So you’ve just gotten a developer/designer/marketer to improve your store. You are both clear what will be done and the next step is you give them access to your Shopify backend.
You’ll be surprised, but there is a wrong (riskier, slower) and a right (safer & quicker) way to do this.
Are you sharing your username/pass combo with someone?
The busier a you become as a store owner, the more you favor just giving up any control over your store in favor of completing a task quicker.
This usually happens by sharing a username and password with the expert you’ve hired. And in order to make this in a (seemingly) secure fashion, you may share the password using a password management service like LastPass.
This workflow seems simple at first, but because of the security risks, it’s actually not worth it.
Here is why:
By sharing your Shopify password between a group of people you can no longer track who did what on your store. Because all actions and access are hidden under the same account (you’re sharing the username/password combo in between, what, like 5-6-7 people internally?) all the access logs and action logs data is mudded and becomes unusable.
Access logs show you who accessed what, when and in some cases what did they do.
Who’s to blame?
When your theme fails, an app slows down your website or an order gets missed, who are you going to blame? How are you going to track who’s fault is it? Not that you need to “blame” someone, but when knowing who is responsible helps you pinpointing the exact fault and how you can reverse the problem.
Passing passwords around may have suited some kind of an internal workflow for accessing shared accounts 10 years ago. In such a scenario everybody gets access to a profile and nobody cares about clearance levels and security.
This practice gets more and more dangerous with every year, especially when you are running an online business with hundreds of people on your store at any given moment.
Your business depends on your store running without hiccups.
What if I told you there is a safer, simpler way?
People in big companies like Shopify have thought over and over this weak spot of sharing access. That’s why apps you may happen to need have collaboration features and user-management built in.
The guys from Shopify know that you are not going to work alone on your website. Running a profitable e-commerce store usually requires a team. Or at least some outside assistance.
That’s why if you have somebody on your team that you want to have on the store’s backend, you can give them a staff account with full or limited access. It happens in just a number of clicks.
Staff accounts give you a more granular way of separating the user access compared with sharing the same admin password among your collaborators. Even if the person needs admin privileges, it is still better if they have their own account (separate from the store owner’s) whose actions you can check up on.
For example, staff accounts can’t approve payment for apps, just store owners can. Would you give that power to just about anyone?
So next time you need to invite a person to work on your Shopify store, please don’t share your admin password with them.
And before you say “But that’s just stupid, everybody knows they shouldn’t do that”, let me tell you—I’ve seen multinational marketing agencies do this, there are 7-figure store owners who do it, too.
Create a staff account instead!
Low conversion rate on your drop shipping store?
If you get CR below 1.5% I can definitely help!
Stop suffering and check my ⚡️Shopify Conversion Optimization⚡️ service