PIN Setup
PINs are the primary authentication method for the POS register. Instead of typing an email and password between every transaction, cashiers and managers enter a fast 4-digit PIN to log in, switch users, or authorize overrides. This page covers setting up PINs, resetting them, and PIN security best practices.
How PINs Work
PINs in Brother POS are used exclusively at the POS register interface. They are separate from the email/password credentials used for admin panel login.
| Feature | Email/Password | PIN |
|---|---|---|
| Admin Panel login | Yes | No |
| POS Register login | No | Yes |
| Manager override at POS | No | Yes |
| Length | 8+ characters | 4 digits |
| Hashing | Secure hash | Secure hash |
When a user enters their PIN at the POS:
- The PIN is securely hashed.
- The hash is compared against stored PIN hashes in the database.
- If a match is found, the user is logged in instantly.
- The POS interface updates to show the logged-in user's name and role.
PINs are securely hashed -- they cannot be viewed or recovered, only reset. There is no delay when entering a PIN, even with many users in the system.
Setting a PIN for a New User
When creating a new user account, you can set their PIN during the creation process.
Step-by-Step
- Go to Settings > Manage Users, or navigate directly to
/users. - Click New User.
- Fill in the required fields (name, email, password, role).
- In the PIN field, enter a 4-digit number.
- Click Create User.
The user can now log in to the POS register using this PIN.
If possible, let the user choose their own PIN so it is easy for them to remember. Have them tell you the number and you enter it, or let them type it themselves on your screen.
Setting a PIN for an Existing User
If a user was created without a PIN, or if you need to change their PIN:
- Go to Settings > Manage Users, or navigate directly to
/users. - Click the user's name to open their edit page.
- Enter the new PIN in the PIN field.
- Click Save Changes.
The new PIN takes effect immediately. The user's old PIN (if any) stops working right away.
Resetting a Forgotten PIN
If a user forgets their PIN:
- Go to Settings > Manage Users, or navigate directly to
/users. - Click the user's name.
- Clear the existing PIN field and enter a new 4-digit PIN.
- Click Save Changes.
- Tell the user their new PIN.
Do not write PINs on sticky notes attached to registers. Tell the user their PIN verbally or via a secure message. PINs should be treated like passwords.
Removing a PIN
To remove a user's POS access without deactivating their entire account:
- Open the user's edit page.
- Clear the PIN field (leave it blank).
- Click Save Changes.
The user can no longer log in to the POS register but can still access the admin panel (if their role allows it).
PIN Requirements
Brother POS enforces the following PIN rules:
| Rule | Details |
|---|---|
| Length | Exactly 4 digits |
| Characters | Numbers only (0-9) |
| Uniqueness | There is no uniqueness validation on PINs. The system allows duplicate PINs, but this can cause authentication issues. Ensure each user has a distinct PIN. |
| Sequential restriction | None (PINs like 1234 are allowed but discouraged) |
PIN Uniqueness
Although the system does not enforce PIN uniqueness, it is strongly recommended that each active user has a distinct PIN. If two users share the same PIN, the system may authenticate the wrong user, leading to incorrect attribution of sales, overrides, and other actions.
PINs are used to identify which user is performing an action. If two users share a PIN, the system may not reliably determine which person is logged in. This is critical for accountability -- every sale, return, and override is attributed to the user whose PIN was entered.
Who Needs a PIN?
| Role | Needs a PIN? | Why |
|---|---|---|
| Clerk | Yes | Required to log in to the POS register and process sales. |
| Manager | Yes | Required to log in to the POS, open/close drawers, and authorize overrides. |
| Admin | Recommended | Useful for POS access and authorizing overrides. Not strictly required if admin only uses the web panel. |
| Driver | No | Drivers use the mobile PWA with email/password login. |
Even if a manager primarily works in the admin panel, they should have a PIN. Clerks will need a manager PIN for override actions (discounts, returns, voids), and the manager needs to be able to enter their PIN at the register.
