|

How to Create and Delete a WordPress User

How to Create and Delete a WordPress User

See how to create a new WordPress user to allow access to your site without sharing your own login, how to send that new user their credentials securely. Plus you’ll see how to safely delete a user, including how to do it without losing any content they created.

Video Tutorial

See every step in the process of creating and deleting a new WordPress user.

Written Tutorial

See all of the steps to create and delete a user

Get email address of new user

Ensure you have a valid email address for the new user you are adding before you start this tutorial.

Create a user

Login to your WP site with a user that has Admin-level access. If you are the only user, you will have that level of access.

Go to Users – Add New

In the left admin sidebar, go to Users > Add New

Enter username and email address

Enter the Username the new user will use for their login username.

Then enter their email address.

Fill in at least the first name

The next 3 fields are not required, but I would add in their First name to make the account easily identifiable.

Use the strong password already generated

A strong password will already be assigned and I suggest you use it, plus tell the new user not to change it, as they will all too often input a weak password or one they use on other sites, and that becomes a security issue for your site.

Copy the username, email, and password

Copy the password and paste it with the other login info you are creating so you can give it to them later.

Uncheck box to send notification

You can elect to send the new user an email, but I uncheck this box as the email will give them everything except the password, and will instead have a link to reset it. And they may create a weak password or one they use on other sites and you don’t want that security hole.

So, uncheck this box.

Set user Role

Set their user Role appropriate to the access level they will need.

If it is for tech help, then set the role to Admin, which means they can access anything on the site just like you can.

Click Add New User button

Then click the Add New user button.

You will now see the new user in the list of all users.

Send new login credentials securely

Now you need to send that new user their login credentials, and you need to do that securely.

Do not use email to send them the login credentials. Email is not encrypted.

If this is a new site tech user, and you have a support ticket open with them, go directly to the support ticket and enter the info there. Do not reply to any support email thread with it.

Another way to send the login securely is by using Google Docs where you can control who the doc is shared with. I believe Dropbox has the same controls.

There are also 3rd party services you can use that are encrypted and disappear after the intended person has viewed the info.

Those services include:

  • Quick Forget
  • NoteShred
  • One Time Secret

I use Google Drive, so you’ll want to do your own research into these, or other 3rd party methods, as I don’t use them and don’t offer support on them.

You’ll also want to delete that extra user when they no longer need access to the site, which is what we’ll be doing next.

Why to delete users who no longer need access

Leaving a user on your site who does not need access is a security risk. If wherever they are storing those login credentials gets hacked, then so does your site.

For my site audit clients, their last task before closing our project is to remove me as a user, and I also delete any secured docs I have for their project that contains their login info too.

But other techs won’t always take those extra measures to ensure your site is secure, which is why it’s imperative that you remove them.

How to delete a user

Okay, let’s delete a user.

For this example, we are going to remove a user that also contributed content to the site, and reassign that content to ourselves.

But this will work for users who haven’t contributed content too.

You can’t delete yourself, meaning a user that you are logged into, so be sure to login as your WP admin user.

Go to Users – All Users

In the left admin sidebar, go to Users > All Users.

You will see a list of all the users who can log into your site.

See content that user created

You can also see if any content is assigned them. But keep in mind it will only show blog posts, not any pages that were created by them, so keep that in mind before you delete them.

If you click on the number, you can see a list of those blog posts.

If you like, you can keep this content and assign it to yourself, or you can delete it along with the user.

Let’s return to the users list.

Hover over user and click Delete link

Hover over the user and click the Delete link.

Choose to delete or delete and attribute content

If the user generated content, you will see a choice to either delete all content or attribute that content to another user.

If they were just a site tech and did not generate content, then you will not see this option.

Since I want to keep that content in this example, I’ll check the radio button to attribute content and then select the user to reassign it to in the drop down.

Since I’m the only other user, that’s the only one that shows here.

Click Confirm Deletion button

Then click the Confirm Deletion button.

That’s it!!

Now that deleted user can no longer log into your site, and your site is also more secure.

Get More Helpful Tips

Be sure to subscribe to the BlogAid YouTube channel for more helpful tutorials like this.