How to Safely Give Access to Your WordPress Site
Getting some help with your WordPress website? If you’re hiring a designer, developer, SEO expert, content writer, or anyone else to do some website work for you, you’ll need an easy way to give them access to WordPress – without just emailing your password off into the abyss. Here’s what to do.
It’s a bit awkward, isn’t it? Your web developer needs access to your WordPress dashboard, but you feel weird about giving them your personal username and password. Especially if you use that same password for Netflix, PayPal and eleven other accounts (hint: don’t do that 🙈).
It’s ok – we’d feel funny about accepting your personal details too. Luckily, there’s a better way.
How to Securely Share Access to WordPress
The best way to securely give someone access to WordPress is to create them an Admin account of their very own. It’s easy to do and WordPress will send the login information with a link to set their own password.
This way, they get the high-level access they need while you keep your own account secure. Plus, you can easily delete the extra account at the end of the project if needed.
The other benefit of this method is that WordPress lets you create as many users as you need. So if you have a developer, a virtual assistant and an SEO whizz who all need access, you can give them all their own accounts. Nice and neat and secure.
How to Add a New User in WordPress
Here’s how to give admin access to your WordPress site securely without sharing login details:
- Login to your own WordPress account at yourdomain.com/wp-admin
- In the left hand menu, go to Users > Add New. This will take you to the Add New User screen.
- Enter a username for the new user. This can be their name, email or something else. But keep it specific to that person, to discourage people from sharing logins.
- Enter the user’s email address. This is where they’ll receive their login details.
- The fields for First Name, Last Name and Website are all optional, so fill those in if you like. Leave the Language field as Site Default, unless you have reason to change it.
- It’s best practice to allow WordPress to generate a password. The new user can change this anyway.
- Check the checkbox for Send User Notification. This ensures that WordPress automatically sends them their account link.
- In the Role dropdown menu, select the role they need. For your designer or developer, they’ll need to be an Administrator. For other people such as content writers, see the explanation of user roles in the box below.
- Click Add New User. The new user will now get an email allowing them to securely set their own password.
How to Delete a WordPress User Account
If you’ve got a long-term WordPress developer, writer or VA relationship, you can leave the account open for them for as long as you need. But for ad hoc projects where the person won’t need access again, you can simply delete their account once the work is done.
To do this, go to Users > All Users. Hover over the user you want to delete and click the red Delete option. You can do this for any user except yourself.
If your user has created any posts or pages, you’ll be asked if you want to delete them or attribute them to another user. if you don’t want to lose them, make sure you choose another user to assign them to, otherwise they’ll be deleted.
And in case you’re wondering, the person won’t get an email telling them you’ve deleted their account.
How to Reset a WordPress User’s Password
If one of your users has lost their password, you can easily reset it. Go to Users > All Users and hover over their username. Some options will appear, and you simple click on the link to send a password reset.
WordPress User Roles and Access Permissions
Whenever you create a new WordPress user, you can set a role for them, according to the level of access they need. There are five default WordPress user roles: Administrator, Editor, Author, Contributor and Subscriber, with decreasing permission levels.
The description box below provides details on what each role can and can’t do.
- Administrator: The Administrator role is what you’ll have if you created the site or are the site owner. It’s the most powerful user role on WordPress and has complete access. Administrators can create and delete posts, install themes and plugins, and create/edit/delete users. If you’re working with a web designer or developer, they’ll need to be an Administrator. (They won’t be able to access your hosting or domain details from within the WordPress dashboard.)
- Editor: The Editor role only gives access to the content sections of WordPress. Editors can create, edit, delete and publish content and they can moderate comments. They can’t do higher level tasks like installing plugins, editing themes or updating WordPress.
- Author: The Author role has less control than Editor, and can create and publish new posts. Authors can also edit and delete their own posts, but they can’t edit or delete other users’ posts. Authors can also create categories and can see new comments, but they can’t moderate comments.
- Contributor: The Contributor role is similar to the Author role, but more limited. Contributors can’t actually publish any posts, not even their own posts. They also don’t have access to the Media Gallery, so they can’t add images.
- Subscriber: The Subscriber role is primarily for website visitors who need to sign in, e.g. to read a post or leave a comment. Subscribers only have access to their own profiles and can’t access the WordPress dashboard or make any changes to your website.
This article covered how you can safely and securely give someone access to your WordPress account – without sharing login usernames and passwords.
Looking for help with your website?
I’m a WordPress developer who loves helping small businesses grow their online presence with great looking websites.
Want a new website or to overhaul an existing site? Got a broken WordPress site that’s driving you crazy?
Just let me know what you need and I’ll be happy to help!