixture of both.
However, it is strongly recommended that you stick with numeric passwords.
The main reason is because the Register only provides a numeric keypad when
asking for password authority to perform functions.
Assigning Passwords to Clerks
Before a clerk can logon to the Register, a password must be assigned which
gives him Register access.__This can be done by hitting the F8 function
key while the clerk record is being viewed in the Clerk Entry/Edit program.
Assigning passwords to clerks can also be done from the password entry
screen.__Recall the appropriate password record, and then hit the F7
function key.__The program will ask for the clerk number.__The password will
then be assigned to that clerk.
If the clerk number is not known, you may hit the F6 key to display a list
of all the clerks in the system.__If there is not enough room in the window,
you may use the PageUp and PageDn keys to scroll through the list.__Use the
up or down arrow keys to move the cursor to the proper clerk.__Hit the ENTER
key to highlight the clerk, and the hit the F10 key to assign the password
to this clerk.