Posted 3 years ago #
I have a quick question. I have a client that did not pay me once I have their WordPress up and working. They have now changed the admin settings, so now I'm locked out.
Is there any way I can get back in? I am still getting notices of all the changes they make, but I cannot log in. They have also changed the ftp info.
Janet
umm, you do know that what you are suggesting is bordering on illegal?
Consider this, please -- If you gave a weekly housekeeper a key to your back door, so that you didnt need to be home when they came, and then you decided not to pay them -- they do not have the right to enter your home and make a mess/steal/vandalize/sabotage/etc
Thats called "against the law", and thats why we have a legal system.
THIS post is blog fodder and I am REALLY inclined to provide a link to your site on my own site (minus any google juice) and a screenshot of this, just to call you out on even thinking about a VERY UNPROFESSIONAL behavour.
Posted 3 years ago #
The scenario suggested by whooami is not a good one, as its talking about a service (housekeeping) rather than a product (website).
However saying that, I notice on the website linked to by whooami there are no terms & conditions for the products (and services) listed - in fact there is hardly any information at all. If this is repeated when the client makes the order then there wouldn't seem to be much of a contract. I'd suggest taking this as a learning curve, and in consultation with a legal professional draw up legal terms & conditions which are in effect a contract, and publish this on the website.
Posted 3 years ago #
I agree with "whooami" which you shouldn't sneak in via backdoor; however, I think you can use your legal right to get money from them.
If you got any sort of contract or written agreement and prove the work you have done for them, you should be able to get money from them.
It is indeed a learning curve, and things always happened. If you google it, you shouldn't be only one.
I would highly suggest you contact with them to ask for payment. If you "complete" your job upon agreement, you should be fine.
Next time, demand a partial payment while you are working on the project. Of course, you need to mention this before the project start, and one more thing, make sure both of you guys write it down.
installing wordpress is a SERVICE, and that doesnt matter.
Its a crime to access a web site in such a fashion. She lives in the United States, and IF I didnt pay her, and she had the gall to try and hack into my server for the purpose of "uninstalling" anything, defacing anything, etc.., I would be on the phone so quickly, her head would spin.
I have hundreds of logins to sites that Ive been given by people to work on things -- having those logins doesnt give me any right to access those files after the work has been completed, whether they paid me or not.
That ought to be common fucking sense to anyone and everyone, and it speaks multitudes about what kind of service the OP provides.
Notice that she is NOT asking about potential legal remedies? Apparently, those arent good enough for her.
Posted 3 years ago #
whooami - regarding the hundreds of logins, the common sense and responsible approach for this would be to destroy any such logins once the required work is completed.
mojorob,
Heard of email?
Im not the one asking how to hack a site. Maybe you ought to point that accusatory finger at Janet.
Hi all, just my 10 cents worth, but mojorob, you should read the original post, personally I think Janets so called client has made a lucky escape, and quite rightly changed passwords to their website and ftp. everyone who ever works on a web site is fully aware of their responsibilities to their client, anyone in business has had a client not paying, thats life, human nature, the answer for Janet is simple, why on earth would she now want to get back into the site. I can only think of one, and its illegal.
whoami was completely right in her answers.
Oh well, don't know about you guys, but I feel better now
:) Happy Sunday.
Mike.
Posted 3 years ago #
mikey1 - I have read the original post, hence my reply to it. My 2nd post on this thread was in response to something that whooami said, and not the original post.
whooami - Yes I have heard of email, though it's highly unclear why you ask. I was not pointing an accusing finger at you, however one of your big things is security I believe - destroying any unnecessary logins is a part of the protection of security for the people who you have worked for or helped, or do you disagree with this? I'm aware it's not dealing with the question of the original post, however it is within the topic behind it.
I have a quick question. I have a client that did not pay me once I have their WordPress up and working. They have now changed the admin settings, so now I'm locked out.
Is there any way I can get back in?
No there isn't and as others have pointed out doing so would likely be illegal.
If a company owes you money the law allows you to recover that through legal action (you take them to court). Alternatively you can hire a debt collection agency or just sell the debt to such an agency* and they will pursue your client. The law doesn't allow you to take, or take control of, someone else's property (at least not without a court order).
You didn't say how much they owe you but it is likely that the debt collection agency will be your best course of action. Write to your client informing them that, unless they pay the outstanding invoice within 14 days, you will place the account in the hands of a collection agency and that the agencies attempts to recover the debt will almost certainly result in long term damage to your clients credit rating.
*The debt collection agency wont pay you anything near to what you are owed but you will get something and your clients will likely have to pay the agency or face having their credit rating ruined. Meanwhile you can get on with business and chalk it down to experience.
Janet: You never mentioned several key points. Has the client explicitly stated that they won't pay, or have they simply not paid yet? How long has it been since you finished the site and billed them? Some companies are just very slow to pay their bills, especially in a slow economy. Have they expressed satisfaction or dissatisfaction with the services you performed? Is there something about the site they want you to fix before they pay? Have you discussed a payment plan with the customer? If you have done everything you agreed to do and the customer is satisfied but refuses to pay, try the Better Business Bureau or small claims court. Resorting to criminal activity is not the right approach.
mojorob,
When I said "I have 100s of logins.." I overestimated, out of irritation. Though I probably have more than 20 and less than 40.
That difference not withstanding, that info is 'stored' inside e-mails. (gmail is my lone "while not at work" e-mail client).
I 'store' those e-mails the same way I store anything other e-mails. And while I have never been asked, I wouldnt tell anyone who did ask, anything different.
I work for a host; we reset passwords constantly through support tickets (Kayoko) -- I have access to my work email and those same tickets through my Palm. I dont delete those emails, just because they may have passwords stored in them.
My e-mail, in both instances is cleared because I'm cleaning up (in the case of gmail, I just recently organized over 500 emails), or because, in the case of my Palm, I use a setting that only allows so many emails before they are automatically deleted from my Palm.
In other words, I dont delete something simply because there is a password in it, no.
Frankly, the threaded nature of gmail, and the amount of emails that are typically swapped before I ever do anything on a site, makes that nearly impossible, without deleting every email within the thread. AND, for what its worth, after having helped someone, I am occasionally asked back to do something else -- having those old messages has proven handy, in that case.
I tell people one important thing before I ever do anything on their site (paid for or not) and that is that their site wont be compromised as a result of my having that info, and I would happily make that claim whether the info were stored locally OR stored remotely.
I trust gmail with my own passwords, consequently I trust gmail with ALL passwords. Blind trust? Sure, perhaps. But Im a google lover.
And, I will admit, that I expect some of that responsibility to fall back on the site owner.. ie their changing if the password. A good deal of the people are wise enough to create separate login credentials for just me --
The difference between me, and I suspect, Janet, would come down to intent.
It's not a crime to store information, and you might be surprised (or maybe not) at how much is 'out there'. While, arguably, what I, and many others do, is insecure, prima facie, it's done, and eventually, someone has to be trusted -- in the digital age, thats a fact of life.
Maybe Janet just wants to log in to change the email address so that she doesn't get those notifications of comments etc.
Why not use the "forgot password" feature?
This topic has been closed to new replies.
