In some situations, an Identity Manager user may require more than one account on a resource. A user can have several different job functions related to the resource. For example, the user can be both a user and administrator of the resource. Best practice suggests using separate accounts for each function. That way, if one account is compromised, the access granted by the other accounts is still secure.