# How to manage kiosk PINs **For:** Manager (for resets); Shift worker (for self-change) **You'll need:** The employee whose PIN you want to manage. Each employee has a personal 4-digit PIN stored on their {{ app_name }} membership. It's used only at the kiosk — not for the regular login. Three ways a PIN gets set or changed: ## Auto-assigned on invite When you create a new Person (under **Company → People**), {{ app_name }} generates a fresh 4-digit PIN for them automatically. The plaintext PIN is shown **once** on the person-create success page. ```{warning} Hand the PIN over in person, on paper, or via a secure channel. {{ app_name }} cannot show it again — the next time you (or anyone) needs it, it has to be reset. ``` ## Self-change by the employee The employee changes their own PIN under **Account → Settings → Change kiosk PIN** (or the `/kiosk/pin/change/` URL): 1. **'Current PIN'** — what they have now. Leave blank if they've never had one. 2. **'New PIN'** — four digits. 3. **'Confirm new PIN'** — the same four digits. If they get the current PIN wrong too many times, the form is rate-limited for 15 minutes. ## Manager reset When an employee forgets or loses their PIN, a manager resets it. 1. In the left sidebar, go to **Company → People**. 2. Open the person. 3. Click **'Reset kiosk PIN'**. 4. The new plaintext PIN is shown **once**. Hand it over the same way as the initial PIN. ```{note} Resetting overwrites the old PIN — there is no "see the existing PIN" option. Hashed PINs are stored one-way; even the database can't show plaintext. ``` ## Why 4 digits? A trade-off. Longer PINs are slow to type on a busy floor; shorter PINs are too easy to guess. Four digits with rate-limiting (5 wrong tries / 15 min) gives an attacker effectively no chance to brute-force, while still being fast for the worker. If you need stronger guarantees for a specific role, don't give that person a kiosk PIN — they can clock in via the normal timesheet UI from a personal device. ## Related - {doc}`daily-use` - {doc}`add-a-device`