Part of my job as a web developer is to perform acts on your behalf. Imagine that you have paid me to perform some technical service for you, be it developing a web site, setting up your web site on a host, or maybe helping you get set up with Google Analytics. More often than not, you’ll need to provide a set of credentials to your web developer so that they can perform their work.
That said, I was reminded the other day that sometimes people are uncomfortable with providing their credentials to anyone, even someone they pay to perform work for them that would require a set of credentials be provided.
For myself, it makes no difference. I can understand if someone doesn’t want to give me their username and password to access a system that I would need access to while performing the work requested of me. I would never give mine out, even to my own employers. So I get it.
However, as a web developer, I’m routinely entrusted with credentials to systems and sites that if I were a malicious person, I could do some real damage and cause millions of dollars of havoc and chaos. But I’m not that person. I know that if I ever broke that seal, my days would be numbered. News would leak around the Internet, and I’d need to find a new profession.
What web developers do require they maintain a high level of trust with the people they work with. Lose that trust, lose your income. That’s how I see it anyway.
So if you are looking to hire a web developer, be sure you have some back and forth with them. You should ultimately be able to trust them with the keys to your kingdom. If you don’t or still have reservations, there are still ways to get the job done and protect yourself at the same time. Here are a few ideas that you can use the next time you want to hire a web developer and maintain some control over the keys to your kingdom.
- Don’t give your username and password to anyone. This is what I do. However, I’m able to perform whatever it is they would need to do, so I’m able to pickup where they will be leaving off. If you are unable to do so, don’t fret, you could still
- Change your passwords prior to giving them out. Assuming the passwords you use are common across a number of systems, you might want to change the password before giving the web developer the password. This will allow the developer to access the systems they need, and in the end, you can change them back to your original, hardcore password. Or you might just
- Create a new, disposable username and password. If you are able to create a new user account, why not create one, provide the developer the access he or she requires, and when they are done, simply delete the account. You can also
- Give the web developer your username and password. You should feel comfortable enough to do this with any web developer that is promoting their services on the Internet and is involved in various social circles. References are key here. If you don’t have the comfy feeling with a web developer, why not ask for some references, and ask the references if they had to provide any security credentials, and ask if those credentials treated with care.
At the end of the day, you should only hire someone who you can trust with the credentials they need to do the job you are asking them to do.
On a personal note, I hold myself to very high standards when it comes to the security entrusted to me by others. I consider it part of my job to do so. In fact, I also don’t talk about any job I do with anyone else for that matter. I’ve been under so many Non-Disclosure agreements that it’s now just a habit.
I hope this helps you understand part of the role of web developer. I was contacted recently by a gentleman that decided he didn’t want to provide me access to his Google account to help him set up his webmaster tools. I’m perfectly fine with his decision and completely respect it. It just reminded me that not everyone is comfortable with the idea of providing their credentials to another person, even when the job calls for it.
My Personal Commitment and Guarantee To All My Clients
I will announce publicly, right here and every time I’m asked, that if I am given any username and password, I treat them exactly as I do my own, securely. When a job is over, I forget them and destroy them. I wouldn’t want anyone to think I wasn’t trustworthy enough to access a system, do what is required and then get out and stay out. In the end, and like I mentioned above, you should always feel comfortable enough to provide the web developer the keys he needs to get the job done you are requesting him to do. Don’t take it lightly, make sure you can trust them.
You might also enjoy these related posts
- 10 Questions For Your Web Developer Before Starting That Web Development Project You need to question your web developer before starting that development project. Before you hire someone to build your web site, before you lay down any cash or outline...
- Learning Web Development Through Blogging I have a few minutes right now and I wanted to share a few things I’ve been thinking about. Otherwise however, this month is going to be incredibly busy...
- Working Around the System – Password Resets Sometimes you just don’t need to change your password as often as some ’systems’ may want you to. Here is what I do every time I’m asked to change...
- Helping Others with Free Web Development Services Progress on this web site, so far, has been great. For the past 9 months I have slaved to find a niche (as that is presumably what will help...
Wayne John is a web developer in Southern California that shares his 25+ years of programming and web development experience freely and happily to anyone willing to learn. He also loathes speaking in the third person. If you enjoyed this post, make sure you 
.-=..."
Lindsay (1)
Switcher (1)
Another suggestion for people who are a little reluctant to hand over that password, write up your own “Non-Disclosure agreement” – it doesn’t even have to be extremely formal to be legal.
As for your ‘Personal Guarantee’ Wayne – I can attest to that statement… I could even say that Wayne John is so quick to “forget them and destroy them” that you may be required to re-supply that information should you need further services.
To Lindsay and her comment – I understand your comment completely. However, from my own experience working with Wayne, he’s proven to me that in today’s world (with Skype, etc) oceans are no longer a barrier. The service Wayne’s provided to us over the last few months has been on par, if not better than anything we could outsource locally.
Manz´s last blog ..Dust Storm Blankets Sydney
this is a very good post. I have encountered a few people who were wary about giving me credentials. But I have also noticed that these clients are usually the people who I work with over the internet and never meet in person. I do very few jobs where I never actually meet the client, but i have found that by meeting the client, or at LEASThaving a video or phone chat, you seem to get a little more trust right off of the bat.
The internet takes a lot of the personality out of web development. I see so many companies from India vying for projects here in the US and I wonder about those people who hire them. Arent they scared? Wheres the connection? I often see people who were screwed by those overseas businesses.
I think there is nothing more valuable than face to face connection. It just gives people that ease of mind that you are a real human too.
lindsay´s last blog ..Don’t Mind the Dust
Great advice that can be used across many tech industries.