We’re all guilty of it: losing track of what accounts we registered for, forgetting the passwords, and sharing logins with third parties which gave them more access than they actually need.
Whether you’re a solopreneur or owner of a small- or medium-sized enterprise, when you build a website you will need to register an account in multiple services and track your login details. You will also share this information with third parties to help manage your accounts when a need arises. Without an effective strategy for this, you risk being locked out and lose ownership of your own accounts to someone you can’t rely on.
Since creating and managing your digital accounts are so important, take note of these pointers to efficiently handle the process (and prevent unauthorised access to your personal data):
Registering a master email account for your digital work
To begin with, you need to create a ‘master email account’ that you will use to register for third-party services. It’s a good idea not to use your existing domain name and email service so that you can still access your account if there are technical issues that come up. With Gmail, for example, you can easily share your master account with your team members, developer and anyone else you can trust that helps in the creation of your website and online accounts.
For instance, your business is named ‘WP 123’, you can create an email address like firstname.lastname@example.org. You can then ‘extend’ the email address using the plus sign to create variations you can use when you’re registering for different accounts or testing functions: email@example.com, firstname.lastname@example.org, email@example.com, etc…
Your Gmail account also gives you access to Google services such as Google Analytics, Google Search Console, Google Adwords, etc… that you’re likely to use in the long run.
After you set up your master email account, you can proceed with registering all of your other digital accounts, such as:
- Domain name
- Web hosting
- Social media accounts
- Tools and more
Safeguarding your accounts
With so much to think about running a business (plus, your other daily routine), it’s inevitable to lose track of your login information and online accounts. Using unique, strong passwords just make things more challenging and harder to remember.
Rule of thumb: When setting up your online accounts, never use a single login information – like one username and password to access them all.
When hackers figure out your user ID and password to one of your online accounts, the first thing they do is to try that same data on your other accounts. Never give intruders a venue to your business and personal information.
- Set up a unique, strong password for each account.
- Use a two-factor authentication when available to double your security.
- When registering your accounts, make sure to add only your contact details, not those of your team member and/or web developer.
- Some services will give you the option to add separate sub-accounts, allowing specific people to log in to your accounts but with controlled access.
- Always change the password when their tasks are complete and if there’s no need for them to log back in.
- If you require an account manager to have frequent access to your accounts, which is common, then see to it that you use a password that is different from what you use to your other accounts (which you should be doing anyway).
WordPress: Making sure you’re an admin
At times, developers prefer not to give you full access to WordPress for fear that you may make changes that break a function or the website’s layout. This is a reasonable request.
So, register as an admin but create a second log in as contributor too, and use the latter for your day to day use of WordPress.
Make sure that your developer registers for plugins and third-party services using your details and not theirs.
An important note about domain registration
As the business owner, it is paramount that your domains are registered in your name. If not, proving ownership may prove to be very difficult.
Also, make sure that you or someone from your business is the technical contact for the domain and not your developer. If your developer needs to receive these emails then you can set up an automated forward to their address instead.
Organising all your digital accounts
Tracking and securely keeping all your online accounts and login information are not that complicated when you use a password management system, such as 1Password. A password manager stores your user IDs and passwords in each of your online accounts, syncing them across your devices for your convenience.
If you don’t want to use a third party tool like 1Password you can rely on your… head. We explain how to do this in our Don’t Try To Remember Your Password, Remember A Single Password Algorithm Instead post.
As a backup plan, create a master file containing a list of all the websites and applications that you have accounts with along with the user IDs (but not the passwords). Google Docs and Microsoft Office 365 work well for this purpose. They allow you to password-protect your master file.
We understand that managing your digital accounts and logins is not your top priority as a business owner. However, it can save you from a lot of hassles if handled in a controlled, secure way. It’s crucial for data privacy.
At WP Hosting, we allow account owners to nominate specific developers and we have a token-based authentication process to ensure we only provide support to those that have been nominated.