Isuso Works Solutions
Home Knowledge Base Creating and Managing User Accounts
Back to Knowledge Base
Getting Started Last updated: January 2026

Creating and Managing User Accounts

7 min read
1,347 views
96% helpful

Setting up your website begins with getting the right people access. Whether you are creating your own admin account, inviting team members, or setting up customer accounts for an online store, this guide walks you through every step of account creation and management.

1. Types of User Accounts

There are two broad categories of accounts on your website:

Admin / Team Accounts

For people who manage the website: owners, editors, developers, marketers. They log in to the backend dashboard to update content, manage products, or configure settings.

Customer / Public Accounts

For visitors who register on your website: e-commerce customers, community members, newsletter subscribers. They interact with the front-end of your site.

2. Setting Up Your Admin Account

Your admin account is created during your website's initial setup. After launch, secure it properly:

  1. Change the default admin username

    If your platform defaults to "admin" as the username, change it immediately. Automated attacks commonly target this username.

  2. Set a strong, unique password

    Use a password manager to generate a password of at least 16 characters. Never reuse passwords from other services.

  3. Use your business email address

    The admin account should use a business email (e.g., yourname@isusoworks.ca) rather than a personal Gmail or Yahoo address.

  4. Enable two-factor authentication

    This is your most important security step. See our 2FA guide for setup instructions.

3. Inviting Team Members

To give a colleague or contractor access to your website backend:

  1. Go to Users in your dashboard

    Navigate to Users > Add New or Team > Invite Member.

  2. Enter their name and email

    Use their professional email address. This is where the invitation and system notifications will be sent.

  3. Assign the correct role

    Choose the minimum role needed for their work. See our User Roles guide for a detailed breakdown of permissions.

  4. Send the invitation

    Click Invite or Add User. The team member receives an email with a link to set their password. The link typically expires after 24-48 hours.

Provide an Onboarding Document

When inviting a new team member, send them a brief document explaining: what they have access to, any content guidelines, who to contact if they have questions, and where to find key areas of the dashboard. This reduces the number of support requests you receive.

4. Customer Account Registration

If your website has an e-commerce store, membership area, or requires login to access certain content, customers can create their own accounts. Configure this in Settings > Accounts or Settings > General:

  • Allow Registration: Enable this to show a registration link to visitors
  • Default Role: Set new customer accounts to Subscriber or Customer role only
  • Email Verification: Require customers to verify their email before their account is activated. This prevents fake or mistyped email addresses.
  • Account Page: Create a dedicated "My Account" page where customers can view order history, update their address, and change their password

5. Password Resets and Account Recovery

When a team member or customer cannot log in:

Self-Service Password Reset

Most platforms include a "Forgot Password?" link on the login page. The user enters their email, receives a reset link, and sets a new password. This is the preferred method as it does not require admin involvement.

Admin-Initiated Reset

If the user no longer has access to their email, an admin can manually set a new password from Users > Edit User. After resetting, notify the user through a secondary channel (phone or another email address).

6. Deactivating and Deleting Accounts

  • Deactivate (preferred for team accounts): Changes the account status to inactive. The user cannot log in but their content history is preserved. Useful when someone goes on extended leave.
  • Delete: Permanently removes the account. You will be prompted to reassign any content they authored to another user. This action cannot be undone.
  • Customer account cancellation: Customers may request account deletion under privacy laws (e.g., GDPR, PIPEDA). Accommodate these requests promptly and document that you did so.

Regular User Audits

Review your Users list every quarter. Remove accounts for people who no longer work with you, deactivate accounts that have been inactive for over 6 months, and verify that no account has more permissions than it needs. This is one of the simplest and most effective security practices.

7. Summary

A well-managed user system keeps your website secure and your team organized. Key takeaways:

  • Secure your admin account with a strong password and 2FA from day one
  • Invite each team member with their own account and the lowest role they need
  • Require email verification for customer self-registration
  • Remove or deactivate accounts when team members leave
  • Conduct a user audit every quarter

Related Articles

Understanding Your Website Dashboard

Navigate the admin dashboard with confidence

Managing User Roles and Permissions

Control what each team member can access

Implementing Two-Factor Authentication

Add 2FA to all admin accounts

Getting Started with Your New Website

Complete setup guide for new site owners

Was this article helpful?

If you need further assistance, please contact our support team.

Table of Contents

Need More Help?

Email Support

info@isusoworks.ca

Phone Support

+1 (613) 699-4088