Using PINs in WebPAC

Patrons create their PINs in WebPAC. The PIN requirements differ depending on the Sierra version.

Sierra 4.2 and Later
PINs are case-sensitive Unicode characters with maximum length of 64 characters. PINs created in previous releases will behave according to the PIN restrictions listed below for Sierra 4.1 and earlier.
Sierra 4.1 and Earlier
PINs can be up to eight alphanumeric characters; special characters are not supported. PINs are not case-sensitive.

Although you can enter more than eight characters when creating a PIN, only the first eight characters are stored in the patron record and are used to identify the user during authentication.

Patron PINs must also satisfy the following requirements:

If the user enters a trivial PIN, the system displays the following error message:

Your PIN is not complex enough to be secure. Please select another one.

Sierra blocks access to the patron account after too many failed login attempts as follows:

When the patron fails to validate, the system returns a generic error message and does not specify if the validation failed on name, barcode, or PIN.

Creating PINs in the WebPAC

To create a PIN in the WebPAC for a patron account that has no PIN:

  1. Click Login. The Login Form displays.
  2. In the Login Form, enter in the appropriate fields the user name and either the library card number or patron ID number. Leave the "Enter Your PIN" field blank.
  3. Click Login. WebPaC displays a new Login Form with the message, "Please enter a new PIN."
  4. Re-enter the username and library card number, and enter a new PIN in the "Enter Your PIN" and "Enter Your PIN Again" fields.
  5. Click Login.
For systems using Innovative's Integrated Login feature, see The ipsso.xml File for information on configuring the Login Form.

Resetting PINs in the WebPAC Using the View Your Patron Record Display

Patrons who are logged in to the WebPAC can reset their PINs from the Patron Record Display. Clicking the Modify PIN displays the newpin.html Web form pop-up window. For example:

The "Modify PIN" button is controlled by the <!--{modifypinbtn}--> token on the Patron Record Display Form.

Resetting PINs in the WebPAC Using the Patron Verification Form

SAML-based authentication has a similar process for resetting PINs, but does not use the Web forms below.

Patrons who are not logged in to the WebPAC can reset their forgotten or compromised PINs by selecting the Forgot your PIN? link on any patron verification form. For example:

The link enabling patrons to reset their PINs is controlled by the <!--{pinresetrequest}--> token, shown above. Clicking the link displays the Request a PIN Reset form. For example:

From this form, patrons enter a non-PIN validation. You can customize this form by editing the pinreset_request.html Web form.

If the patron successfully validates, WebPAC displays the PIN Request Confirmation form. This form's display is controlled by the pinreset_request_success.html Web form.

The system also sends an email to the patron's email address with an informational message and a URL to the Reset PIN form. For example:

The library received a request to allow you to reset your Personal Identification Number (PIN)
used to log in. If you did not place that request, please ignore this message. Your PIN has
not changed. Otherwise, please click the link below to choose a new PIN.
http://lib.cat.edu/pinreset~S2?info=b763c0ad96a2b9c3f99f3c81276c52269bf7f302a0565e93f0b
429d32e28ecaed6f6f11f4a49caa1
This link is valid for 3 hours from the time of your request.

Email properties are controlled by the PIN_RESET_EMAIL Web option and the pinreset_email.html customizable Web form.

From the link in the notification email, users can access the Reset a PIN form. For example:

From this form, the system prompts the user to validate against the patron record again. The system matches validation against the patron record and the validation entered on the Reset PIN form before resetting the PIN. The form's display is controlled by the pinreset.html Web form.

Setting Up Reset a PIN Functionality

To enable WebPAC to allow patrons to reset their PINs, complete the following system configurations:

  1. Set the PIN_RESET Web option to "true".
  2. Set the PIN_RESET_EMAIL Web option using valid system email addresses.

    The PIN_RESET_EMAIL controls the subject line, the From: address, and the Reply To: address in the system-generated email. The From: address is required. You can customize the body of the notification email by editing the pinreset_email.html Web form.

  3. Add the <!--{pinresetrequest}--> token to any appropriate patron verification forms on your system.
  4. Customize your ICON_PIN_RESET Web option, as needed.
  5. Customize the following Web forms, as needed:
  6. Customize your Users Messages Configuration file, as needed.