In the present MAX setting for the RT controller we have the option for setting the password to prevent the changes to the settings but it still has to be extended one more layer. If I have set the permissions and logged in and when I try to restart the system MAX should prompt for the password if I have not logged in the password prompt is not required. This will prevent the access of the RT by the other people if the RT is connected to the common server.
Am not sure whether it has been already proposed but it will be better if we have this option.