One of most powerful features of WordPress goes unnoticed every day. The built-in user roles feature in WordPress is something that at first surprises and then delights WordPress users. Many people think their username and password for WordPress is a single sign-on key and must be shared in order to grant someone else access. This is not always the best solution.
User roles and capabilities let you decide Who Can Do What on your WordPress site, so you can turn your single user site into a multi-user collaboration.
This is especially important for small business owners with multiple employees sharing one WordPress site.
Your WordPress Network
WordPress is so much than a website framework or even strictly a Content Management System. WordPress can be a network around which multiple members of your organization can manage content and strategize together.
Take an example from WordCamp.org, the international collective of WordPress volunteers that hold WordCamp events for crowds all over the world. A WordCamp for each participating city centers around one website for that city’s yearly event.
Multiple members use the site as the central hub. Writers will work on pages and posts. Designers can work on layout. System admins can do the back end stuff. Whatever the site needs may be, there’s a proper user account to help divide the workload and control access to the correct area.
Imagine the hierarchy for an online magazine. There are contributors who submit work, editors who approve the work and publish it, and, likely, an administrator to do maintenance work on the site. WordPress provides default user accounts that can handle all of these various duties. This way, a contributor won’t be able to do what an editor can do. And an editor won’t be able to do what an administrator can do.
Different Roles for Different Users
Not only does WordPress provide you with default user roles. You can even create your own custom roles. Though this is considered more advanced, there are plenty of plugins out there that can do it for you.
But there’s always reason to be cautious. Security is your main concern.
Whenever you install WordPress, you get an administrator account by default. This gives you full access to everything in your site.
At various points throughout the life of your site, there may be different people working on it. There may be writers, designers, developers, or system administrators that come and go.
As an admin, you have the power to create user accounts for all of those various employees and, just as important, take those accounts away once that person moves on to another project.
Take your role as admin seriously, or, by all means, pass it on to someone in the organization (an IT person, for example) to handle this task for you. Granting admin access to someone untrustworthy can be hazardous.
To learn more about managing user roles appropriately, be sure to read our full guide on understanding user roles and capabilities in WordPress for Small Business.