Editor accounts vulnerability
- Editor accounts do not have 2FA.
- No log-in or access records of Editors as well.
Team plan lacks access control function
- Team plan members share the same access right to all folders and projects.
Inviting external designers and developers exposes huge vulnerability risks.
- Transferring a site away for development is not appropriate in many cases. It does not protect the client’s interest and property ownership. This way is not ideal for any live site as well.
- As an agency, we cannot provide “Designer” to a client by adding them as a team member, as that will expose all other projects under our account.
Some similar post mentioned this before, like this one:
Inviting developer to work on my site without creating Team