OverviewEmployees can use the WebClock as a means of clocking in and out without a physical clock. The WebClock is simply a web page that can be opened up on any web browser. It differs from the physical clocks in that it requires a PIN/Login and a password.
In order to use the WebClock, it requires:
- The employee has a Login ID / Card Number setup in Employee Setup.
- The employee has a password in the Self-Service Password / Web Password field of Employee Setup*
- Web Clock Enabled is checked in Employee Setup
NOTE: There is also an option to Disable WebClock for the selected account. The Account Configuration page has a WebClock options section where you can turn the WebClock ON or OFF. In TimeWorks, this option is found in the Misc Settings page. If this option is checked, no employees will be able to use the WebClock, regardless of whether WebClock is enabled in Employee Setup.
- Login/Password Requirements
- Resetting the Initial Password
- Password FAQ / Troubleshooting
- Disabling WebClock
- WebClock 2.0
- Browser Compatibility
- IP Filter
- Clock Prompts
- Time Stamp
- WebClock Inconsistency
Password RequirementsIn addition to having a complex password for the Web Clock (see above), we do have additional conditions to which a password should conform.
- Password should be a minimum of 8 characters in length.
- Password needs at minimum, two distinct character types. For instance, an upper and lower case letter or lower case and numbers.
- Employees cannot use the same password that was set initially, nor can they repeat a password.
The method by which an employee changes their initial password would be by logging into the Employee Self Service. The Web Clock itself does not provide the option to change a password and an employee can use their initial password on the Web Clock until they choose to login to the ESS.
When an employee logs in to the ESS for the first time, it will force them to change their password. Once they have done that, they must login again with the new password.
IMPORTANT: It can take up to 10 minutes for the clock servers to update with the new password, so it is strongly recommended that an employee resets their password after they have clocked in, otherwise, the Web Clock may not recognize the new password.
How to tell if an employee has changed their initial password.
In TimeWorksPlus, when an employee is initially setup with a login and password, the password is not visible in Employee Setup. It only says, "Password has been set". Once the employee changes their initial password, that message changes to, "Password has been set and changed by employee".
TimeWorks will show you the employee's password in Employee Setup. This is because the employee does not have the ability to change their password in TimeWorks.
Can an employee reset their password if they forget their password?
In some cases, yes. TimeWorksPlus has an email field in Employee Setup. If the employee knows their login and has an email associated with their profile in Employee Setup, they can go to the Employee Self Service url and select the Forgot your password? link.
If they do not have an email or do not know their login, they will have to get a manager or a supervisor with Employee Setup access to reset their password. Once the password is reset in Employee Setup, the employee will once again have to login to ESS to change their password.
TimeWorks does not have the functionality to allow employees to retrieve a forgotten password. They will need to contact a user with Employee Setup access.
Do employee's need to change their passwords routinely?
No, once an employee has reset their initial password, they will not be prompted again to change their password. TimeWorksPlus users do have the option to change their password at any time through the Employee Self Service.
The first item to verify is that the employee's login and/or password in Employee Setup do not have trailing space. These are not easily noticed, but if the entry was made that way, it would cause issues when an employee login. Also remind employees that WebClock 2.0 does consider case sensitivity on the password.
Employees are receiving an "Invalid username/password" error when logging in.
If you have verified that the Card number field and Web Password are correct, then it could be that the login/password combination is identical to another timekeeping user.
Why this happens is that someone else could have created the exact username and password as your Client's employee. When doing this it invalidates both accounts access to the WebClock.
This commonly occurs because the Client's Employee Setup card field is created in a numerically ordered fashion (1,2,3,4) or using the last six digits of a SSN (i.e. Card Field: 000001, Card Filed: 000002, or Card Field: 251234) and they use the same digits for both their Card Field and Web Passwords. For example:
With something as simple as this, it is easy for duplicates to arise.
Note that it is also possible to inadvertently cause this problem if the same employee roster is imported into more than one client file in the same system. Sometimes this happens when a client stops using one account and begins using a new one. (We see this happen from time to time when a client changes management or payroll companies.)
The system does not check to see if this username/password combination has been used before and it does not read these entries chronologically to see who had it first when you enter it into Employee Setup.
The system just verifies its presence when a user tries to login using the WebClock and if it sees a duplicate it will deny access to both employees because it cannot distinguish which employee is logging in.
Another cause of this issue may occur when a client deletes an employee account and then re-adds the account. The system still saves the deleted data and just moves it to 'MC2 Test Account', our inhouse demo account, to conform to our policy of not deleting client data. If this is the case then the employee's card1,card2, and card3 fields must also be deleted out of the inhouse demo account (MC2 Test Account) and then the client's employee should be able to clock in without issues.
Using a more complex username or password combination should resolve most of these kinds of issues.
This means the initial password (in combination with the login) matches another timekeeping system and the employee will need to be given a more unique password before they can use the WebClock.
"Please ask your supervisor to give you a different password" displayed when using WebClock.
To prevent WebClock access for an individual employee, locate the Web Clock Enabled box in their employee setup and set it to "NO" or (uncheck the option in TimeWorks). This will allow the employee to access ESS with their designated Login/Password, but not be able to use the WebClock.
