---
title: Stop sharing one password with your library volunteers
Metadescription: One shared password for library software fails the day a volunteer leaves. Give each volunteer their own sign-in to the one shared library instead.
Display description: One shared account means you can't remove a departed volunteer without resetting everyone, and nobody can tell who recorded what. Each volunteer should have their own sign-in to the one shared library.
author: Dan Edwards
author_role: Founder
author_url: https://danedwardsdeveloper.com
author_linkedin: https://www.linkedin.com/in/dan-edwards-developer
published: 2026-07-02
---

Token estimate: ~2,000

# Stop sharing one password with your library volunteers

By **[Dan Edwards](https://yourbooknest.com/contact)**, Founder.

Every volunteer who helps run a library should have their own sign-in - one account each, all opening the same shared library. The alternative, one account with a password everyone knows, feels simpler and works fine right up until a volunteer steps down, a loan gets recorded against the wrong person, or the note with the password on it goes missing.

The shared password fails in three predictable ways.

## You can't remove one person without resetting everyone

When a volunteer moves away, falls out with the committee, or just quietly stops turning up, they still know the password. The only way to take their access back is to change it - which locks out every current volunteer at once.

Then the new password has to reach everyone. Someone misses the email, turns up for their desk shift, and can't sign in with a line of patrons waiting. So the password quietly doesn't get changed, and a growing list of past helpers keeps access to the library records indefinitely.

With individual sign-ins, none of this happens. Remove the one person who left. Everyone else carries on, unaware anything changed.

## Nobody knows who did what

With one shared account, every checkout, return, and edit was made by "the library". When a book is marked returned but still out, or a loan is closed against the wrong copy, there is no way to tell who recorded it - so there is no way to work out what actually happened, and no way to spot that one volunteer keeps making the same honest mistake and could use five minutes of help.

This is not about blame. Volunteers make mistakes because nobody showed them the right way. Knowing which sign-in did what turns "someone keeps doing this wrong" into "let me show Margaret the returns screen".

## The password ends up public

A password that several people need is a password that gets written down - on a sticky note under the keyboard, in a group email, in the church WhatsApp thread. It gets forwarded to each new helper, and each forward widens the circle. Within a year it is not a secret in any meaningful sense.

That matters because the account doesn't just guard the catalogue. It guards your borrowing records and whatever contact details you keep for patrons - names, phone numbers, addresses. A community library runs on trust, and "anyone who has ever helped out, plus anyone they forwarded the message to, can read every patron's details" is not what patrons signed up for.

## Why libraries end up sharing one password anyway

Rarely laziness. Usually pricing. A lot of library software charges per manager, per seat, or per terminal, so a volunteer library with six rotating helpers faces a bill that grows with every extra pair of hands - and shares one account to dodge it. Per-seat pricing taxes exactly the thing a volunteer library does most: adding and losing helpers. There is a full look at that pricing shape in [library software that doesn't charge per user](/articles/library-software-that-doesnt-charge-per-user).

The other reason is history: the library started as one person and a spreadsheet, and the single account simply never got revisited as the team grew. [Running a lending library with volunteers](/articles/how-to-run-a-lending-library-with-volunteers) covers that growing-up moment more broadly.

## What good looks like

-   Each volunteer signs in with their own account, to the one shared library - the same catalogue, the same patrons, the same loans.
-   Adding a new helper takes a minute and touches nobody else's access.
-   Removing a departed helper removes only them. No reset, no redistribution, no lockouts.
-   Every checkout and return is recorded under the person who made it.

## How Your Book Nest helps

Your Book Nest calls this the Team. Each volunteer gets their own sign-in to the shared library, added and removed freely as helpers come and go - and it costs nothing extra, because up to 20 team sign-ins are included in the flat £45 | US$60 | €50 | CA$85 | A$85 | NZ$100 a year plan, and on the free tier (under 100 items) too, with no per-seat charge. It runs in the browser, so each helper signs in from their own phone as easily as from the desk computer - access belongs to people, not to a machine that stays logged in.

Patrons never need accounts at all - a patron is just a name until you choose to give one a read-only sign-in to browse the catalogue and see their own loans and due dates. You can try the whole thing in [the demo on the home page](/), which is a working library with no account and no card.

The [roadmap](/roadmap) lays out what is being built next, and what is deliberately left out.

## If you must share for now

A shared password is genuinely fine for a library run by one person - there is nobody to share with. And if your current software charges per seat and switching is not on the cards this year, the damage can at least be contained: change the password the same week anyone steps down, keep it out of group emails and message threads, and keep a simple desk schedule so you can roughly attribute a given day's records to a given helper. These are mitigations, not fixes - the fix is software where each volunteer is a person, not a password.

## Q&A

**Q: Why is sharing one password with library volunteers a problem?**
A: Three reasons. You cannot remove a departed volunteer's access without resetting the password for everyone at once. Every action is recorded anonymously, so mistakes cannot be traced or gently corrected. And a password several people need inevitably gets written down and forwarded until it is effectively public, along with the patron records behind it.

**Q: What should happen when a volunteer leaves the library?**
A: Their access should end that week, without disturbing anyone else. With individual sign-ins that is one click - remove their account and every other volunteer carries on unaffected. With a shared password it means changing it and redistributing the new one to the whole team, which is disruptive enough that it usually just doesn't happen.

**Q: Is it safe to keep the library password on a note by the desk?**
A: No. The account guards more than the catalogue - it guards borrowing histories and any patron contact details you keep. A note by the desk means anyone passing the desk has full access. If several people need to sign in, the answer is several sign-ins, not a better hiding place for the note.

**Q: Does giving every volunteer their own sign-in cost extra?**
A: With some library software, yes - it is common to charge per additional manager, seat, or terminal, so the bill grows with every helper. Your Book Nest includes team sign-ins in its flat plan, so a library with six volunteers pays the same as a library with one.

**Q: Do patrons need their own accounts too?**
A: No. In Your Book Nest a patron is just a name the librarian records - no account, no email, nothing for them to set up. If a patron would like to browse the catalogue or check their own loans and due dates from home, the librarian can give them a read-only sign-in, but it stays optional.
