Browser Access vs
WP Admin Back End
Particularly when working with staging sites users may notice there are two sets of access details so the below guide lays out the difference between the WP admin back end access and the browser access.
Browser Access Details
They are displayed as a pop up within the browser window and the site will not become visible until the correct details have been displayed, as below:
However, to access the back end of the website to make changes or add new content, users will need to log in using the WP admin back end details.
WP Admin Back End Details
Each user who requires access to the back end will have their own, unique set of back end log in details.
Clients should remember to remove access for users who no longer require it; if their job role changes or they leave the organisation, for example. Two factor authentication is another good way to keep this access secure, so we recommend all sites have this enabled.
To enter the WP admin back end details users will need to visit a specific link to view the log in screen, as below:
A few helpful things to note:
- Browser access allows users to view the front end of the website, back end access allows users to view the back end of the website and make changes to website content.
- Typically there will be one set of browser access details for all users, whereas each individual user should have their own back end access set up.
- Browsers treat the HTTP and HTTPS version of the domain as two different domains and you will have to enter the details twice when you visit the HTTP version first and then get redirected from HTTP to HTTPS.
- Browser access is typically only used on staging sites or pre-launch live sites.
- Live sites typically only require back end access as the front end will be publicly viewable.
- Browser access details and back end details should always be different.
- Back end details should always be secure and unique to each specific log in.
- It’s important to reset back end passwords periodically and ensure they are only stored in a secure, encrypted service.
- We recommend setting up two factor authentication for all back end logins.