Description
This plugin allows you to quickly swap between user accounts in WordPress at the click of a button. You’ll be instantly logged out and logged in as your desired user. This is handy for testing environments, for helping customers on WooCommerce sites, or for any site where administrators need to switch between multiple accounts.
Features
- Switch user: Instantly switch to any user account from the Users screen.
- Switch back: Instantly switch back to your originating account.
- Switch off: Log out of your account but retain the ability to instantly switch back in again.
- Compatible with Multisite, WooCommerce, BuddyPress, bbPress, and most two-factor authentication plugins.
Security
- Only users with the ability to edit other users can switch user accounts. By default this is only Administrators on single site installations, and Super Admins on Multisite installations.
- Passwords are not (and cannot be) revealed.
- Uses the cookie authentication system in WordPress when remembering the account(s) you’ve switched from and when switching back.
- Implements the nonce security system in WordPress, meaning only those who intend to switch users can switch.
- Full support for user session validation where appropriate.
- Full support for administration over SSL (if applicable).
Usage
- Visit the Users menu in WordPress and you’ll see a Switch To link in the list of action links for each user.
- Click this and you will immediately switch into that user account.
- You can switch back to your originating account via the Switch back link on each dashboard screen or in your profile menu in the WordPress toolbar.
See the FAQ for information about the Switch Off feature.
Other Plugins
I maintain several other plugins for developers. Check them out:
- Query Monitor is the developer tools panel for WordPress
- WP Crontrol lets you view and control what’s happening in the WP-Cron system
Privacy Statement
User Switching makes use of browser cookies in order to allow users to switch to another account. Its cookies operate using the same mechanism as the authentication cookies in WordPress core, which means their values contain the user’s user_login
field in plain text which should be treated as potentially personally identifiable information (PII) for privacy and regulatory reasons (GDPR, CCPA, etc). The names of the cookies are:
wordpress_user_sw_{COOKIEHASH}
wordpress_user_sw_secure_{COOKIEHASH}
wordpress_user_sw_olduser_{COOKIEHASH}
User Switching does not send data to any third party, nor does it include any third party resources, nor will it ever do so.
See also the FAQ for some questions relating to privacy and safety when switching between users.