Log In With “Editor” and not “Admin” A simple security measure to protect your website

With WordPress, there are various user levels and each level grants specific access to your website.

As a website owner, you naturally want "admin" access so you can access every corner of your website. However, logging in regularly with this login is not encouraged.

Limiting the fallout

What's worse, a hacker gaining access to your website with a limited "Editor" login or getting full access with an "Admin" login? We all know the answer.

Keeping a good practice to login to publish posts and pages with the Editor login allows you to take one step closer to keeping your install protected.

Saving admin in a secure place

All logins should be kept in a safe place. That safe place does not mean a post-it note on the inside of our desk.

Use a password manager like LastPass.com or OnePassword.com to save logins in an encrypted database. These managers can pre-populate login fields (and won't get erased like those saved in the browsers).

When to log in with Admin

Consider logging in with your Admin level login when you update your website or need to change admin level settings.

Do not give out your Admin login to anyone, but rather create them a new user account with the giving permissions they need to access your website.

Educate yourself on the user levels of WordPress by reviewing the codex here: https://codex.wordpress.org/Roles_and_Capabilities. This will save you any future headaches in knowing who has access to what within your website.

 

Protect your investment in only 10 minutes, free download of the 10 easy items you can do to secure your website

{{alt_text}}