When your store is first installed, your login credentials give you full administrative access. As a best practice, one of the first things you should do is to create another user account with full Administrator permissions. That way, you can use one account for your everyday Administrative activities, and reserve the other as a “Super AdminThe password-protected back office of your store where orders, catalog, content, and configurations are managed.” account in case you forget your regular credentials or they somehow become unusable.
If there are others on your team, or service providers who need access, you can create a separate user account for each, and assign restricted access. To limit the websites or stores that admin users can access when they log in, you must first create a role with limited scope and access to resources. Then, you can assign the role to a specific user account. Admin users who are assigned to a restricted role can see and change data only for websites or stores that are associated with the role. They cannot make changes to any global settings or data.
On the Admin sidebar tap System. Then under Permissions, choose All Users.
In the upper-right corner, tap Add New User.
In the Account Information section, do the following:
New User Account Information
Enter the User Name for account.
The User Name should be easy to remember. It is not case-sensitive. For example, if your user name is “John,” you can also log in as “john.”
Complete the following information:
- First Name
- Last Name
- Email address
This email address must be different from the one that is associated with your original Admin account.
Assign a Password to the account.
An Admin password must be seven or more characters long, and include both letters and numbers.
In the Password Confirmation box, repeat the password to make sure it was entered correctly.
If your store has multiple languages, set Interface Locale to the language to be used for the Admin interface.
Set This Account is to “Active.”
Under Current User Identity Verification, enter Your Password.
Current User Identity Verification
In the panel on the left, choose User Role. The grid lists all the existing roles. For a new store, Administrators is the only role available.
Tap Save User.
You now have two accounts with Administrator access.
Add New User Role
With one or more authenticators enabled for the Magento Admin, you can require one or more authenticators per Admin user account. For this option, keep the Use system value checkbox checked for Force providers and enable/configure supported authenticator providers.
We recommend only enabling one authenticator per account. Users must authenticate using every authenticator you select for their account. For example, if you select Google and U2F, the user must access with a Google Authenticator code and connect a U2F device.
In the panel on the left, choose 2FA.
For Providers selected, select one or more authenticators.
Tap Save User.
Select authenticator for user
If you have issues with authenticators, see Magento Two-Step Authentication for troubleshooting and additional management tools.
Admin Password Requirements
An Admin password must be seven or more characters long, and include both letters and numbers. For additional password options, see:
Configuring Admin Security.
A quick rating takes only 3 clicks. Add a comment to help us improve Magento even more.