WordPress security issues caused by sharing WordPress login details

Last updated on September 06th, 2018 by Robert Abela. Filed under WordPress Security Readings

Sharing WordPress logins

A WordPress security best practice that is easy to implement is having a unique WordPress login (username and password) for every person who accesses your website or multisite network. Sharing the same WordPress login details with groups of people can lead to a number of security issues and increases the maintenance of the website, as this post explains.

Use of Weak Passwords

As a WordPress website administrator you know very well how important it is to use strong and complex passwords. In fact, most probably you use a password manager so you can use very long passwords which are impossible to remember. Though if you have a common WordPress login for a group of people, since many still do not use password managers, and because you do not want to hassle with support, you use an easy password for the shared WordPress users.

Easy to guess passwords were and still are the most common source of WordPress websites hacks. So avoid using shared WordPress logins and always encourage your contributors to use a password manager to reduce the use of weak and easy to guess passwords.

More Complex operations & high maintenance websites

Managing shared WordPress logins is more complex and requires more time than managing multiple individual accounts. Imagine 20 people using the same guest blogger WordPress login. What happens if one of the users resets the password? Suddenly you have 19 users who cannot login to the WordPress website to post their guest content. And you have to reset the password and send it to 20 people, which leads to the next problem:

Increase the chances of leaking the WordPress credentials

When users cannot reset the password themselves you have to send them the new password. Typically new passwords are sent over email because that is the fastest and easiest way. Though there are two problems with sending passwords over email: 1) emails are sent in clear text so such data can be captured (sniffed) when sent over the internet, 2) if the email account is hacked, the attackers can find the credentials putting the whole WordPress website at risk. You can avoid sending passwords to users by creating an individual WordPress user for each.

Though should you have no other option but to use shared WordPress logins, you can send the credentials over an encrypted channel, such as an encrypted email. If even that is not possible, send the username and different parts of the password via different channels. For example you can give out the URL and username over a voice phone call and send the first few characters of the password via email. Then send few other characters from the password via a messenger and the last bit via SMS. Unless it is encrypted, the password should never be sent as a whole and in the same message with the username and WordPress login page URL.

You cannot keep an activity log of who did what

When a group of users share the same WordPress user account you cannot know who did what when using a WordPress activity log plugin. Imagine you have ten people using the same editor account, and one of them changes the content of the home page. It is impossible to tell who it was since all the editors share the same login. Maybe you might be able to tell who did the change from the IP Address, though what if the change happened a few days or weeks ago? It is impossible to tell especially if the users are from the same geographical region.

And if the credentials were leaked and used by a malicious actor, how can you determine if a change was legitimate or not? This also leads us to the next problem:

It is very easy to sabotage a WordPress website

Since it is almost impossible to tell who did what it is very easy for a user to sabotage the website, or for a malicious actor to hide his tracks. In such case a WordPress activity log still helps because it allows you to notice the malicious change, though it is very difficult to findd out who it was.

Improve the security of your WordPress website – do not use shared WordPress logins

WordPress security is more than using strong passwords and installing a firewall and a comprehensive WordPress activity log plugin. It is also about employing security best practices. Some might require a lot of effort, but some others are very easy to implement and once implemented they make your life easier and your WordPress website more secure – such as not using shared WordPress logins.

WordPress Hosting, Firewall and Backup

WP White Security is hosted on A2 Hosting, protected with BBQ:Block Bad Queries Firewall and backed up with BlogVault online WordPress backup service

Leave a Reply

Your email address will not be published. Required fields are marked *