January 23, 2007When do you log in as Administrator?
Comments (9) Hopefully very rarely. 
We recently published this bit of advice on the phpBB Doctor board, and thought this blog post might provide some more details.
My background is systems and database administration. As a result, there are a number of practices that I carried from that environment into my phpBB work. One of those practices is that you never log in as the administrator of the system unless you need to actual perform administrative duties. Things like adding new forums or groups, changing permissions, or banning users are all administrative tasks. They should be performed by an administrator.
Thinks like posting new topics, replies, voting in polls, actually using the board… well, those actions should be done by users. Why?
The forum post touches on the main points, I think. You don’t want to use the system as an administrator all the time because everything always works. Administrators have all of the power on the system. There’s no real way to check if MODs or standard features are working unless you actually log on as a user (or possibly a moderator). It just makes sense.
But the more important result of using the system while logged in as the administrator account is that your personal posting history gets mixed up with the board announcements and other “official” board stuff. What happens if you decide to move on, and you want to pass on administrator duties to someone else? Obviously your user account can be demoted from Administrator to User, but what does that do to all of the administrative posts? What if you (as the administrator) were the owner of the various security groups? That has to be fixed.
And you would not want to simply turn over your account to someone else, that would be far worse. Now someone can say something else with your name on it. 
In the long run you are going to be much better off if you have an administrator account (my suggestion is to use the site name as the administrator account name) and a separate user account for yourself. For example on this site the administrator is named phpBB Doctor. There is a test account named phpBB Patient. 
And then there is my personal account (which has moderator status) of “Dave Rathbun” to go along with those two.
The biggest forum that I run is nicknamed “BOB”, therefore the administrator account is named “BOB” as well. As with most boards the administrator account is the very first registered account. Who was the very next registered user? Someone named Dave Rathbun. 
So I feel that the advice is sound: you should always have an administrator account that is used to administer the system, and a user account that is used to use the system. It just makes sense, for so many reasons.
Comments (9)
I personaly like to be able to set options fast, without having to switch to another account… But it would probably work great.(if I had a little more patience)
Comment by Ganon_Master — January 23, 2007 @ 3:07 pm
Heh… how often do you need to set or change your options? I bet it’s not every day, right?
Comment by dave.rathbun — January 24, 2007 @ 2:35 am
What if your board is named Dave Rathbun?
Comment by damnian — January 24, 2007 @ 7:46 am
@Dave: Ever heard of the RPG MOD called ADR?
Expanding the RPG world, updating the Quests and adding items, classes, races, elements, alignments etc. Quests should be added/updated every week/two weeks to prevent your most loyal users from leaving the site if they complete quests.
But a vanilla phpBB doesn’t require that much updating…
Comment by Ganon_Master — January 24, 2007 @ 4:28 pm
@damnian, if your board is named Dave Rathbun I want royalties.
@Ganon_Master: No, I have not heard of that MOD. To be honest, I have tried to stay away from the RPG aspects of phpBB, as I already spend enough time hacking around with it as it is now. I really enjoy RPGs and played them extensively during my college years, and beyond. But I just don’t have the time to do so now.
Which wasn’t your point, of course.
Even if you are updating your board every week I suggest that logging in as an Admin to perform those updates and then logging in as a user to use the board is the best way to manage your system.
Comment by dave.rathbun — January 24, 2007 @ 10:01 pm
Oh for something like ’su’ to make this an easy task.
I wonder with phpBB3’s new permissions system where you can get the permissions of another user if some clever MOD might be possible.
Comment by Esmond Poynton — January 25, 2007 @ 10:21 am
Oooh, very cool idea!
The idea of a “su” MOD is actually quite interesting. It would be easy enough to do, as there is already an extra “admin challenge” login screen. Seems like it could be possible, even for phpbb2.
Welcome, Esmond, to my blog, thanks for your comment.
Comment by dave.rathbun — January 25, 2007 @ 11:53 am
phpBB3 has a su-like feature which allows an admin to assume the permissions of an arbitrary user. It’s called “Test out user’s permissions”.
Comment by damnian — January 25, 2007 @ 7:04 pm
@damnian, thanks for the input. Does it work the other way? Meaning can a normal user “su” to admin in order to do admin-type tasks?
Comment by dave.rathbun — January 25, 2007 @ 7:14 pm