Here are some bad examples that you should consider:
If someone updated the wrong record in your DB you wouldn’t be able to audit it.
If anyone deleted all the records in the DB you wouldn’t know who did it.
If anyone has access to the ID/Pwd they could do anything since it’s shared.
If anything bad/unexpected happens you won’t have security recourse.
Just a sampling of why user security should be enforced.
My use case is simple in the functionality that will be able to be achieved, in a nutshell, it’s as simple as viewing an order and marking it as complete.
So I don’t foresee most of the issues you’ve pointed out, other then the accessibility through the sharing of the same ID/Password.
Having said that, you’re right in that having individual accounts for login would be a much better option.
How can I implemented a system whereby a user can simply login by entering a 4-digit pin?