password protect the master database to prevent accidental changes
It is too easy for anyone to select "Copy to Master" and make a mess of the master database.
Our current recommendation for this situation is to use Windows file permissions to make the master database read-only for users who should not have access to it. They will be able to view the master database and copy settings to their projects, but will not be able to make any changes to it.
When you do this, you have to set the permissions on the database file itself. They need to have read-write permission on the customization folder on the network still.