Login via Badge
As a time-saving feature, ShipStream supports multiple methods of logging in in addition to the username and password method. This is particularly useful for organizations that use shared devices where users are frequently changing devices or just to cut time wasted typing passwords. Inconvenient login procedures also encourage insecure passwords so by using Login via Badge you can more easily encourage your users to use stronger passwords.
The methods supported are:
- Barcode Only
- Barcode + PIN
- NFC Tag Only
- NFC Tag + PIN
Enabling Login via Badge
The first step is to enable Login via Badge in the system configuration. Go to System > Configuration > Advanced > Admin and expand the Security tab. Set Login via Badge to Enable and click Save Config.
The Login via Badge feature must also be enabled on a per-user basis. You can update this individually or using a mass action on the System > Users grid.
Require PIN Code
As an additional measure of security since the badge codes are reusable and could fairly easily be decoded with a smartphone camera or NFC reader app, you can enable PIN Required and set the desired number of PIN Digits to require a PIN to be entered before login access is granted. If enabled, the user will be forced to set their PIN upon the first login using the barcode or NFC tag. If disabled, the user will still have an opportunity to set the PIN but will be allowed to skip it on their first login.
Managing Badge Codes
Once enabled, the badge code will be automatically generated but you will need to provide your users with a physical badge which would be in the form of either a scannable barcode or a programmed NFC tag or both. You can obtain the badge codes from the System > Users grid by using the Export Badge Codes mass action which will export a CSV file with the users and their respective badge codes.
Once you have exported the badge codes you can create barcodes or NFC tags using whatever materials you like.
Compromised or lost Badge and PIN Codes
If a badge is compromised you can use the Reset Badge Codes mass-action from the System > Users grid to reset a user's badge code thereby disabling login through the compromised badge. Similarly, use the Delete PIN Codes mass action to delete a PIN code so that the user will be able to set a new PIN upon the next login.
Logging in with a badge
For barcodes, simply visit the login page and scan the barcode using your device's barcode scanner.
For NFC tags use your device's generic NFC reader to scan the URL encoded into the tag and open the web browser to that URL.
If the user has a PIN set or a PIN is required they will be logged in after entering the correct PIN.