Role selection & security question
-
Hi,
we were just recommended and tried out your “Temporary Login Without Password” plugin.
It seems to work without any issues and we are quite happy to have gotten the possibility of having people log in, without compromising our own login and password.
However, we have two questions. At the moment, we have a smaller issue with a 3rd-party plugin. The vendor of said plugin is requesting access to our site and told us “not to worry” as they “are only checking the issue and won’t change anything within the WordPress site”.
Hence, someone recommended your plugin.
However, we now are left with two open questions:
- When creating a temporary access link in the plugin, there are seven different “roles” to provide the user with starting with “Webshop executive” to “Administrator”. Which role should a website owner give a 3rd-party vendor in this case if that vendor needs to check on their own faulty plugin and the functioning of the very same? Administrator seems quite extreme but is – maybe – required to fix issues in their plugin?
- The advantage of the temporary link is obvious. The vendor can access the page for a given amount of time and after that, access is revoked. However, even for that short amount of time – if that vendor has administrator rights – doesn’t that mean, that he/she has the possibility to maliciously change, deface or otherwise, wreck our site? Assuming that administrator rights are given, the same rights we have now will – in this case – apply to the vendor, correct? And if so, can preventative measures be taken, other than reestablishing the site from backups, things should go south?
Thanks in advance for your time and help.
- When creating a temporary access link in the plugin, there are seven different “roles” to provide the user with starting with “Webshop executive” to “Administrator”. Which role should a website owner give a 3rd-party vendor in this case if that vendor needs to check on their own faulty plugin and the functioning of the very same? Administrator seems quite extreme but is – maybe – required to fix issues in their plugin?
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘Role selection & security question’ is closed to new replies.