If you’re a design partner, you will be asked to give other users access to sites above the owner. This is a normal request and something many businesses will want and need. But how you give them access matters, big time.
Let’s make sure you’re doing it the safe way.
Never add customers as users in your design studio.
We’ve had real-world cases where a design studio login—created for a customer—has been compromised due to a leaked password. That one login gave access to the full Rocketspark experience for the site they were connected to, including:
Changing the website owner details Attempting to buy domains and emails Potential exposure to website defacement
It could’ve been much worse. The important takeaway? Your studio is for your team, not your clients. Only people who work for your business, and manage devices and passwords to your security standards, should be design studio users.
Use the ‘teammates’ feature instead
The right way to give your client access is by using the Teammates feature on their website. It’s easy to do, and much safer. Inviting team members to a site
Here’s why:
- You (the studio) stay in full control.
- Your client gets access just to their website.
- You can limit what they can see or change
- Only the official website owner has admin powers—and this can’t be changed
- You’re protecting your design studio, other client sites, and your reputation
How to add your customer as a teammate
Some quick tips
- Talk it through with your client before giving access—make sure they’re confident about what they’re doing.
- Use strong passwords and encourage your client to do the same.
- Keep studio users to actual team members only—people who’ve signed a contract and are following your internal security practices.
Got questions? We’re just a chat away. Let’s keep building beautiful (and secure!) websites together