What if someone says they still need the password for a tool?

Most scheduling and analytics tools connect through Meta's official login, not by storing your password. Reconnect the tool through that flow. A tool that truly needs the raw password is one to replace.

How long does the whole migration take?

For most teams, under an hour. The slow part is waiting for people to confirm they can work under their new access — which is exactly the step you do not want to skip.

Governance

How to Stop Sharing Your Instagram Password

A clean migration off the shared login: connect the account to a Business Portfolio, assign people their roles, confirm they can work, then change the password and lock down two-factor authentication.

Moving off a shared password is a one-time migration, not an ongoing argument. The order matters: set up role-based access first and confirm everyone can do their job, and only then change the password. Done in the right sequence, nobody loses a minute of work and the shared login simply stops mattering.

If your situation is actually …

You want the case for doing this at all → Why sharing your password is dangerous →
The account is not on a Business Portfolio yet → Who should own your portfolio →

Before you start

Three things to confirm before you start.

The Instagram account is a Professional account
Role-based access runs through Meta Business Suite, which needs a Business or Creator account, not a personal one.
Verify: Instagram app → Settings → Account type and tools. Switch to a Professional account if it is still personal.
The account is added to a Business Portfolio your business owns
The portfolio is the surface where you assign people. Make sure it belongs to the business — not an agency or an individual employee.
Verify: business.facebook.com → Settings → Accounts → Instagram accounts. If it is not there, add it.
You know which role each person actually needs
A community manager needs content and messaging; a media buyer needs ads; most people do not need full control.
Verify: List your team and the one job each one does on the account before you start assigning.

Migrate the team off the shared login

Do this in one session. Assign first, confirm access works, change the password last.

List everyone using the shared login
Write down every person, agency, and tool that currently signs in with the shared password, so nobody is forgotten when you switch over.
Confirm: You have a complete list before assigning anyone.
Add each person to the Business Portfolio
Invite each teammate to the portfolio by their own email and give them Admin or Employee access as appropriate. Most people should be Employees with access to only the assets they need.
Where: business.facebook.com → Settings → People → Add
Confirm: Each person appears in the People list with a pending or active status.
Assign each person the right Instagram permissions
Open the Instagram asset and give each person only the tasks they do — Create content, Messages, Insights, Ads — instead of full control.
Where: business.facebook.com → Accounts → Instagram accounts → Assign people
Confirm: Each person shows the specific permissions you granted on the Instagram asset.
Confirm everyone can actually work
Before you touch the password, have each person sign in under their own login and do a quick test — a draft post, a reply in the inbox — so you know nothing is broken.
Confirm: Every person on your list can do their job without the shared password.
Change the Instagram password
Now change the password on the underlying Instagram account. This instantly locks out anyone still relying on the old shared credentials; role-based access is unaffected.
Where: Instagram app → Settings → Accounts Centre → Password and security
Confirm: The old password no longer works, and your team keeps working through their roles.
Turn on or strengthen two-factor authentication
Shared passwords often meant 2FA was off or its codes were passed around. Re-enable it with an authenticator app, and keep the backup codes somewhere only you can reach.
Where: Instagram app → Settings → Accounts Centre → Password and security → Two-factor authentication
Confirm: Two-factor is active and only you can complete a sign-in.

Which Instagram permission to give

Assign the narrowest set that covers the person's actual work. Full control should be rare.

Role	Where it lives	Can do	Cannot do
Business Portfolio — Admin access Can delegate to others	`business.facebook.com → Settings → People` Entire Business Portfolio	Manage all assets, people, partners, and billing Grant Admin or Employee access to others Delete the portfolio	— ⚠ Portfolio Admin is the highest privilege — protect this role tightly.
Business Portfolio — Employee access	`business.facebook.com → Settings → People` Only assigned assets	Work on specific assets they are explicitly granted	Access assets they are not assigned to Add new people to the portfolio
Instagram asset — Full control Can delegate to others	`business.facebook.com → Accounts → Instagram accounts → Assign people` Specific Instagram account	Manage everything on the Instagram account Reassign or revoke other people on this asset Connect / disconnect from other Meta assets	—
Instagram — Create content	`Asset-level Instagram permissions` Posting and content	Create posts, stories, reels Edit drafts	Run ads Reassign people
Instagram — Messages & community activity	`Asset-level Instagram permissions` Inbox and community	Read and reply to DMs, comments, mentions	—
Instagram — Community activity	`Asset-level Instagram permissions` Comments and mentions only	Reply to comments and mentions	Access DMs
Instagram — Ads	`Asset-level + Ad Account permissions` Boosted posts and ad campaigns	Run ads tied to this Instagram account	— ⚠ Ad permission typically also requires Ad Account access — a common point of mis-grants.
Instagram — Insights	`Asset-level Instagram permissions` Read-only	View account insights and content performance	—

Start narrower than you think you need — you can always add a permission later, but you cannot undo what someone did with access they should not have had.

Common questions

No. Roles in Meta Business Suite are tied to each person's own account, not to the Instagram password. Changing the password only stops people who were signing in with the old shared login.

Delvia

Access issues are easier to prevent when roles, owners, and responsibilities are recorded clearly

Most access problems trace back to the same gap — no clear record of who has access, what role they hold, and what should happen when that changes. Delvia helps you keep that record so problems are visible before they become incidents.

Delvia is free on iPhone and Android. Keep a clear record of who has access to your accounts — and what to do when that changes — wherever you are.

Download on theApp Store GET IT ONGoogle Play

How to Stop Sharing Your Instagram Password

Before you start

Migrate the team off the shared login

List everyone using the shared login

Add each person to the Business Portfolio

Assign each person the right Instagram permissions

Confirm everyone can actually work

Change the Instagram password

Turn on or strengthen two-factor authentication

Which Instagram permission to give

Common questions

Access issues are easier to prevent when roles, owners, and responsibilities are recorded clearly