Once you conquer the initial WordPress learning curve – how to login to the dashboard and navigate around it a little bit – it soon becomes apparent that the WordPress backend is packed with a lot of options and menus. And at some point thereafter, especially if working with guest authors, many WordPress users confront a sticky question: What do you do when you need to grant someone access to your dashboard, but you want that access to be limited in terms of how long it lasts?
- Manage user roles in WordPress
- When temporary access to a site is the solution
- A plugin-based solution for temporary access
- How to set up temporary access for a WordPress user
Manage user roles in WordPress
Most users figure out pretty quickly that WordPress access is based on user roles that you can manage from the dashboard. You can add more user roles and gain more control over the specific points of access and authority they come with by installing and configuring user role plugins.
But even without adding functionality through plugins, you still have the ability to manage user roles from the dashboard, as well as to grant and revoke access to specific users. For instance, when you want to give access to a new user, through the users menu on your dashboard, you can create a new user, set the parameters of that user's access by assigning the correct role, and then delete the user.
Alternatively, and more efficiently, you can create a temporary user account that automatically expires and thus doesn't need to be deleted. Even better, the access you create for this temporary user isn't tied to login names and passwords – it operates off one URL that you create and control. In this article, we'll show you how to create temporary user accounts that automatically expire using a specific plugin called Temporary Login Without Password.
When temporary access to a site is the solution
You may be wondering why you'd ever need to grant someone temporary access to your WordPress dashboard. One of the most common scenarios involves the outsourcing of WordPress work to a freelance developer, designer, or security technician. You want your WordPress experts to have all the access to your site that they need to do a good job for you. For these kind of scenarios, it wouldn't be very efficient to not provide a login to your WordPress website.
On the other hand, you don’t want an administrator-level account hanging out there in the ether well past the event that precipitated the need. Providing an uncontrolled WordPress admin login to 3rd parties can be a security risk. Once the work is done, you'd most likely prefer that access to your WordPress website to be revoked.
Other possible scenarios in which you would want to create an automatically-expiring, temporary account for your WordPress website include guest blogger and guest editor days. During this period you can invite an outside author or professional blogger to join your site for the day to blog about certain topics or events – a book launch, or a national event (election day, for example). This way you can gain additional high-quality content for your WordPress blog.
The guest editor and guest blogger strategies are great ways to expose your site to a whole new audience, to engage in influencer marketing, and to attract new users and subscribers to your site. Yet, pursuing this strategy energetically, could result in the need to set up lots of guest user accounts.
In all these cases, you want to give someone else access to your site and the dashboard for your WordPress installation – whether to perform services for your site or to act as a blogger or editor for your site – but you don't necessarily want that access to be open-ended.
A plugin-based solution for temporary access
As mentioned above, you essentially have two options when you need to grant someone access to your WordPress site. One option is to create a new user with a certain level of access, then delete the user account when the need for access has passed. The more efficient way is to simply create temporary login credentials with a built-in expiration date. To do the latter, you can for example use the Temporary Login Without Password plugin – which is available in the official Plugin Directory.
While it's always a good idea to exercise caution in installing and activating new plugins for your WordPress site, this is one of those situations where native WordPress ability can be usefully enhanced without a huge drain on resources, so a plugin-based solution makes a lot of sense.
Temporary Login Without Password does exactly what it sounds like, it helps you create a set of login credentials for a user that expires automatically. The new user receives a unique link, which gives them direct access to your WordPress dashboard – they don't need a username and password at all.
The plugin's settings allow you to establish the user role (and hence the level of access the user will have) as well as the parameters for the account's automatic expiration. By the way, the developers say that if you pair this WordPress plugin with the WP Security Audit Log plugin, you can even track what the user does on your site after using the login link you create.
There's also another WordPress plugin that performs a similar function. It is called Controlled Admin Access and you can check it out if Temporary Login Without Password doesn't meet your needs.
How to set up temporary access for a WordPress user
To use Temporary Login for temporary credentials on your WordPress website, simply search for Temporary Login Without Password from your plugins page in the dashboard of your site. After you've installed and activated the plugin, look for the plugin's menu in the user menu, as shown below. Now click on Temporary Logins to be taken to the plugin's settings page to proceed with the set up.
Next, click Create New:
Fill out the form for your new, temporary WordPress user with name and email address. Select the level of access you'd like the user to have, then set the user's access expiration date. Click Submit.
You'll be shown a success message with a URL. Remember that the URL the plugin generates will grant that level of access to your WordPress website to anyone who has the link, so be very cautious when sharing it with others. Click the click to copy button to store the URL on your device's clipboard, then paste it into an email message to send.
Conclusion: Providing temporary access to your WordPress website
That's all there is to it. The access granted through that link expires when you set it to expire automatically, and there's no need to remember to go back into your dashboard and delete that user. Do you have another favorite method of granting temporary access to your WordPress dashboard? Let us know in the comments section below!