It’s 8 p.m. Do you know where your website passwords are?

Jeffrey AbbottSpiro Blog, Uncategorized

Website Passwords

We encounter them weekly. The blank stare in the meeting with a new client. The uncomfortable pause on the phone. The answer, “I’ll get back to you.” The response, “My former agency, web developer, neighbor, niece has it.” All from the simple question, “can we get access to the back-end of your website?”

Confused, QuestionsIn today’s world, your website is your global calling card, and we recommend its back-end access be kept with your important business information. While you don’t need to know the technical jargon of the web wizards, you do want to know the four basic components of website access, its functions, and how to protect yourself from misplacing this information.

Most of the time, website access comprises four components: the domain registrar, the hosting, the Content Management System (CMS) and analytics tracking. Back in the good-ole’ days when websites were done in Dreamweaver or FrontPage and Google was but a dream of two college kids, you only needed the domain registrar and hosting access.

For each of these, you will need to at least have a user ID, password and email tied to said account. We stress that you make this email a generic one, such as webadmin@mycompany.com or a group email address. This way, it will not be tied to an employee or a specific person. Also, make sure you note the access of this email account, along with other user IDs and passwords.

 

Domain Registrar 

The domain registrar is probably the single most import portion of these passwords. Why? With it, if needed, you can completely recreate your website. A domain registrar is where the name of your website is registered with ICANN (Internet Corporation for Assigned Names and Numbers). You don’t technically “own” your domain, but you are leasing it from an ICANN-blessed domain registrar. While there are thousands of domain registrars, two popular ones are GoDaddy and NetworkSolutions.

In your domain registrar files, you will usually want to record:Password Lock

  • Domain registrar web address (URL)
  • Account name or number
  • Username
  • Password
  • Pin (Sometimes)
  • Email tied to the account (Sometimes, this can be the account name and/or the username)
  • Email account access, if it is not a regularly used account (usually username and password)

 

Hosting Account

Your hosting account is where your files live on the internet, so that others can view them. There are various levels of access you could have: account access, FTP access, database access, etc. Generally, you will want to have account access, since FTP access, database access, etc. fall under this umbrella. Some web developers don’t like to share this information, as this often means sharing one account for multiple sites. This makes it hard for you to move on, should you decide to. If possible, ask for a separate account. Two popular hosting accounts are GoDaddy and HostGator. Without getting into all the different variants of hosting (that is another blog post), we generally recommend GoDaddy to individuals and small businesses for their offerings and level of customer support. Do note, GoDaddy offers hosting, as well as domain registrar services, making it a one-stop shop.

You will usually want to record these for your hosting account:

  • Hosting account web address (URL)
  • Account name or number
  • Username
  • Password
  • Pin (Sometimes)
  • Email tied to the account (Sometimes, this can be the account name and/or the username)
  • Email account access, if it is not a regularly used account (usually username and password)

 

Content Management System (CMS)

For all intents and purposes, most modern websites are built with a CMS system. These systems separate the logic/content from the “look and feel” of the website. They also allow nontechnical users to update the sites easily. Some examples are WordPress, Joomla and Drupal. There are different levels of access on most CMS systems. You want to have administrator (or admin) access. This level of access is the easiest to obtain, should it not be given. There have been situations where we had to inject admin users or reset passwords when the reset password mechanism was not functioning. To do so, we would need hosting account database access.

Generally, the information you would want to record for the CMS is:

  • Website back-end web address (URL)
  • Admin Username/User ID
  • Password

 

Analytics Access

Lastly, you should have access to your analytics tracking. This records how well your website is doing, such as the number of views, new users, what users are looking at, where users are coming from and how long users stay on your site. While there are other types of analytics tracking, most use Google Analytics and/or the Facebook tracking pixel. At the bare minimum, you will want Google Analytics applied to your site. This level of access is not as simple as a user ID and password. It is implemented by granting access to a Google account – which is an account with Google that is tied to various services: Google Analytics, YouTube, Google Docs, Google+, etc. To sign up for a Google account, click here.

Record this information to said Google account, so you can grant access to the analytics:

  • Google account email/username
  • Google account password

 

Why should you have this access? Control. It is your business and your global calling card. You should have access, should you need to move the site, update the site or even turn it off, if necessary. As the big boss, Mr. Spiro, is fond of saying, “Time is our biggest commodity.” About one-third of our time in the Agency web department is spent tracking down website or social media access for our clients. As it is said, “an ounce of prevention is worth a pound of cure.” Knowing and keeping this information safe will save you time and money.Jeffrey Abbott

You can do all this … or simply hire Spiro & Associates to do it for you!

Jeffrey Abbott is a senior web developer and software engineer at Spiro & Associates, and has over 20 years of web and software development experience. His job is not only to make sure your website looks as great as the designers envisioned it, but that it functions and is secure.