QR Login

Logging in with
QR code

QR Login lets you access M-Board on any device — Smart TV, shared computer, or kiosk — without typing your password. Your trusted phone or laptop approves the session and sets how long it lasts.

What is QR Login?

There are two sides to every QR login. The requesting device is the one you want to log in on — it shows the QR code. The approver device is your trusted, already-logged-in phone or computer — it scans and approves. Your password never leaves the approver device.

Role	Device	What it does
Requesting device	Smart TV, shared PC, new device	Shows QR code + short code, polls for approval, logs in automatically when approved
Approver device	Your trusted phone or laptop (already logged in)	Scans or types the code, sets duration, clicks Approve or Deny

Requesting a QR Login

On the device you want to log in, open the M-Board login page and click Login with QR. The modal that appears handles the entire flow.

QR code generatesA unique QR code and a short code (e.g. A3F8C2) appear. The code is valid for 5 minutes. A progress bar turns orange below 2 minutes and red below 1 minute. If it expires before you scan, click Refresh QR to generate a new one.

Share the codeOn your trusted device, open Scan QR Login from the navigation menu. Point the camera at this QR code — or tap Enter Short Code and type the alphanumeric code shown below the QR.

Approver confirmsThe status banner updates: "QR scanned! Waiting for approval…" — then "Approved! Logging you in…" once confirmed. If the approver denies, you see "Login request was denied."

Automatic loginThe requesting device exchanges the approved token for a session and redirects to your dashboard. No password was entered on this device at any point.

The short code (≤10 characters, uppercase) is an alternative to the camera. Copy it with the Copy button and type it into the Enter Short Code tab on the approver device — useful when pointing a camera at the screen is impractical.

Approving a QR Login (Scan QR Login page)

On your trusted, already-logged-in device, go to Scan QR Login from the navigation menu or your profile. This is the QR Login Manager — it has two tabs and a scanner button.

Chain-session block: if you are currently logged in via a QR session yourself, the scanner is blocked and the page shows a warning. You must log out and sign in with your username and password on a trusted device before you can approve QR logins for others. This prevents a chain of delegated sessions from being exploited if one device is compromised.

When the scanner is available, click Approve New Device Login to open the 3-step scanner modal:

Scan QRTwo tabs: Use Camera (default) or Enter Short Code. The camera view shows an animated scan frame. Point it at the QR on the other screen — detection is automatic. If camera access is unavailable or denied, the app switches to manual input automatically. In manual mode, type the short code (6–8 characters, e.g. A3F8C2) or the full 64-character token, then click Verify Code.

Set DurationAfter a valid token is detected a request info panel appears: "A new device is requesting to log in as [Your Name]. Set how long this session should last, then approve or deny." Choose from preset options or pick Custom. Default is 1 hour.

Duration options: 15 min · 30 min · 1 hour · 2 hours · 4 hours · 8 hours · 1 day · Custom
Custom range: minimum 5 minutes, maximum 30 days (43,200 minutes). You can enter in minutes, hours, or days. The form validates live and blocks Approve if the value is out of range.

Approve or DenyClick Approve Login to grant the session — the other device logs in within seconds. Click Deny to reject it — the other device sees a denied message and you are redirected to the home page. On approval the confirmation shows the exact session expiry time.

Active Devices Tab

The Active Devices tab (default view on the QR Login Manager) lists every device currently logged into your account. Each row shows:

Device name / browser — the user-agent description of the session.
IP address — the IP the session was created from.
Last seen — when the session was last active.
Expires — for QR sessions, the exact expiry time.
"This device" badge — highlights your current session (no logout button shown for it).
"QR" badge — marks sessions that were created via QR login.

Click Logout on any row to instantly revoke that session. The device is signed out within seconds — useful if you left yourself logged in somewhere or suspect unauthorised access.

Past Sessions Tab

The Past Sessions tab loads on first click and shows a paginated audit log of all QR-related events on your account — 10 entries per page. Each entry shows:

Approved — a QR session you granted, with device details and duration.
Denied — a login request you rejected.
Logout — a session that was revoked (by you, by the user, or automatically on expiry).
Other events — such as scan actions and token creation.

Use this tab to spot unexpected activity — if you see approvals you didn't make, revoke all active sessions immediately and change your password.

Camera Permission

Camera access is requested only when you click Approve New Device Login. It is never requested in the background.
No image, frame, or video is ever uploaded or stored by M-Board. QR scanning runs entirely in your browser.
If you deny camera permission, the app automatically switches to Enter Short Code mode — no functionality is lost.
You can always use the short code instead of the camera — both methods are equally secure.

Logging in withQR code