User roles and capabilities: least privilege for staff editors
Short answer: Not everyone needs Administrator—give editors the minimum rights to do their job and protect billing settings.
Shared passwords and everyone-as-admin is how NZ sites get silently defaced or invoicing plugins misconfigured.
Sensible defaults
- Editor or Author for content staff; Shop manager for WooCommerce staff without full admin.
- Separate accounts per person—no shared “marketing@” logins.
Capabilities plugins
Use carefully—document custom roles and review after staff changes.
Offboarding
Remove users promptly; rotate API keys for integrations they accessed.
Frequently asked questions
Should the agency keep an admin account?
Sometimes—use a named support account with MFA and a contract covering access periods.
What about contractors?
Time-bound accounts plus activity logging beats “here is the owner password”.