Two colleagues greeting a new team member in an office setting—represents the start of onboarding and the importance of setting up secure access from day one.

How to Handle Passwords When Someone Joins or Leaves Your Team

Blog

Strong password and login management isn’t just an IT task—it’s a key part of protecting your business. And it matters most during moments of change: when someone joins your team or when someone leaves.

These transitions are where access can fall through the cracks. Accounts get forgotten, passwords stay shared, or someone walks away with access they shouldn’t still have.

Here’s a clear, practical checklist for each situation.

When someone joins your team

  • Identify all systems the new employee will need access to (email, file storage, line-of-business apps, CRM, etc.)
  • Create individual user accounts in each system—do not reuse or clone another user’s credentials
  • If your team uses SSO, assign the new user to the correct SSO group or app set before their first day
  • Assign appropriate access levels based on role and responsibilities
  • Set strong, unique passwords for each account and store them in the company’s password manager. Once access is shared, prompt the employee to update passwords for accounts tied to personal workspaces.

Related Read: How to Choose a Password Manager for Your Business 

  • Turn on MFA for each account before sharing access
  • Use a password manager to grant access to any shared logins (never send credentials over email or chat)
  • Ensure the employee is trained on how to use the password manager and understands company login protocols

Related Read: A Practical Guide to Business Password Security 

  • Confirm account setup is complete and tested before their first day
  • Document all login setup steps and store in internal records
  • Schedule a review of this access at 6-month and 12-month milestones

When someone leaves your team

  • Review and list all systems the employee had access to (email, apps, shared logins, admin tools)
  • Disable all individual user accounts in those systems
  • Reclaim shared credentials and immediately reset the passwords
  • Remove the employee’s profile from your password manager and revoke shared vault or folder access
  • Review audit logs (if available) for unusual activity before departure
  • Update backup contacts or recovery details tied to their email or phone number
  • Document the offboarding steps taken, who completed them, and when
  • Communicate any credential changes with affected internal teams
  • If you’re using SSO, remove the user from your SSO platform to revoke access across connected apps

Related Read: What is SSO and Does Your Business Need It?

Login and password cleanup shouldn’t be a scramble. With a consistent checklist, you’ll avoid missed steps, reduce security risks, and give your team a smoother experience.

Want to understand how login management fits into your broader IT approach? Read Login Management for Businesses to help you avoid missed steps, reduce security risks, and give your team a smoother experience.

Horizon helps SMBs across Western Canada manage onboarding and offboarding with secure, structured IT processes that scale as they grow.