Home Blog WordPress Management Easily Create & Manage WordPress Temporary Users with a Plugin

Temporary login

Easily Create & Manage WordPress Temporary Users with a Plugin

Do you need to give temporary access to a developer or an author to your WordPress website?

If you manage a WordPress website, you surely need to give temporary access to someone so they can fix a problem or do some work on your website. Though there is a problem – the process of creating and managing temporary users can become cumbersome and can also lead to security issues.

Hence to eliminate the issues related with temporary users, our friends at StoreApps developed the Temporary Login without Password plugin.

create & manage wordpress temporary users with a plugin

Why Would You Need to Give Temporary Access to Someone On Your WordPress?

You’ve never had to give temporary access to someone on your WordPress website? Never say never especially if you have a business website. There are many use cases where you need to give temporary access-

  • You have an issue with a plugin and the developer needs to troubleshoot the issue
  • You give access to a graphic designer to do some fancy design work
  • You need to check inventory status and give access to the shop manager
  • You want to review a blog post and grant access to the editor

and the list can go on….

The Problem – Manually Creating & Managing Temporary Users on WordPress

The process of creating a new user on WordPress is not a big deal – you just have to specify an email address and the username. Then an email, including the password is automatically sent to the recipient. The problems though start afterward, and get worse when you have multiple temporary users.

Weak Passwords in Temporary WordPress Users

You create the temporary account, most probably with admin access and use a complex password. Upon receiving the account details, the third party changes the password to something that is easy to remember.

This might sound like a stupid thing to do but many support departments do this – they use a common passwords on all of their customers’ website so they do not have to deal with complex passwords. It is more practical for them but the security of your WordPress website is jeopardized.

Not Deleting Temporary WordPress Users

You have to also remember to delete the temporary WordPress users. And let’s face it, in most cases we all forget to do it.

I’ve seen thousands of WordPress websites, they all have users which are no longer needed. So considering that weak passwords, stolen credentials etc are the main source of WordPress hacks, no surprise so many WordPress websites get hacked.

The Solution – A Plugin to Give Temporary Access to Third Parties on Your WordPress

As the name implies, the Temporary Login without Password plugin allows you to give a temporary WordPress login to someone without needing a password. You can choose when the login expires, as well as the user role of the temporary account. Here is how it works.

Creating a Temporary WordPress Login

Once you install the plugin, a new Temporary Logins node is added to the Users menu in your WordPress dashboard. Click it and click on the Create New button to create the first temporary WordPress login.

When creating the new login, you have to specify the email address where the URL for the temporary login will be sent, the role of the user and for how long should the temporary login remain active.

Configuring the WordPress User Role and Expiration

From the WordPress security point of view this is a perfect solution:

  • It allows you to set the role, which is very important because you should never give WordPress users more privileges than they need.
  • You can set an expiry date which means you will not need to remember to delete the account. Therefore should the recipient’s email account get hacked, malicious users cannot use the link to login to your WordPress because it is temporary.

When setting the expire for the link, you can select any of the predefined options or simply specify a date.

The Temporary Passwordless WordPress Login URL

Once the temporary WordPress user is created you are given a URL that you need to share with the developer or whomever you want to give temporary access to. When the user clicks on the link, he or she is automatically logged in to your WordPress site. If they log out by mistake, clicking on the link again will restore their session.

Managing Multiple Temporary WordPress Logins

All the temporary WordPress logins that you create with the plugin can be managed from the same Temporary Logins menu node. As you can see in the above screenshot, you can disable and delete any of the temporary logins with just a mouse click. So should you have any suspicion on the activity of one of the users you can use these options.

Benefits of Using Temporary Login Without Password Plugin

The Temporary Login without Password plugin makes the whole process of giving temporary access to a third party to your WordPress website very easy. Here are the benefits of using this plugin:

  • You and your contractors do not need to hassle with long passwords,
  • The security of your website does not depend on that of third parties,
  • You get self expiring temporary login links,
  • You can create as many temporary logins as you want!

