How to Grant Developers Temporary Access to WordPress Site

“Great things in business are never done by one person.” – Steve Jobs

Even though you’re a WordPress expert, you won’t be able to handle every aspect of your website without help from others. You need a copywriter to create content or a designer to build gorgeous landing pages.

And you definitely want developers to build and maintains the core structure of the site beforehand too. They also assist you in fixing the site when errors happen.

To achieve that, you have to grant them admin access so they can make changes there. Creating a temporary account and letting developers edit the website from the backend are ideal.

You may be surprised by how easy it is to add a new user account for your WordPress developers. Reasons for giving them temporary access to your site will also be brought forward too.

Should You Give Your Web Developers Your Username and Password?

When it comes to outsourcing development tasks or hiring a freelance developer, you shouldn’t give them your admin account. This can expose your site to unnecessary risk.

Since you’ve never known about them, it’s uncertain that they won’t steal your information for bad purposes or ruin your site. Plus, some admins use the same usernames and passwords for multiple platforms like a bank or social media account. Granting them your real admin account can let ill-intentioned people log in and do bad actions.

If you create new accounts for them, you need to delete them after they complete their job, otherwise, these inactive credential information may hang out somewhere on the internet. More importantly, they become security vulnerability holes for hackers to attacks the site.

How to Give Developers Access to Your WordPress Site

As mentioned above, you should create a temporary user account for your developers instead of sharing with them your personal username and passwords.

WordPress makes it simple to add new users to your site. Besides adding an unlimited number of accounts, you also have full control over who should access which areas or when they will be removed. The following guide will show you how to do that with ease:

  1. Log into your WordPress admin dashboard
  2. Head to the UsersAdd New section
  3. Input necessary information including username, email, first name, last name, etc.
  4. Decide a role for the new user
  5. Click the “Add New User” button.

pda-add-new-users

Hit Show password to generate a password for your developer. WordPress will create a random password automatically. You can replace it with your own password. However, we recommend you send this one to developers and let them reset their own passwords.

The “Send user Notification” checkbox enables you to notify a user of his new account via email.

There are many different default roles you can assign to your developer. Each comes with a set of capabilities so you can manage what they can do on your site.

WordPress User Roles and Permissions

  • Administrator: The most powerful user role on WordPress. Admins have the highest level of permissions on the websites that can add new or delete users, create and delete posts, and install plugins and themes. That explains why developers need admin access. Otherwise, they find no ways to help you develop your site.
  • Editor: Can see and edit the content sections on WordPress site only, such as Media, Pages, Posts, and Comments. They’re able to publish, edit, and delete posts, as well as approving comments. It’s possible for them to see the content of all authors who have lower permission levels. Unlike admins, they can’t install or remove plugins and themes from your site.
  • Author: Have the capability to create and publish new posts. They’re allowed to create new pages but submit them for review only. Posts from other authors won’t be visible to them from the backend.
  • Contributor: Can add new posts without publishing them. You should assign this role to guest bloggers as they have to submit their posts for reviewing before seeing them live on the site.
  • Subscriber: Access their own profiles only. They can do nothing except logging in for reading a post or leaving a comment.

How to Manually Delete the Account

Once finishing tasks or stopping working with your company, developers shouldn’t reaccess your WordPress site under admin users, unless you both want to move on to an ongoing relationship. To make sure of this, you should delete their accounts permanently.

The 5-step guide below will show you how:

  1. Go to UsersAdd Users from your admin dashboard
  2. Hover over the user that you want to delete in the list
  3. Click Delete

pda-remove-wordpress-users

There are a few things you need to watch out for before taking out a developer from your system.

  • Once you delete a user, all their work or content will be removed too. So you should remember to attribute their content to another user.
  • You have to always review your FTP accounts area in cPanel to check if anything weird happens.
  • It’s unnecessary to grant them access to your domain registrar account.

Give Developer Temporary Access to Make Sure Your WordPress Site Security

Developers play a key role in creating and maintaining your website development. In-house developers should always have admin access to your site. In case you hire freelance developers, it’s important to provide them with temporary accounts and removing them after the work is done.

WordPress makes it simple for you to add a new user to your sites under different roles and their corresponding permissions. We recommend assigning developers admin access so that they can have full access to your site. As a rule of thumb, you need to manually delete these users to reduce inactive accounts and limit security risks in the future.

Still have a question about how to temporarily grant developers access to your WordPress site? Let us know in the comment section below.