Whether you’re managing a thriving membership or you’re just starting your 1-1 coaching practice, understanding who can login to the backend of your site and at what level of access is super important to keep a member of your team from breaking it accidentally.
In this guide, I’ll walk you through how to add a new user to your WordPress site with a focus on security.
How to create a user in WordPress
Adding a new user or author is easy to do:
- Go to Users » Add New page in your WordPress admin area.
- Fill out the form with your team member’s details: Username and email address are required, though you can also add their first name, last name, and website URL if you want to.
- Use the auto-generated secure password or create your own. WordPress automatically fills in a very secure password for you, but you can create your own by mixing uppercase, lowercase, numbers, and symbols. Make sure it’s highly secure to protect your site.
- Choose the user role for this team member. This will control what level of access they have to your website’s backend. See below for more details on which user role to apply in which situation.
Tip: Use a password manager to store and manage your passwords. You’ll never have to worry about remembering passwords (and it’s way more secure than other storage methods)!
Understanding user roles in WordPress
Different user roles let you control who can do what on your site. Here’s a quick rundown:
- Administrator: Can do it all! Update software, install plugins, change themes, delete content, and more. It’s usually best for your developer.
- Editor: Can manage and publish posts, including the posts of others.
- Author: Can publish and manage their own posts only.
- Contributor: Can write and manage their own posts but can’t publish them.
- Subscriber: Just here for the ride, can only manage their profile and comment.
Warning: Careful with that Administrator role; only hand it over to people you trust, like your developer.
Now you know
There you have it, a simple and secure way to add a new user to your WordPress website. By following these steps and understanding the roles, you can make sure the right people have the right access (and no one has access to more than they need).
Other posts you might like: