Login via Badge

Updated 3 weeks ago by Colin Mollenhour

As a time-saving feature, ShipStream supports multiple methods of logging in in addition to the username and password method. This is particularly useful for organizations that use shared devices where users are frequently changing devices or just to cut time wasted typing passwords. Inconvenient login procedures also encourage insecure passwords so by using Login via Badge you can more easily encourage your users to use stronger passwords.

The methods supported are:

  • Barcode Only
  • Barcode + PIN
  • NFC Tag Only
  • NFC Tag + PIN

Enabling Login via Badge

The first step is to enable Login via Badge in the system configuration. Go to System > Configuration > Advanced > Admin and expand the Security tab. Set Login via Badge to Enable and click Save Config.

The Login via Badge feature must also be enabled on a per-user basis. You can update this individually or using a mass action on the System > Users grid.

Require PIN Code

As an additional measure of security since the badge codes are reusable and could fairly easily be decoded with a smartphone camera or NFC reader app, you can enable PIN Required and set the desired number of PIN Digits to require a PIN to be entered before login access is granted. If enabled, the user will be forced to set their PIN upon the first login using the barcode or NFC tag. If disabled, the user will still have an opportunity to set the PIN but will be allowed to skip it on their first login.

Managing Badge Codes

Once enabled, the badge code will be automatically generated but you will need to provide your users with a physical badge which would be in the form of either a scannable barcode or a programmed NFC tag or both. You can obtain the badge codes from the System > Users grid by using the Export Badge Codes mass action which will export a CSV file with the users and their respective badge codes.

This action requires that a user has the the permission System > Permissions > Users > Export Badge Codes. This permission would allow a user to login to other users' accounts unless the PIN Required feature was enabled and the users had already set PIN codes.

Once you have exported the badge codes you can create barcodes or NFC tags using whatever materials you like.

Compromised or lost Badge and PIN Codes

If a badge is compromised you can use the Reset Badge Codes mass-action from the System > Users grid to reset a user's badge code thereby disabling login through the compromised badge. Similarly, use the Delete PIN Codes mass action to delete a PIN code so that the user will be able to set a new PIN upon the next login.

Logging in with a badge

For barcodes, simply visit the login page and scan the barcode using your device's barcode scanner.

For NFC tags use your device's generic NFC reader to scan the URL encoded into the tag and open the web browser to that URL.

If the user has a PIN set or a PIN is required they will be logged in after entering the correct PIN.

Scanning a badge while logged in will automatically log the user out so the user does not need to first click the Logout button.

How did we do?