How to edit users and reset passwords
After a user is created, day-to-day administration is editing (role changes, contact updates, deactivations) and password operations. HotelBee splits these across the user profile (two tabs) and the login screen's Forgot Password. Three password paths exist: a user changes their own from the Security tab, an admin resets someone else's from the same tab without needing the old password, or the user does it themselves via Forgot Password if they're locked out and the admin isn't around. This article walks each one.
Editing a user
- Backoffice → Users. Click the user you want to edit. The profile opens full-screen with two tabs: General and Security.
- On General, edit any of the fields below. Username and the avatar header are read-only — they're the user's permanent identifier.
- Click Save. Changes apply immediately; the user sees them next time they refresh.
What's editable on the General tab
- Display name — the friendly label shown across the UI. Change freely without affecting login.
- Email — destination for password resets and notifications. Keep current; if it's wrong, the user can't recover from a forgotten password.
- Language — the user's preferred UI language.
- Role — promotes or demotes the user. Changing from Waiter to Manager (or vice versa) flips the entire permission set; the user sees a different navigation on next refresh.
- Operator code — fiscal cashier identifier. Only appears if the property is fiscal-configured. Format: aa123bb456 (lowercased, validated).
- POS points — multi-select of which sales stations the user can sell from.
- Color — avatar tint, helpful when scanning lists or shift dashboards.
- Status — ACTIVE or DEACTIVATED. See the deactivation section below.
Changing your own password (Security tab)
- Open your own user profile (Backoffice → Users → your row, or the profile shortcut from the user menu).
- Click the Security tab.
- Enter Old Password (current), New Password, Confirm Password.
- Save. The system rejects the change if the two new passwords don't match ("passwords does not match").
- On success, you see a confirmation. The new password takes effect immediately on next login.
This flow requires the user to know the current password — which means it's only useful for users who are logged in and just want to rotate their password. For users who've forgotten, the admin can reset for them (next section) or the user can self-reset via email (section after).
Admin resetting another user's password
When a user is locked out and you have the right permission, you can set a new password for them directly — no old password required, no email round-trip needed. Useful for waiters who forgot their PIN-equivalent password mid-shift, staff without easy email access, or any time the self-service flow would be slower than just calling the manager over.
- Backoffice → Users. Open the user's profile.
- Click the Security tab.
- Enter the new password and confirm it. The Old Password field is not required when an admin is resetting on someone else's behalf.
- Save. The new password takes effect immediately on the user's next login.
- Hand the new password to the user out of band — in person, or over a secure channel — and ask them to change it themselves on first login (Security tab, with the new password as the old).
The reset action is permission-gated. Roles without password-reset permission won't see the option to set a new password without the old one. If you don't see it, your role lacks the access — talk to whoever manages roles.
Resetting a forgotten password (self-service via email)
When a user has forgotten their password, they reset it themselves from the login screen. The admin's role is to make sure the user has a valid email on file and an ACTIVE status — beyond that, the reset is in the user's hands.
- On the login screen, click Forgot Password.
- Step 1 (Request): enter your username, click Send Code. The system finds your user, looks up your email, sends a verification code there. The dialog confirms with a masked email (e.g. "j***@example.com") so you know which inbox to check.
- Step 2 (Verify): enter the code from the email, plus your new password twice (eye icon shows/hides). Click Reset Password.
- Step 3 (Success): a confirmation appears. Click Login and use the new password.
Errors and what they mean
- invalid_username — that username doesn't exist. Typo, or wrong tenant.
- no_email_configured — the user has no email field set. Admin must add one before reset can work.
- user_not_active — status is DEACTIVATED. Admin re-activates first.
- invalid_reset_code — wrong code or already used. Click Back and request a fresh one.
- reset_code_expired — code timed out. Codes are short-lived for security. Request a new one.
Choosing between admin reset and self-service
Both paths get the user back in. Pick based on context:
- Admin reset — fastest. Right when the user is in front of you (waiter at the POS, receptionist at the desk), or on the phone with the admin. No email needed, no waiting for a code.
- Self-service Forgot Password — right when no admin is around (off-hours, remote staff, busy night). The user controls the new password from the start.
- If self-service fails because the user has no email or is DEACTIVATED, the admin still has to fix the underlying issue first. Confirm email is correct + status is ACTIVE before telling the user to retry.
- If self-service email never arrives, check the email-sending settings (Settings → Integrations → Email) and the property's send logs. Most common causes: misconfigured SMTP / sender address, or the user's mail provider classifying the system message as spam.
Deactivating a user (when someone leaves)
- Edit the user. Set status = DEACTIVATED. Save.
- If they're currently logged in, click Terminate to force-end any active sessions. They lose access immediately.
- Don't delete the user. Their history (orders processed, invoices issued, payments collected, fiscal IDs) stays linked to the account — deleting would orphan those records and break audits.
- If they come back later, edit, status = ACTIVE, save. They can then either log in with their old password (if they remember) or use Forgot Password to set a new one.
Terminating a session (without deactivating)
On the General tab, the Terminate button (permission-gated, users: terminate_user_session) force-ends the user's active sessions. Use cases:
- A waiter forgot to log out of a tablet that's now needed by the next shift.
- Suspected credential compromise — kick the session, then have them reset the password before reactivating.
- User reports a stuck UI — terminate to force a clean re-login.
You cannot terminate your own session this way; do that with normal logout.
Frequently asked questions
Was this helpful?
Related articles
How to add users and roles
Roles define permissions; users get assigned a role. Set up roles once, create users many times.
Property Management SystemHow to split a folio (one stay, multiple invoices)
Route lines to multiple folios → issue separate invoices at check-out. Common payer-split patterns.
Property Management SystemHow to do the night audit
Daily close — payments by method, orders, reservations, PDF export. Catches errors same-day.
Property Management System