How To Create a Temporary Account for Support Agents

A problem I had recently was that I needed to give a support agent from a plugin company Admin-level access to a WordPress site. The cause was an obscure bug they couldn’t help with any other way. But I was left with two not-great options:

  • Give them access to an existing account, and change the password to that account later
  • Create a new account for them, and then remember to delete it later

What I wished I had was a way to give them a new account for a limited time and not need to remember to remove it later. I ended up putting a calendar reminder for myself to make sure the account was gone if the support conversation has failed to prompt me to. But there’s a better option: Temporary Login Without Password.

The plugin does what you’d expect: first it creates a temporary account you can give to someone who need access to your site for a short time. Better (or worse, depending on your preferences) is that that temporary access can be granted without them needing to create or remember the username and password pair.

Here’s a video of the plugin in action:

Step-by-Step Guide to Making a Temporary WordPress Account

  1. Install and activate ” Temporary Login Without Password”.
  2. Go to “Users > Temporary Logins” on the left-side menu.
  3. Click “Create New”.
  4. Add the email address for the account, as well as the “Role”—make that the lowest possible—and the expiry—favor as short as possible.
  5. Click “Submit”
  6. You’ll now have a temporary account. You can use the plugin to email the link to the user, or submit it to them though some more secure communication channel.

The security implications of this whole arrangement are worth considering. If your WordPress site holds government secrets, sharing access is always a bad idea period. If you’re comfortable emailing a username and password to someone, emailing this link has the exact same effect. If you’re not comfortable emailing a username and password, probably don’t use this plugin.

But for most people this is a reasonable way to get ease-of-transfer-of-access and does come with the benefit that the account will have some expiration date. That’s better than leaving any unneeded account open for no useful purpose.

(Hat tip to Ben for a pointer to this plugin. Thanks!)

Image credit: Wikimedia


1 Response

Comments

  • Kevin says:

    Thanks for this. I had a situation a couple weeks ago where this would have been ideal. Much as I felt my plugin author was trustworthy, I couldn’t help but cringe at giving anybody admin access to my website!

Add a Comment

Your email address will not be published. Required fields are marked *