PIN Security Best Practices
Choosing Good PINs
| Do | Don't |
|---|---|
| Use a random 4-digit number | Use 0000, 1111, or other repeating digits |
| Choose something memorable to the user | Use the user's birth year or phone number |
| Change the PIN if it may be compromised | Share PINs between users |
| Use different PINs for different systems | Use the same PIN as your bank card |
Operational Security
- Do not post PINs on the register. PINs should be memorized.
- Shield PIN entry. When entering a PIN at the POS, the user should block the screen from view, just like at an ATM.
- Change PINs if someone leaves. When an employee is deactivated, their PIN is automatically disabled. However, if there is any concern that they shared their PIN with others, change the PINs of remaining staff.
- Audit PIN usage. Every transaction in Brother POS is tagged with the user who was logged in via PIN. Review this data if you suspect PIN sharing.
Manager Override PINs
Manager PINs serve a dual purpose: they log the manager into the POS, and they authorize restricted actions when a clerk is logged in.
How Manager Override Works
- A clerk attempts a restricted action (e.g., applying a discount).
- The POS displays a Manager PIN Required prompt.
- A manager or admin enters their PIN on the numpad.
- The action is authorized and logged under both the clerk (who initiated) and the manager (who approved).
- The clerk remains logged in -- the manager does not take over the session.
What Actions Require Override?
By default, the following actions require a manager PIN when performed by a clerk:
- Applying a manual discount
- Processing a return
- Voiding a sale
- Opening the cash drawer without a sale
- Price override on a line item
These can be customized in Roles & Permissions.
Bulk PIN Management
If you are setting up multiple users at once (e.g., during a new store launch):
- Create a list of users and their assigned PINs before starting.
- Verify all PINs are unique within the list.
- Create each user and assign their PIN.
- Distribute PINs to staff individually -- do not post a list.
For easy management, consider a simple system like assigning PINs in blocks: managers get PINs starting with 1 (1001, 1002, 1003), clerks get PINs starting with 2 (2001, 2002, 2003). This makes it easy to remember who has what range.
PIN vs. Password Summary
| Feature | Admin Panel Password | POS PIN |
|---|---|---|
| Used for | Admin panel login | POS register login |
| Set by | User (self-service) | Admin (on behalf of user) |
| Length | 8+ characters, mixed | 4 digits |
| Hashing | Secure hash | Secure hash |
| Self-reset | Yes (email reset) | No (admin must reset) |
| Timeout | Session-based | None (PIN entry on each action) |
| Uniqueness | Globally unique email | Not enforced (recommended unique) |
Common Workflows
Setting up PINs for a new store
- Create all user accounts with names, emails, and roles.
- Assign PINs to each user, starting with managers.
- Test each PIN by logging in to the POS.
- Distribute PINs to staff during the onboarding meeting.
Handling a suspected PIN compromise
- Immediately change the affected user's PIN.
- Review the audit trail for any suspicious activity under the compromised PIN.
- If sales or actions look unusual, flag them for investigation.
- Remind all staff of PIN security best practices.
Annual PIN rotation
- Schedule a PIN change day (e.g., first Monday of each quarter).
- Assign new PINs to all users.
- Communicate new PINs individually.
- Verify all staff can log in with their new PINs.
Troubleshooting
| Problem | Solution |
|---|---|
| "Invalid PIN" at the POS | Verify the PIN is correct. Check that the user is active and has a PIN set. |
| Two users seem to share a PIN | The system does not enforce uniqueness. Change one user's PIN to a different 4-digit number to avoid authentication conflicts. |
| Manager override not working | Verify the manager's account is active and has a PIN set. Check that their role has the needed permission. |
| PIN works but user sees wrong permissions | The PIN is correctly identifying the user, but their role permissions may need updating. See Roles & Permissions. |
| Forgot who has which PIN | Open the Users list. The PIN column shows whether a PIN is set, but the actual PIN value is not displayed (it is hashed). You will need to set a new PIN. |
What's Next?
- User Management -- Create and manage user accounts.
- Roles & Permissions -- Configure what each role can access.