I have setup Bitnami WordPress on EC2. I can login to wp-admin through the browser. I can login to phpmyadmin through SSH tunnelling. I can connect through sftp using filezilla and the pairing key.
I need to give access to an outsourced developer to upload a wordpress site on the server.
How do I do this securely, so that once he has done his job, he can never login again?
If I give the developer the exact login data and pairing key, I am worried I will never be able to revoke access.
I could change the password manually for wp-admin. However, I am not sure if that will solve phpmyadmin. Then, how do I ensure the pairing key wont't always grant access once they have a copy of it?