How to Add a Temporary Administrator to Your WordPress Website

Spread the love

If you ever require the assistance of WordPress management services or the support of your theme/plugins developers, they may ask for administrator access to your WordPress website.

What do you do then? Send them your personal administrator username and password? Right? Wrong!

Never ever give anybody your own admin details!

This is how you add a temporary administrator account for your WordPress website using the premium iThemes Security Pro plugin:

First, install the iThemes Security Pro plugin. This is one of the best security plugins available and you should have it installed and configured already.

If not, you can purchase the plugin from iThemes. After you've purchased and downloaded the plugin to your computer, click on Plugins | Add New and click Upload Plugin. Then click Browse and search the downloaded plugin file on your computer and click Open. After the plugin is installed click Activate Plugin.

Click on Users | Add New. Fill in the necessary details as needed for the temporary administrator account, but set the role as Subscriber. Click the Add New User button.

wordpress-new-user

After the plugin is installed and configured, click Security to go to the plugin's settings. Then in the Privilege Escalation section click on the Learn More button.

wordpress-privilege-escalation

Click on the Configure Settings button and then click Enable. You'll be instructed to go to the Users page and edit the account we just added earlier. Select Administrator from the drop-down menu, and how many days this particular account should have administrator rights on your website. Finally, click Update User.

wordpress-new-administrator

After this, you can send those user login details to the support personnel/developer who needs them. Just make sure to inform them of the timeframe you just set for these temporary administrator privileges, so they know to do the job in time.

NOTE: Never send login details (or any sensitive information) in a plain-text email. That is not a secure communication method. Instead, use encrypted email or some other encrypted, secure channel.

After the work is done on your website, you can delete that user account, or leave it for future needs. And if you happen to forget to delete it, that user account will be automatically demoted to Subscriber status after the time you set has elapsed.