User Roles and Permissions

Effective management of large websites requires a collective effort, as it is not feasible for a single person to handle all aspects of content creation and updates. In order to facilitate this collaboration, it is essential for every team member involved in website management to have access to the admin dashboard. However, sharing a common admin username and password among team members can introduce serious security vulnerabilities, creating a potential nightmare scenario. To mitigate this risk, it is advisable for each team member to have their own individual usernames and passwords. This approach ensures enhanced security measures and maintains accountability by assigning unique credentials to each team member.

Creating a user account

Let’s assume we have a coworker who will help with managing a section of the website. We can create an account for the user in two ways:

Hover over "New" in the top admin bar and choose "User." From the admin dashboard sidebar, click "Users" and choose "Add New."

On the screen that opens up, the username and email are required while the first name, last name, and website are optional. Create the username and email address. Let’s assume that the username of the coworker is james and the email address is james.doe@email.com.

WordPress generates the password and emails it to the user. Change the password to something that is easy to remember. To skip email notification, we can uncheck the "Send User Notification" option.

Next we need to set the role for the user. WordPress offers roles with different permissions which are discussed below.

Default WordPress roles

By default, WordPress has five different ...