Overview
Admin access should be limited, intentional, and reviewed. Too many administrators increase risk and make accountability harder.
When this helps
Use this article when adding staff, granting contractor access, resetting passwords, or reviewing site security.
Recommended steps
- Give users the lowest role that matches their task.
- Avoid sharing one login across multiple people.
- Remove temporary users after the work is complete.
- Use strong passwords and two-factor authentication when available.
- Review admin users after staff or vendor changes.
Information XMLA may need
- User name and email
- Role needed
- Reason for access
- Access duration
- Whether the user should receive notifications
Next step
Ask XMLA to review admin users if you are unsure who still needs access.
