How to Share Account Access without Risk or Verification Checks

How do online marketers manage dozens to hundreds of accounts?

You have everything from social accounts to merchant accounts for yourself and your clients. Each account needs to be accessible by different people, such as VAs (virtual assistants) and team members, over the span of any given project. You need an efficient way to grant access without setting off verification alarm bells on the account platforms, and of course, you need everything to be done in a secure way.

There are three ways marketers share account access – they are offline storageonline storage, and session sharing. Below, we will detail each method of account management and help you understand which one is superior to the rest.

The three ways to manage many accounts

Offline sharing

When you give someone a plain-text password and he or she logs into the account on his or her own machine, that is offline sharing.

Offline sharing is quick and easy, but not secure, nor efficient.

  • Someone else has the password. If that person goes rogue with the account, it’s a hassle, and may lead to financial loss. Even if he or she is the most trustworthy VA or member of your team, if he or she mishandles your password or his or her machine is not secure, someone else may easily compromise the account.
  • Security checks will be problematic. All major platforms do location verification and other security checks upon login. Logging into any account through a separate machine will throw up red flags and trigger calls for verification, like the “Name Your Friends” on Facebook and the “Verify Through SMS” on PayPal. These checks are inconvenient, and accounts may even be suspended or banned if too many red flags appear. Stranger things have happened.

Online sharing

When you share passwords with someone else’s computer through a tool like LastPass, that is online sharing.

Online sharing is slightly more secure, but still not completely safe, and still prone to problems.

  • Security checks will still detect unusual access. The person accessing the account does not have to physically type the password, but the account platforms are still aware that the normal user is not logging in. Inconvenient security checks like “Name Your Friends” on Facebook and “Verify Through SMS” on PayPal will still come up.
  • Malicious receivers can still discover the password. Ultimately, the password shared online needs to be entered from the receiver’s machine in plain text. As such, the password needs to be stored on the receiver’s machine in a non-encrypted way. Any savvy user will be able to locate the password and save it without your knowledge.
  • Password may be intercepted. A man-in-the-middle attack is possible if you or the receiver of the password does not have a secure machine. A third party may gain access to the account without your knowledge.

Online sharing is overall better than offline sharing – but there is only one 100% secure way to share accounts without throwing up red flags on account platforms.

Session Sharing

Multiloginapp allows you to share your session with any other Multiloginapp user. By sharing your session, you avoid every problem that occurs with online and offline sharing!

  • No password sharing necessary. Instead, a cookie file is transferred to the other user. Inside that file is an active session ID. When the other user visits a website, the website will request the cookie file, see the active session ID, and log him in to the corresponding account automatically. The other user does not need the password to log in, and he has no way of changing the password once logged in.
  • Cookie transfer is completely secure. The cookie file is transferred with asymmetrical encryption, which means it is encrypted with the other user’s public key and can be decrypted only with his private key. In essence, even if the cookie file is intercepted, the hijacker will not be able to decode it or use it to gain account access.
  • Security checks don’t happen. Multiloginapp creates a virtual environment for the other user that emulates a physical machine. As such, account platforms cannot detect that the account is being accessed through Multiloginapp. The other user can be in a different country or using a different operating system, but because of Multiloginapp’s approach, the account platforms always think the original machine is accessing the account. Every possible security parameter is being spoofed!

As you can tell, session sharing is the superior approach. If you are a marketing agency or independent marketer sharing account access with team members or VAs, to do it correctly, you must use a tool like Multiloginapp.

Taking the lazy route (through offline or online storage) can lead to security checks and possible account suspension, and you leave yourself vulnerable to anyone in the middle who intercepts the plain-text file or cookie file. Also, your team members and VAs gain access to (or can gain access to) the passwords themselves, every time.

Multiloginapp solves all of those potential problems. Account platform security checks are avoided, team members and VAs never see the real password, and asymmetrical encryption removes the risk of a man-in-the-middle attack.

Click here to download Multiloginapp and get started with secure, efficient account sharing today.

(Session sharing is available for both free and paid Multiloginapp users.)