Create Magento 2 Admin Users:

System>Permissions>User Roles


Magento 2 allows for multiple user roles to be created that define access levels in the Magento Admin.


It is HIGHLY recommended that users that are logging into the Magento Admin are ONLY granted access to the specific areas that are required for them to perform their responsibilities.


Under Role Resources, "Custom" permissions can be defined by selecting the specific functions that the Role should have access to:

It is important that every unique user that will be accessing the Magento 2 Admin has their own login. This will allow you the ability to track which user has performed various operations and quickly deactivate a user when they should no longer have access.


System>Permissions>All Users


Note: Make sure you DELETE the Magento user "Admin" or "Administrator". This user is created by default and is a potential security risk for brute force attacks.