Skip to Content

HR TOTP Attendance

by
Odoo

99.99

v 19.0 Third Party
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Attendances (hr_attendance)
Discuss (mail)
Employees (hr)
Lines of code 280
Technical Name hr_wallet_attendance
LicenseLGPL-3
Websitehttps://digitaljunkies.ae
You bought this module and need support? Click here!
Availability
Odoo Online
Odoo.sh
On Premise
Odoo Apps Dependencies Attendances (hr_attendance)
Discuss (mail)
Employees (hr)
Lines of code 280
Technical Name hr_wallet_attendance
LicenseLGPL-3
Websitehttps://digitaljunkies.ae

HR TOTP Attendance

Replace kiosk PIN with Google Authenticator to prevent buddy punching

The Problem

Static PINs are easily shared between colleagues. An employee can give their PIN to a friend who punches in on their behalf — buddy punching costs businesses an estimated 2–5% of gross payroll every year.

The Solution

This module replaces the standard attendance kiosk PIN with a time-based one-time password (TOTP) generated by Google Authenticator, Microsoft Authenticator, or any RFC 6238-compliant app. Each code is valid for only 30 seconds and requires physical possession of the employee's phone.

Key Features

Seamless kiosk integration — works with Odoo's built-in attendance kiosk, no separate screen needed
One-click enrolment — generate a QR code on the employee form, scan with any authenticator app
Mixed mode — TOTP-enrolled employees use authenticator codes; others keep using standard PIN
Instant revoke — disable an employee's kiosk access with a single click
Enrolment email template — send setup instructions to employees automatically
Audit trail — tracks enrolment date and last kiosk scan per employee

How It Works

1 Generate — HR clicks "Generate Setup QR" on the employee form
2 Scan — the employee scans the QR with Google Authenticator
3 Confirm — HR clicks "Confirm Enrolment" to activate kiosk access
4 Check in — employee opens their authenticator app, types the 6-digit code at the kiosk

Requirements

  • Odoo 19, 18, or 17 (Community or Enterprise)
  • Python libraries: pyotp, qrcode, Pillow (add to requirements.txt for Odoo.sh)
  • Any TOTP authenticator app (Google Authenticator, Microsoft Authenticator, Authy, etc.)
  • Enable Use PIN in Attendance > Configuration > Settings

Technical Details

Uses the industry-standard TOTP algorithm (RFC 6238) — the same technology behind two-factor authentication at Google, GitHub, and every major bank. The pyotp library handles all cryptography. Codes are validated server-side with a ±30-second tolerance to handle minor clock drift.

Developed by Digital Junkies FZ-LLC • support@digitaljunkies.ae

Please log in to comment on this module

  • The author can leave a single reply to each comment.
  • This section is meant to ask simple questions or leave a rating. Every report of a problem experienced while using the module should be addressed to the author directly (refer to the following point).
  • If you want to start a discussion with the author or have a question related to your purchase, please use the support page.