There is also an option to disable the WebClock for the entire account, regardless of the setting in Employee Setup.
In order to do this in TimeWorksPlus, locate Client Configuration in the Accountant Menu and select the Account Configuration tab. You can turn it off in the WebClock Options.
In TimeWorks, check Disable Web Clock in the Miscellaneous settings page.
- Adding more security. The password field for WebClock 2.0 is now case sensitive as opposed to the old WebClock.
- Allow more in depth tracking of employee punches made through the WebClock (to include the IP's using the "Web Clock Punch Audit" link on employees time cards).
- Allow for custom branding of the WebClock page.
- Fixing issues that occurred using the old WebClock page.
- Added features when handling clock prompts in the "Web Clock 2.0 Display Behavior" when a prompt is being created or edited. Like having the prompt not show on WebClock 2.0 but still show on a physical TimeClock or FlexClock.
The generic, unbranded link for WebClock 2.0 can be found here: https://payrollservers.us/webclock/
But there may be differences in the way our pages are rendered because of the differences in how competing web browsers operate.
Though in most cases our site should work with pre production versions of popular browsers such as browsers in beta or earlier states we do not advise this nor can we offer complete compatibility with our site.
We also advise using the latest production version web browsers that are compatible with your operating system (Windows, Apple OS, or Linux).
For most users, older versions of web browsers may function just fine but we cannot guarantee complete compatibility with all of our users if they do choose to use an older version web browser.
If you discover any issues that you feel may be related specifically to how our site works with your web browser, please report them to Support.
The IP address can be viewed in on the time card, but only if the employee uses WebClock 2.0. In TimeWorks, select Web Clock Punch Audit at the bottom right of the time card. In TimeWorksPlus, select Time Card Options and select Show Web Clock Punch Log.
Where to set the IP Filter
In TimeWorks, the IP filter is set in the Accountant Menu / Miscellaneous Settings.
In TimeWorksPlus, the IP filter is set in the Accountant Menu / Client Configuration / Account Configuration.
Both of those pages will have a section called WebClock IP Filter where you can enter the IP addresses that should be allowed to use the WebClock. Multiple IP addresses can be entered by using the + button to add a field for each IP. In TimeWorks, you can enter multiple IP addresses by separating them with commas.
Can I restrict WebClock use to a specific computer?
It's important to remember that the IP used for reaching the internet may be shared by multiple computers on a client's network. Many organizations have a public/external IP address that their network router assigns as a security measure. If you set the IP filter to that public/external IP, any computer using that router will be able to access the WebClock. In situations like this, it is not possible to restrict the WebClock to a specific computer since our system has no way of knowing which computer the employee is using, it can only see the IP address that is coming from the network router.
To get around this one would either set up a proxy server that machines on the network that need to be used to clock in/out on the WebClock are connected to or in some way allow the machines that need access to clock in/out on the WebClock direct access to the Internet and not through a Public IP. These and any other options would probably require the assistance of the clients local IT Department.
Another could be the employee has a VPN (Virtual Private Network) which means they can login to the network from a remote location like from home and be able to access the WebClock as if they were physically at a PC on the network.
How do I determine the ip address?
If you are unsure of the public IP that the network is using, you can go to http://www.whatsmyip.org/
Conversely, if your client is using a computer that has a private IP while the SwipeClock IP Filter uses a public IP, the computers with the private IP will not be able to use the WebClock.
You can allow more than one IP address through the filter. This is done by separating the addresses with commas.
Using Wild Cards in the IP address
The IP filter allows for wild cards to be used so that a range of IP's can be allowed access to the WebClock. The IP Filter is found in the:
- Account Configuration tab of TimeWorksPlus (located in the Client Configuration option of the Accountant Menu.
- In TimeWorks, it is found through the click path Accountant Menu > Miscellaneous Settings.
Note: the XXX's represent actual numbers (0-9) that would make up an IP for this article.
TimeWorksPlus & TimeWorksHere is an example of how a wild card can be used in an IP.
Other examples are:
Notice how a single asterisk can be used for multiple octets.
In addition, you can create a dropdown list for a Labor Code prompts. This is done when setting up the prompt. For the WebClock 2.0 Behavior choose Display Prompt on WebClock as a Drop Down Selection. You will also need to enter a comma separated restriction list in the Prompt List box.
The times on the WebClock are based off of two things.
First, our servers are set to atomic time in tune with the atomic clock located in Ft. Collins, Colorado. The server constantly pings (about once an hour) the atomic clock daily, so that our service time is as precise as possible.
Most of these time servers are all kept accurate to within 1 second of coordinated universal time, as maintained by an atomic clock.
Second, the time zone of the clients actual address.
If they have sites in multiple time zones it will sync to the time zone of the address their account is set up under.
This can be configured by going to Accountant Menu > Time Zones and from the drop down next to 'BASE TIME ZONE' selecting the time zone desired.
First you may want to try the following steps:
- Try deleting cache/cookies and running a Windows Update
- Check with your client's network admin and see if their is a Phishing filter that may be interfering with access to our site. This can be turned off in the browswer.
- Be certain employees aren't using an outdated link through a bookmark or, using WebClock 1.0. WebClock 1.0 punches do not show up in TimeWorksPlus.