Skip to content
English
Contact us
  • There are no suggestions because the search field is empty.

Setting Up Access for Your WordPress Website

Step-by-step guide to providing safe admin access for our team.

To ensure effective collaboration and maintain the security of your digital assets, please follow these detailed steps for providing administrator-level access to your WordPress site:

1. Creating a New Administrator User in WordPress

  1. Log in to your WordPress dashboard using an existing administrator account.
  2. In the left-hand menu, navigate to Users > Add New.
  3. Complete the form:
    • Username: Use a unique, secure name such as evolveadmin or similar.
    • Email: Enter the collaborator’s email address.
    • Password: Generate a strong password using a reputable password manager, or click “Show Password” to customize.
    • Send User Notification: Check this if you wish the new user to be notified via email.
    • Role: Select Administrator from the dropdown menu.
  4. Click Add New User.
  5. Confirm that the account was created by navigating to Users > All Users and ensuring the new user appears with an Administrator role.

2. Enabling Two-Factor Authentication (2FA)

2FA is a critical security measure for all admin users.

  • Plugin Installation:
    From your dashboard, go to Plugins > Add New. Search for plugins like Wordfence Login Security or Google Authenticator. Click Install Now and then Activate.

  • Configuration:

    1. Access the plugin’s settings from the sidebar or under the “Users > Your Profile” menu.
    2. Look for the option to enable 2FA. Follow the on-screen instructions—usually, this involves scanning a QR code with an authenticator app such as Google Authenticator or Authy.
    3. Save backup codes in a secure location.
    4. Make sure all admin users configure 2FA promptly. For multiple admins, mandate 2FA in your security policy for full compliance.

  • Best Practices:
    Regularly update authenticators. Avoid using SMS-based 2FA except as a backup.

3. Securely Sharing Credentials with LastPass or 1Password

Never send credentials via email or standard chat channels.

  • For LastPass:

    1. Log in to your LastPass vault.
    2. Click Add Item > Password. Enter the WordPress credentials and any relevant notes.
    3. Click Share and enter your collaborator’s address. Optionally, select “Allow recipient to view password” if needed. Click Share.

  • For 1Password:

    1. Open 1Password and add a new login for the WordPress account.
    2. Use the Share > Share Link feature or create a guest account if the recipient is not on your 1Password team.
    3. Set the share link to expire within a set timeframe (e.g., 24 hours).

  • Vendor-Neutral Security Guidance:

    • Always use password managers with end-to-end encryption.
    • Grant access only for as long as needed and revoke it once the project concludes.
    • Never save credentials in unencrypted locations.
    • Maintain an audit trail using the built-in sharing and usage logs.

4. Security Best Practices

  • Use unique, random passwords for every user account.
  • Regularly review users with admin access. Revoke permissions from inactive accounts.
  • Keep your WordPress core, themes, and plugins updated to patch vulnerabilities.
  • Schedule regular backups and security scans using trusted plugins.
  • Limit admin access to authorized personnel and segment user roles as needed.

5. Troubleshooting Common Issues

  • Not Receiving Invitation Email:
    Ask the new user to check their spam folder. If undelivered, reset the password via the main WordPress login screen.

  • 2FA Lockout:
    Ensure each admin keeps backup codes. If locked out, another admin can reset 2FA status in the user management panel.

  • Plugin Conflicts:
    If 2FA plugin activation causes issues, disable newly added plugins from the file manager (by renaming the plugin folder) and consult the vendor’s support documentation.

  • Credential Sharing Errors:
    If a recipient can’t access credentials via LastPass or 1Password, verify sharing permissions and expiration settings, or generate a new share link.

For maximum security and seamless onboarding, notify Evolve Systems when account provisioning and secure sharing are complete. Our team will verify access, test authentication, and confirm that installations and policies comply with current data security standards. For further guidance, refer to the screenshots and video walkthroughs provided in this resource or contact our support team at any stage of the process.