This is a handy suggestion and I’m sure there would be other breweries that would benefit from this. I will make sure to update you if there are any developments with this and if anyone else would find this useful, please vote using the button above.
The other option would be a quick change between profiles that perhaps required a 4 digit pin. i.e select your profile from drop down and enter 4 digits not much different to unlocking a phone. This would help us in the brewery where there is a shared laptop we all access. Therefore all actions end up under the brewers login!
Thanks everyone, we can really see the benefit of this. Knowing who did what is so important for accountability. This is something at the heart of Breww already, but it only works if each person uses their own user account, of course!
From a technical point of view, John’s suggestion of a way to quickly switch users is far simpler to implement than adding a user-selection box to hundreds of places within Breww, so this would be our preferred approach.
One concern that we’d need to ensure was satisfied is helping you keep your account data safe. Allowing users to log in with less information than currently must not pose a risk to your account’s overall security. If this was simply a user-switching tool when a user is already logged in (and only for users of the same brewery), this would go a long way towards keeping people who shouldn’t have access out. We’d welcome everyone’s thoughts on the following points:
Would all users be able to be “swapped to” with a pin, or would you only want a subset (e.g. not admin users who can manage other users)?
Would a 4 or 6 digit numeric pin be enough? It would be very simple for another user to watch someone entering their pin and then impersonate them later. A more secure approach, for example, would be for us to send the user an SMS/automated phone call to a pre-configured phone number, with a one-time pin to allow them to swap accounts. This would be a more cumbersome process for the person, so they may be less likely to actually go through the user switching process which would defeat the point of the feature altogether. Maybe this is something each brewery can decide on (simple per-user pin vs SMS one-time pins).
If the SMS/call approach was to be used, we would likely have to charge a small fee per login if this process was used as SMS messages/phone calls are not free (unlike how most UK mobile networks present them). I’d anticipate this to be in the region of 5p per user account switch.
Please let us know your thoughts on the above.
P.S. John, don’t worry we haven’t forgotten that you asked for this a while back (before we had this section to the community)
For us a subset. Head brewer, head of packaging, sales etc all have their own login. Its the “brewery assistant role” who would have limited access (racking, delivering etc) and need to differentiate between users.
We don’t really have any concerns about people impersonating others. At the moment we just initial paperwork, and they could always put someone else initials. a pin is fine and quick. Def not sms! we have no signal in the brewery!
Definitely pin rather than sms as that will be too cumbersome. As ben says currently its paper based so anyone can impersonate if they want to. Obviously its only people working at the brewery and for us I wouldn’t be concerned about the security. I would agree that the user must be logged in on that device before they can use the quick switch function. I wouldn’t want to stop admin users being able to use the quick switch function as for instance I work in the brewery and need to switch between my brewers and my account and I would want to use the quick switch function. However I don’t know if its technically feasible but if I use the quick switch could it then require my full password before I could enter the admin areas. That would mean in order to carry out day to day tasks in the brewery I could use the quick switch but it tightens the security around the admin processes if someone was to get hold of my pin.
Thanks, John. Requiring a password to get into some areas of Breww certainly would add some complications as at the moment a user is either logged in or they’re not. Adding a third state of “logged in, but not for admin stuff” would be a significant change. I’m not saying that we couldn’t do this, but it would maybe be a “phase 2” of this.
Would you feel that not only should there be a quick user switch, but there should also be a way to “lock” the device and force another user to log in (with their pin) before they can use it? This would mean that when you’ve finished you can in effect log off and before the device can be used again, another user would need to log in. Technically, this couldn’t be the normal log off as the user switch would require a user to be logged in already in order to authorise the device to allow a quick user switch with a pin (if this makes sense).
Thanks everyone for your feedback on this idea already, it’s really helpful to make sure we build the right solution
That would be a great idea of just being able to lock the device so that the pin is required to unlock. Agreed this is not log out just a lock device. You could even have a setting allowing for it to lock after certain amount of time like a phone does. That may need to be able to be switched on or off as not all breweries will want the auto lock. If we did have the ability to lock device then not worried about the admin user bit as I can just lock out when I’m done.
A user switch is a great idea. Even as a small brewery, within the brewery despite everyone having their own accounts, 90% of the time the one PC in the brewery is logged in under the same person. They never log in or out. It then becomes a heart ache trying to find out who needs some training on Breww when you identify data input errors. A pin would work fine as again no signal in out brewery.