Skip to content
LitePassword
Sign in Get started — free
← All posts
May 18, 2026 securityhow-toremote-work

How to share login credentials with a virtual assistant

A practical pattern for giving your VA real access to inbox, scheduler, social, and project tools — without iMessage screenshots and without sharing your master account.

Quick answer. To share login credentials with a virtual assistant safely: (1) invite them to a zero-knowledge password manager as View only with their own personal email, (2) put only the credentials they actually need into one “VA access” shared vault, (3) for Gmail/Workspace, use Google’s official email delegation instead of sharing your password, (4) for everything else (scheduling, social, project tools), grant per-vault access in the password manager, (5) when the engagement ends, revoke their account — vault keys rotate, their cached copies become useless, and you rotate any high-value credentials on the source tool. The whole setup takes about 5 minutes. Free with LitePassword.

The reality of virtual assistant access

A typical VA needs:

  • Your calendar (Calendly, SavvyCal, or direct Google Calendar)
  • Your inbox (to triage and reply on your behalf)
  • Your social accounts (LinkedIn, Instagram, X for scheduling posts)
  • Your project tools (Notion, Linear, ClickUp)
  • Sometimes: scheduling tools, mailing list managers, Canva

That’s 6-10 tools. The “just text me the password” pattern works for one of them. By the third you’ve got plaintext credentials in three different messaging apps.

The first move: stop sharing master accounts

Don’t share your Google/Microsoft/Apple account password with your VA. Ever. Those accounts have access to too many connected services — payments, contacts, files, location history.

Instead, for email specifically, use delegation:

  • Gmail / Google Workspace: Settings → Accounts → Grant access to your account. They can read and send mail on your behalf without seeing your password or accessing connected services.
  • Microsoft 365: Mailbox delegation (similar concept).
  • Apple: Use Mail’s send-on-behalf via shared accounts; iCloud account sharing is much more involved and usually overkill.

For everything else (Calendly, Instagram, Notion), use the shared-vault pattern.

The shared-vault pattern for VA access

  1. Create a dedicated vault. Name it “VA access” if you have one VA; “VA — Sarah” if you have multiple.
  2. Add only the credentials they need. Calendly, Instagram, Notion project, Canva, mailing list manager. Not your bank, not your AWS, not your password manager itself.
  3. Invite the VA as View only. They can read what you grant; they cannot create or invite.
  4. Grant per-vault access. Manage Vault Access → toggle on the one vault.
  5. Send them the signup link. “Sign up at app.litepassword.com. Your access will be ready.”

They sign up, set their own master password, save their recovery key (their problem, not yours). They unlock the vault and have what they need.

What stays out of the vault

  • Your master account credentials (Google, Apple, Microsoft).
  • Banking and payment tools unless they’re specifically scoped (e.g., Stripe restricted key for a reporting tool).
  • Any credential that, if leaked, would let an attacker pivot to another system. Even if you trust the VA, you’re managing the blast radius if their device is compromised.

How to handle “I need to send email as you”

Don’t share your inbox password. Use delegation (above). The VA sends from their own browser, signed into their own Google account, with delegated permission to send-as you. The audit trail shows them as the actual sender; your password never leaves your hands.

For platforms without delegation (some niche tools), use a service account with its own credentials — never your personal account.

When the engagement ends

Step 1 — Revoke the VA’s account. Users → Revoke Access. Vault keys rotate. Their cached copies become undecryptable. Instant.

Step 2 — Rotate any high-value credentials. For credentials they used heavily (Calendly main login, primary social account), rotate the underlying password on the source tool. The VA might remember the value; rotation invalidates that memory.

Step 3 — Remove delegation. In Gmail/Workspace settings, remove their delegation. They can no longer send-as you regardless of whether they still have any other access.

Multiple VAs over time

If you rotate VAs every 6-12 months, give each their own LitePassword account with View only access. Don’t reuse the same account for VA #2 — that defeats per-user audit.

The Family plan ($5/mo for 5 users) covers two concurrent VAs plus you and a partner comfortably. The cost scales with VA turnover only if you exceed 5 concurrent users; otherwise it’s a flat $5/mo regardless of how many VAs you’ve had over the year.

Summary

  1. Delegate email instead of sharing email passwords.
  2. Use a per-VA vault with View only role and per-vault access for everything else.
  3. Their own account; never share yours.
  4. End of engagement: revoke + rotate high-value credentials.

Create your free LitePassword vault →

Stop sharing passwords in Slack messages.

Create your account in under a minute. Pick a master password. We'll generate your recovery key for you.

Try LitePassword — free → See how vaults work