Home Blog WordPress Management Create & Manage WordPress Temporary Login Access for Users

Create & Manage WordPress Temporary Login Access for Users

Create & Manage WordPress Temporary Login Access for Users

Granting temporary access to developers or collaborators is a common need for WordPress site owners. However, managing these accounts can quickly turn into a security headache—not to mention it being a time-suck. Weak passwords, forgotten deletions, and manual processes leave your site vulnerable and leave you spending far too much time managing user accounts. 

Fortunately, there’s a better way. In this guide, we’ll explore how a plugin can make creating and managing temporary users easier and more secure.

create & manage wordpress temporary users with a plugin

Why Would You Need to Give Temporary Access to Your WordPress Site?

Temporary access minimizes security risks by ensuring third parties don’t keep unnecessary access to your website. This helps reduce security risks caused by unused accounts. 

There are many situations where you might choose to give temporary access instead of creating a new account, including:

  • Safely giving a developer access to troubleshoot a plugin issue
  • Giving a graphic designer access for design updates
  • Letting a shop manager check inventory
  • Granting an editor access to review a blog post

In all these situations, giving temporary access instead of a new account ensures they can do their job while limiting potential risk.

The Problem – Manually Creating & Managing Temporary Users on WordPress

The process of creating a new user on WordPress isn’t a big deal – you just have to specify an email address and the username. Then an email, including the password is automatically sent to the recipient. However, the problems start afterward, and get worse when you have multiple temporary users.

Key Challenges with Temporary WordPress Users

  • Weak passwords: Temporary accounts, often with admin access, are initially set up with strong passwords. However, third parties frequently change these to weaker, easy-to-remember ones, compromising security. There are steps you can take to overcome this, like using a login security plugin, but it’s still an important challenge to consider. 
  • Forgetting to delete users: Temporary accounts are rarely deleted on time. Many WordPress sites accumulate unused accounts, leaving them vulnerable to breaches caused by weak passwords or stolen credentials.
  • Unmonitored account activity: Temporary users often operate without any form of tracking or oversight. When there are multiple accounts on the site, this makes it nearly impossible to identify which account made which change. 
  • Manual management challenges: Relying on manual processes to create, manage, and delete temporary accounts can be time-consuming. The more accounts on the site, the more work goes into managing them.

The Solution – A Plugin to Create Temporary Users

To eliminate the issues related to temporary users, most people opt for a plugin. The Temporary Login without Password plugin is the most commonly used option.

As the name implies, the Temporary Login without Password plugin allows you to give a temporary WordPress login to someone without needing a password and without as much manual management. You can choose when the login expires, as well as the user role of the temporary user account. Here is how it works.

Creating a Temporary WordPress Login

Once you install and activate the plugin, a new Temporary Logins node is added to the Users menu in your WordPress dashboard.

Click it and click on the Create New button to create the first temporary WordPress login.

When creating the new login, you have to specify the email address where the URL for the temporary login will be sent, the role of the user, and for how long the temporary login should remain active.

After clicking submit, you get a temporary login link to share with whoever you want to give temporary access to. This temporary link will be valid for the duration you set and looks like this:

https://site.com/wp-admin/?wtlwp_token=b4cc27c42c54b2ffcb533f441a4856ka1aee7283ccf90d9594a4d8f90694a90da4810c2b8d4db3642150e9376495d6329cdf0bccfa25acg245c3O598e3a88e0b

You can either copy the link and send it manually, or you can press the small envelope button in the tool to send it.

When the user clicks on the created login link, he or she is automatically logged in to your site on a temporary login account. If they log out by mistake, clicking on the link again will restore their session.

Configuring the WordPress User Role and Expiration

From the WordPress security point of view this is a perfect solution:

  • It allows you to set the role, which is very important because you should never give WordPress users more privileges than they need.
  • You can set an expiry date which means you will not need to remember to delete the account. Therefore should the recipient’s email account get hacked, malicious users cannot use the link to log in to your WordPress because it is temporary.

When setting the expiration for the link, you can select any of the predefined options or simply specify a date.

Managing Multiple Temporary WordPress Logins

All the temporary WordPress users you create with the plugin can be managed from the same Temporary Logins menu.

As you can see in the above screenshot, you can disable and delete any of the temporary logins with just a mouse click. So, if you ever have any concerns about the activity of one of the users you can use these options to revoke their access.

Keeping Log of What Temporary WordPress Users Are Doing

When you give temporary access to a third party, you need to keep an eye on their activity. They could accidentally do something they shouldn’t that harms your website, or their email could get hacked, giving a bad actor access to your site. Monitoring temporary user activity and identifying potential issues before they harm your site is very important.

Our WP Activity Log plugin does just that, and it’s fully compatible with the Temporary Login without Password WordPress plugin.

For example in the screenshot below, we can see that the temporary WordPress user Anekke has created and published a new post, changed its URL, and uploaded a media file.

WP Activity Log can keep a record of any type of change on your WordPress websites and multisite networks, including those made by temporary users. This includes changes to posts, pages, custom post types, plugins, themes, user profiles, menus, widgets, and global WordPress settings changes, just to name a few.

Refer to the complete list of WordPress changes that the WP Activity Log plugin can keep a record of for more information.

Giving Temporary Access To Your WordPress & Monitoring Changes Just Got Easier

Temporary Login without Password is an easy-to-use solution that reduces the drudgery and security risks that come with creating temporary WordPress users for third parties. This solves a whole host of problems, but it’s still important to monitor changes made by these users.

The WP Activity Log plugin does just that, allowing you to ensure the temporary accounts can be managed in a secure fashion. Together, they make giving and managing temporary access a whole lot easier.


Leave a Reply

Your email address will not be published. Required fields are marked *

Stay in the loop

Subscribe to the Melapress newsletter and receive curated WordPress management and security tips and content.

Newsletter icon

It’s free and you can unsubscribe whenever you want. Check our blog for a taste.

Envelope icon
Uploading WP 2FA as a zip file in WordPress
WP 2FA in the WordPress plugin repository
Close

Installing WP 2FA Free

Congratulations on taking the first step towards enhancing your WordPress site's security with WP 2FA Free! You're now on your way to protecting your valuable data and ensuring peace of mind. No coding or technical knowledge is required.

 

Below are two ways to install WP 2FA on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for WP 2FA.

Download the WP 2FA plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading CAPTCHA 4WP as a zip file in WordPress
CAPTCHA 4WP in the WordPress plugin repository
Close

Installing CAPTCHA 4WP Free

Well done you. You're one step closer to safeguarding your WordPress website from spam and automated attacks with CAPTCHA 4WP. You'll be able to effortlessly integrate CAPTCHA into your forms and enjoy a website with enhanced security.

 

Below are two ways to install CAPTCHA 4WP on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for CAPTCHA 4WP.

Download the CAPTCHA 4WP plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading WP Activity Log as a zip file in WordPress
WP Activity Log in the WordPress plugin repository
Close

Installing WP Activity Log Free on your website

You deserve a pat on the back for choosing to record user actions and changes on your website. That is the first step towards better user accountability, easier troubleshooting of website security, and many other benefits of issues.

 

Below are the two ways to install WP Activity Log on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for WP Activity Log.

Download the WP Activity Log plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading Melapress Login Security as a zip file in WordPress
Melapress Login Security in the WordPress plugin repository
Close

Installing Melapress Login Security Free

Congratulations on taking control of your WordPress website's security by implementing robust login and password policies with Melapress Login Security. You can change your login page URL, limit failed login attempts, and reset passwords.

 

Below are two ways to install Melapress Login Security on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for Melapress Login Security.

Download the Melapress Login Security plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2