Do you have another WordPress Admin User account? If not, have you ever found yourself suddenly locked out of your website? Perhaps you kept trying to log in and your security plugin blocks you because it thinks you are a bad person trying to gain access.
However, there may be a situation why you should not do this; more on this in a bit.
You Need to Create Another Admin User Account
I’ve introduced you to a couple of examples of not being able to log into your WordPress website. Unfortunately, there are many more reasons why you are unable to log in. Because of this, I will give you a quick look at the importance of having a second user account.
The main reason why you need another user account with administrative access is so that you can log into your site if your primary user account is somehow locking you out. This can be for a multitude of reasons, but let’s focus on simply getting you set up with another login.
One very important piece of advice I can add to this article is to add your second WordPress admin user account right now! I would hate to hear that you read this article and before you decided to make a new account, you find yourself unable to log into your website. Even though this is not the end of the world, the method to regain access requires you to log into your database! If you have never done that before, then you can say YIKES!
The Database can be a Scary Place!
If you ever find yourself unable to log into your website, the only way to get back in is to access your database. For some people, this might be another day on the job, but for others, it can be scary! I remember when I first went into my database, I was afraid to click on anything, including logging out.
If you are someone who has never ventured into your site’s database, I wouldn’t recommend doing it. Find someone who is familiar with this kind of thing, but make sure it’s someone you TRUST! The database is where everything about you, your website, and your registered user accounts are kept (if any).
I won’t go into the specifics of how you can regain access or reset your password from the database, so I will keep that for another article.
Long story short and to avoid having to go into your database, setting up another WordPress admin user account is the best way.
How to Create a Second WordPress User Account
Generally, this is the same process as if you were simply adding a user to your website, whether it’s for an editor, author, or other. Current WordPress user roles can be found with the following links, but outlines what they are below:
In our case, you will be setting up a user account with the role of “Administrator“. Of course, you will want to make sure you are the administrator of your website before you do this.
- Log in to your WordPress website’s dashboard.
From here, you are now ready to head over to the Users.
- On the left side column, click on the Users menu item.
You will want to then click on the Add New link.
- Fill Out the Required Fields.
Fill out the fields that apply to you, but make sure for the “Role” setting, you select “Administrator“.
- Click “Add New User”.
At the bottom of the form, click the “Add New User” button. Because this is for you, there is no need to send yourself your new user account information.
Once you’ve done the setup for a new WordPress admin user account, try logging in with it to make sure you can log in. There is no sense in making a second account if you cannot log in, right?
Does This Have Security Issues?
I’m always open to alternative opinions, and one has recently come up that I will humbly admit, I did not quite think about. I’m no security cyber specialist, but one person I spoke with is a Full-Stack developer, named Charaf. We had an interesting conversation on Twitter.
Here is his take on the “creating another Super Admin account” scenario…
There’s a principle in security called “least privilege” that is common in many areas (e.g. Linux) where you try and give each user only the minimum access they need to get their job done.
So if you hire a writer you give them an “author” privilege for example. This is because you never know, their account might get compromised and it would be much better to deal with an “author” account being compromised than several.
So to tie this back to our issue, having extra “admin” accounts that are just sitting there for no reason provides no benefit, but only exposes the website to more risks (the account getting compromised). And so it’s always best to keep a very limited set of admin accounts.
If a User is Locked Out of Their Website
As for user experience, most hosts’ support can help you log back in if you’re ever locked out. So I don’t think this is a valid reason.
I don’t think WordPress itself has issues with security, it’s mostly the plugins as you said (me). So it’s ultimately up to the user to choose more reliable plugins and do their due diligence by keeping them up to date.
My Take on This…
He brings up very good points to consider. It is really the choice of the end-user to decide if they feel having another Admin account makes sense for “them”. But you also have to give serious consideration to the security of your website.
The choice is yours, and yours alone.