Keeping Log of What Temporary WordPress Users Are Doing

When you give temporary access to a third party on your WordPress website you need to keep an eye on their activity. You need to ensure that they are doing the work they are being paid for and also make sure they do not do anything  that could potentially damage your website or put it at risk.

To keep a log of the temporary WordPress users’ activity you should use the WP Activity Log plugin, which is fully compatible with the Temporary Login without Password WordPress plugin.

For example in the screenshot below, we can see that the temporary WordPress user Anekke has created and published a new post, changed its URL, uploaded a media file etc.

What Can the WP Activity Log Keep a Record Of?

A good plugin for tracking and logging WP user activity can keep a record of any type of change on your WordPress websites and multisite networks, such as posts, pages, custom post types, plugins, themes, user profiles, menus, widgets and global WordPress settings changes.

WP Activity Log is WordPress’ most comprehensive activity log plugin – it does not just tell you that something has changed, but also reports what has changed.

Refer to the complete list of WordPress changes that the WP Activity Log plugin can keep a record of for more information.

Giving Temporary Access To Your WordPress & Monitoring Changes Just Got Easier

Temporary Login without Password is an easy to use solution that reduces the drudgery and security risks that come with creating temporary WordPress users for third parties.

On top of that then you have the WP Activity Log plugin which allows you to monitor what users with temporary access is doing on your WordPress.


Leave a Reply

Your email address will not be published. Required fields are marked *

Stay in the loop

Subscribe to the Melapress newsletter and receive curated WordPress management and security tips and content.

Newsletter icon

It’s free and you can unsubscribe whenever you want. Check our blog for a taste.

Envelope icon

The survey results are in: Find out what your WordPress security gameplan might be missing

Close

The survey results are in: Find out what your WordPress security gameplan might be missing

Uploading Melapress Login Security as a zip file in WordPress
Melapress Login Security in the WordPress plugin repository
Close

Installing Melapress Login Security Free

Congratulations on taking control of your WordPress website's security by implementing robust login and password policies with Melapress Login Security. You can change your login page URL, limit failed login attempts, and reset passwords.

 

Below are two ways to install Melapress Login Security on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for Melapress Login Security.

Download the Melapress Login Security plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading CAPTCHA 4WP as a zip file in WordPress
CAPTCHA 4WP in the WordPress plugin repository
Close

Installing CAPTCHA 4WP Free

Well done you. You're one step closer to safeguarding your WordPress website from spam and automated attacks with CAPTCHA 4WP. You'll be able to effortlessly integrate CAPTCHA into your forms and enjoy a website with enhanced security.

 

Below are two ways to install CAPTCHA 4WP on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for CAPTCHA 4WP.

Download the CAPTCHA 4WP plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading WP Activity Log as a zip file in WordPress
WP Activity Log in the WordPress plugin repository
Close

Installing WP Activity Log Free on your website

You deserve a pat on the back for choosing to record user actions and changes on your website. That is the first step towards better user accountability, easier troubleshooting of website security, and many other benefits of issues.

 

Below are the two ways to install WP Activity Log on your website:

Go to your plugin dashboard on your site, then go to "Add New" and then search for WP Activity Log.

Download the WP Activity Log plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2

Uploading WP 2FA as a zip file in WordPress
WP 2FA in the WordPress plugin repository
Close

Installing WP 2FA Free

Congratulations on taking the first step towards enhancing your WordPress site's security with WP 2FA Free! You're now on your way to protecting your valuable data and ensuring peace of mind. No coding or technical knowledge is required.

 

Below are two ways to install WP 2FA on your website:

Go to your plugin dashboard on your site, then go to "Add New", and then search for WP 2FA.

Download the WP 2FA plugin zip, then select upload in your plugin dashboard under "Add New".

OPTION 1

OPTION 2