Do you need to share your login details with a web designer, IT support person or virtual assistant? Yes there are times when you will need to. HOWEVER please DO NOT send logins in 1x email. That can be very dangerous and can get your website hacked. This blog post provides methods to securely send website logins.
When we are working with a new client who already has a website (and/or Domain Name), one of the initial questions we have to ask is: “Can you send me your login details to your hosting and website please?” Another question is, “Can you send me your Domain Name account logins?” However, sometimes before we have had a chance to explain how to do this securely, we receive an email from them with all the details in one email, including the passwords.
Please do not do this. Never send all your login details to anyone in one email. Always presume that emails are not the safest things in the world and can be intercepted. A hacker can potentially easily gain access to your website if you do this. They can then do all sorts of nasty things to it.
How to securely send logins:
There are a variety of secure ways:
- One way is to send your username in 1x email, then use your mobile phone to send the person your password. Plus if you need to, then also send another email with the login URL. This method is ok and it’s pretty quick.
- Email the username, then create a secure folder in Dropbox or OneDrive and then share the folder with the person you’ve given your username to. Plus if you need to, also include the login URL.
Quick Tip: When sharing any logins with anyone online, it is important to use one of these methods. Be very sure first that the person you are sending them to can be trusted.
Avoid using online tools like Quick Forget. They may be secure and good, but I can not guarantee that they are. If you believe they are secure, please post your reasons in the below comments. I’m also very interested in learning new things from Cyber Security experts. [I’m also familiar with this subreddit.]
IMPORTANT side-note: Please don’t do what some website designers (eg. some freelancers, agencies, amateurs, etc) suggest:
They ask you to send 2x emails. One with the login URL & username and another with the password. Hackers know this trick very well. If they see an email with a username in it, they’ll be looking for a follow-up email containing the password. If you do choose to use this method, wait at least 10 hours before sending the 2nd email (the one containing the password) and/or don’t include the login URL in either email. It’s best though to avoid using this method. One of the above 3 methods is far more secure.
Jay Daniells has been doing advanced Search Engine Optimisation (SEO) work for clients since 2010. He is an SEO specialist. He first started doing SEO work in 2005. He has also been creating websites full-time since 2003. Amongst things Jay is also a graphic designer, digital marketing consultant and creative person. His focus is helping businesses, community groups, clubs, charities, organisations and other entities achieve their goals. He is the owner of Green Valley Digital.