June 25, 2023

Understanding WordPress User Roles & Adding New WordPress Users

June 25, 2023
Managing users is a critical component of running a successful website. Knowing how to effectively add new users in WordPress can boost teamwork, distribute tasks, and enhance security. Learn to assign precise permissions to various users, guaranteeing that they have the right level of access to contribute to your WordPress site.
understanding wordpress user roles Properly adding users to ensure the security and proper functioning of your WordPress website
The links in this post may be affiliate links.  That means that if you click them and make a purchase, this site makes a commission.  It will have no impact on the price you pay or the experience of your purchase.


User management is a crucial aspect of maintaining a successful website, and understanding how to add new WordPress users effectively can enhance collaboration, delegate responsibilities, and improve security. Learn how to grant specific permissions to different users using user roles, ensuring that they have the appropriate level of access to contribute to your WordPress website.

Importance of User Management

Proper user management allows you to control who has access to your WordPress website and what actions they can perform.

It ensures that different individuals or teams can contribute to the website while maintaining the integrity of the content and protecting sensitive information.

By adding users with appropriate roles, you can distribute responsibilities and delegate content creation, moderation, and administration tasks, thereby saving time and effort.

Likewise, effective user management enhances security.

Instead of sharing your personal login credentials with others, you can create separate user accounts with limited privileges, reducing the risk of unauthorized access and potential misuse of administrative powers. This practice also allows you to track user activities, maintain accountability, and revoke access if necessary.

By following the guidelines outlined in this document, you will be able to add users to your WordPress website securely and efficiently, ensuring smooth collaboration and safeguarding the overall integrity of your website.

Black Laptop Computer On Wooden Table with plant and other items

Why You Should Not Give Out Your Own Login Credentials

Security Risks and Vulnerabilities

Sharing your personal login credentials with others significantly increases the risk of unauthorized access to your WordPress website. When you provide someone with your administrator account information, you give them the ability to make damaging changes to your site.

This includes actions such as deleting valuable content or installing malicious plugins or themes that can compromise the website’s functionality and security.

Also, using your own login credentials for multiple individuals makes it challenging to track user activities and identify the source of potential security breaches. If several people are using the same account, it becomes nearly impossible to determine who made specific changes or performed certain actions on the website.

When there is no accountability, it becomes challenging to investigate and address security risks appropriately.

By creating separate user accounts for individuals and assigning them appropriate roles, you can ensure accountability, control access, and minimize the risk of unauthorized activities or security breaches.

Safeguarding Your Personal Information

Your personal login credentials, such as your username and password, are directly linked to your identity and should be treated as highly confidential information. It is crucial to keep these credentials private and avoid sharing them with others. Sharing your own login details can have serious consequences beyond compromising your WordPress website.

When you share your login credentials, you expose personal information associated with your account.

This information may include your email address, name, and potentially other sensitive data linked to your personal and online identity.

If these credentials fall into the wrong hands, it can lead to identity theft, unauthorized access to other online accounts, and potential misuse of your personal information.

To mitigate these risks, it is recommended to create separate user accounts for others who need access to your WordPress website. By assigning appropriate user roles to these accounts, you can control their level of access and ensure that they only have the permissions necessary for their specific responsibilities.

This practice not only safeguards your personal information but also allows you to maintain better control over who can access your website and what actions they can perform.

Person Using Black and Silver Laptop Computer while sitting in chair with knees folded

Understanding User Roles in WordPress


  1. The administrator role has the highest level of access and control over a WordPress website.
  2. Administrators can perform tasks such as adding and deleting plugins and themes, managing users and their roles, modifying website settings, and publishing or editing any content.
  3. It is crucial to limit the number of administrators to trusted individuals who require extensive control over the website.


  1. Editors have the ability to create, publish, edit, and delete their own content on the WordPress website.
  2. They can manage their own posts and those of other users, including contributors and authors.
  3. However, editors do not have access to critical website settings, plugins, or themes.


  1. Authors can create, publish, edit, and delete their own content.
  2. They do not have access to content created by other users, including contributors and authors.
  3. Similar to editors, authors cannot modify website settings, install plugins or themes.


  1. Contributors can create and submit content for review but cannot publish it directly.
  2. Their content needs to be approved by an editor or administrator before it goes live on the website.
  3. Contributors do not have access to published content or critical website settings.


  1. Subscribers have the most limited role and access on a WordPress website.
  2. They can create and manage their own profile, leave comments on published content, and interact with the website in a basic capacity.
  3. Subscribers do not have the ability to create or modify content, access website settings, or install plugins or themes.

By assigning the right roles, you can maintain better control over content creation, moderation, and website administration, while ensuring that each user has access to the necessary tools and features for their specific role.

MacBook Pro on table/desk with white ceramic mug filled with coffee

Adding a New User to Your WordPress Website

Adding Users from the WordPress Dashboard

Access the Users Section

  1. Log in to your WordPress website’s admin dashboard using your administrator credentials.
  2. Navigate to the “Users” section, usually located in the left-hand menu.
  3. On the Users page, click the “Add New” button near the top of the screen.

Entering User Details

  1. Fill in the required user details, such as username, email address, and name.
  2. Optionally, you can assign a website-generated password or set a custom password for the user.
  3. Ensure that the user’s email address is accurate as important notifications will be sent to this address.

Assigning a User Role

In the “Role” section, select the appropriate user role from the available options (Administrator, Editor, Author, Contributor, or Subscriber).
Choose a role that aligns with the user’s responsibilities and required level of access.

Sending a Notification to the New User

By default, WordPress will send a notification email to the new user, containing their login credentials and a link to set their password.
If you want to manually send the user their login information, you can uncheck the “Send User Notification” box.

Saving the Changes

Once you have entered the user details and assigned a role, click the “Add New User” button or “Save” button to create the user account.
The new user will now appear in the Users list, and they can log in to the website using the provided credentials.

Final Thoughts

Managing WordPress users effectively is essential for maintaining a secure and collaborative website.

By understanding user roles, you can delegate responsibilities, control access, and safeguard your personal information.

Creating separate user accounts for others and assigning appropriate roles, such as administrator, editor, author, or contributor, can enhance accountability, improve security, and streamline collaboration.

Remember, sharing your personal login credentials significantly increases the risk of unauthorized access and potential security breaches. So, always follow best practices for user management to ensure a successful and secure WordPress website.



A life and business coach at TaKenya Hampton Coaching, owner of Studio117 Creative, and the girl behind the stove or drill at the Kenya Rae Blog. A total WordPress geek and lover of systems that help businesses run smoothly. My goal is to make things look good, work well, and help business owners reach their full potential—whether they’re working solo as a solopreneur or with a team.