CodeB Identity Solutions
Home  /  Industries

Three industries. Three different reasons the password tile has to go.

CodeB is not a horizontal SaaS. The product line was shaped by years of work in clinical environments, on manufacturing floors, and inside regulated office environments — places where Windows logon is operational infrastructure, not a checkbox.

What's hard here

Clinical staff sign in and out dozens of times a shift. Passwords get written under keyboards. Shared accounts make access-trail reconstruction impossible. The contactless and PKI cards your hospital already issues can serve as logon tokens, but typically aren't wired into Windows out of the box.

How CodeB is deployed

Ward roaming workstations

NFC tap to log in, second tap to lock. Sessions follow the clinician across the ward via standard Windows roaming profiles or VDI.

NFC Active Directory RDP forwarding

Hospital PKI logon

Existing hospital-issued PKI cards used as X.509 logon tokens, no separate issuance needed. Card-present sessions sign clinical documentation per eIDAS rules.

X.509 PKI eIDAS Qualified signature

Pharmacy and lab terminals

USB-token logon for shop-floor-style lab benches where NFC readers are impractical; tied into the audit pipeline alongside the clinical environment.

USB token Audit pipeline

What's hard here

OT environments tolerate very little disruption. Updating Windows is a quarterly event, not a Tuesday. Operators wear gloves; touchscreens are clumsy; cards get lost. Yet NIS2 and customer audits now demand individual attribution of every action that touches the MES.

How CodeB is deployed

MES operator stations

Hardened USB-token logon at line-side terminals. Tokens are sealed inside operator wristbands; a missing token automatically locks the station.

USB token Auto-lock NIS2

Engineering and CAD workstations

PKI smartcard logon with code-signing certificate slots, locked-down RDP into engineering VDI for off-site contractors.

X.509 PKI RDP forwarding Code signing

Quality and changeover booths

Tap-and-go NFC for fast shift handovers, with TOTP as a second factor where the supervisor approval flow requires one.

NFC TOTP Step-up MFA

What's hard here

Office environments are heterogeneous: laptops on the road, desktops on-prem, Azure Virtual Desktop for contractors. Auditors expect cryptographically attributable logon — but most environments still rely on a password and a SMS code, both phishable.

How CodeB is deployed

Hybrid laptop deployments

Entra-joined laptops with PKI smartcards in the secure element; a TOTP app as a backup when the card is forgotten at home.

Entra ID PKI TOTP

AVD and remote contractor desktops

Smartcard channel forwarded over RDP into Azure Virtual Desktop with a KDC proxy, so contractors authenticate without ever holding a domain password.

Azure Virtual Desktop KDC proxy RDP forwarding

Reception kiosks and meeting-room screens

NFC tap from a visitor pass or staff card to release the kiosk session; everything logged into the same audit pipeline as the office environment.

NFC SIEM ingestion

Doesn't quite fit one of these?

The product line is built on standards — Windows credential providers, X.509, OIDC, ICAO 9303. If your environment runs Windows, CodeB very likely already has a deployment pattern for it.

Tell us about your environment Browse products