1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Remember Kids -- Don't Trust Web Developers With Passwords

Discussion in 'Black Hat SEO' started by MatthewGraham, Feb 16, 2017.

  1. MatthewGraham

    MatthewGraham Jr. VIP Jr. VIP

    Joined:
    Oct 6, 2015
    Messages:
    529
    Likes Received:
    276
    Currently working on developing new websites in a niche that I have much experience with. Got a proposal from a new web developer who said he worked on some fairly well known websites in the niche by our competitors. Was sceptical that he actually worked on those projects...

    >If you can prove that you made those websites, then we will discuss the project with you.

    >>What kind of proof do you need?

    >Up to you. Just want to know that you really worked on the projects. Have had contractors submit fake proposals in the past


    And then be sent us the usernames and passwords to four websites run by a competitor.

    They were pretty good websites too. Good link profiles, well put together, professional, rank for some decent keywords.

    I mean we could literally delete their websites. Or 301 them to one of our own sites. We could steal their leads, insert links, and do a lot of other things that wouldn't exactly be good for our competitor.

    Not going to do that, since we respect (most) of our competitors.

    But wow. Remember to change the passwords to any websites that anyone develops for you (or have them develop locally and send the code to you / don't give them login information in the first place).

    Turned down that contractor's proposal. Wouldn't trust him with any of our websites.
     
    • Thanks Thanks x 6
    Last edited: Feb 16, 2017
  2. BharaTV

    BharaTV BANNED BANNED

    Joined:
    Jan 15, 2017
    Messages:
    67
    Likes Received:
    12
    Gender:
    Male
    Got the same issue with a dev programer who is pissed that i don't want to provide him the credentials for the server.I told him that most of web developers are going for the extra buck when they are in need of money.
    Even BHW's database has been sold this way as to many people had access which couldn't be controled since they didnt worked inhouse but thousands of miles away
     
    • Thanks Thanks x 1
  3. MatthewGraham

    MatthewGraham Jr. VIP Jr. VIP

    Joined:
    Oct 6, 2015
    Messages:
    529
    Likes Received:
    276
    Yes, definitely a good idea to keep login info to yourself. Much better to have developers work in a sandbox and then send the code to push to live.
     
  4. elavmunretea

    elavmunretea Elite Member

    Joined:
    May 14, 2016
    Messages:
    1,581
    Likes Received:
    2,129
    Home Page:
    You're obviously working with the wrong people then.
     
  5. BharaTV

    BharaTV BANNED BANNED

    Joined:
    Jan 15, 2017
    Messages:
    67
    Likes Received:
    12
    Gender:
    Male
    I can call big names whos worker have cheated their customer and who are highly reputated at BHW
     
  6. snyperul

    snyperul Junior Member

    Joined:
    Nov 27, 2013
    Messages:
    132
    Likes Received:
    9
    Gender:
    Male
    Occupation:
    Freelancer
    Location:
    Italy
    Home Page:
    Is from BHW hmmm ???
     
  7. deal with it

    deal with it Jr. VIP Jr. VIP

    Joined:
    Sep 30, 2015
    Messages:
    587
    Likes Received:
    248
    Gender:
    Male
    please do it
     
  8. shadow2015

    shadow2015 Junior Member

    Joined:
    Jan 17, 2015
    Messages:
    112
    Likes Received:
    14
    Occupation:
    L2 Security Engineer (Network)
    Location:
    London UK
    I woundt understand, why you woudnt change the PWD after the project completion. Thats the first thing come to my mind before even checking the website...
     
  9. BharaTV

    BharaTV BANNED BANNED

    Joined:
    Jan 15, 2017
    Messages:
    67
    Likes Received:
    12
    Gender:
    Male
    If you have a bigger website changing passwords can be a pain in the ass as you need to find yourself all files where you need to change the credentials
    My last project for example a website made in php has over 1000 files where credentials are being used for diffrent staff like smtp,sms verification,aweber,db etc etc