Showing results for 
Search instead for 
Did you mean: 

Freelancer changed login credentials

Active Member
Cid L Member Since: Feb 27, 2017
1 of 8

The freelancer I'm working with has changed the login credentials to get into my wordpress admin page thus locking me out for the second time. This is a fixed price contract.


When I try to login I get a 404 page


I went through the TOS and wasn't able to find a reference for this although It seems like it would be against  the policy of Upwork. 


Can someone here give me advice as too the best way forward.



Community Guru
Petra R Member Since: Aug 3, 2011
2 of 8

Have you discussed it with your freelancer?

Community Guru
Preston H Member Since: Nov 24, 2014
3 of 8


There is no specific rule in Upwork ToS that prohibits a freelancer from changing login credentials for back-end systems.


It is unusual. It may very well be a problem for you. But it is not an Upwork ToS violation per se.


I have seen situations in which project owners needed help to restore websites that they had messed up through their own experimentation and mistakes, and they hired experts to help them, and those experts had to change the credentials to lock out the project owner temporarily in order to get the job done.


Having said all that... the freelancer you hired may be a scoundrel, a criminal, a scammer, a saint, a top level professional, or the saviour of your project. I don't know.


If you didn't want the freelancer to lock you out of your own back-end server, then you may have a problem. The next step for you would be for you to communicate with the freelancer and ask him why he did that. Obviously Upwork doesn't have the back-end credentials for your website, so there is not much that Upwork can do for you.

Community Guru
Preston H Member Since: Nov 24, 2014
4 of 8

Another important point...


You mentioned that this project is a fixed-price project.


If you hired the freelancer to create something for you (including a website), and you have not paid the freelancer for that work, then the work product still belongs to the freelancer.


So if the freelancer is in the middle of creating a website, and that website has not yet been paid for by your releasing payment to the freelancer, then technically the freelancer owns the website, and it is his right to change credentials on the site whenever he wants.


If the freelancer changed credentials without consulting you, I consider this very unprofessional behavior. It is not something I would have done. I believe the freelancer should provide you with all the work he is creating on your behalf, unlocked, fully accessible, before requesting payment.


But Upwork's rule is that work belongs to the freelancer until the work is paid for.


None of which is so clear-cut if the freelancer was working on an EXISTING website and not creating something for you from scratch.


If that's the case, then the freelancer's actions are even more unprofessional and unwarranted.


But, as Petra suggested and as I mentioned in my previous post, the next step is to contact the freelancer and ask what is going on.

Community Guru
Petra R Member Since: Aug 3, 2011
5 of 8

If it is the client's website on the client's domain the freelancer does not own the website, just whatever work they did on it.... (Code etc)

Community Guru
John K Member Since: Feb 17, 2015
6 of 8

As Petra and Preston suggested, you should first request an explanation from the freelancer but unless the site has a plugin that locks the login page after numerous failed logins, there shouldn't be a 404 error. A 404 during login usually occurs when the site's broken and if so, hopefully that wasn't done deliberately. Finally, if you can see the login page, you should be able to reset the password yourself by clicking the "Lost your password?" link, provided the freelancer didn't go to the trouble of changing the email address associated with your username.

"No good deed goes unpunished." -- Clare Boothe Luce
Ace Contributor
Michael P Member Since: Jun 1, 2015
7 of 8
I think now would be a good time to change your hosting account's password (just to be safe).
Ace Contributor
Tamal S Member Since: Apr 3, 2017
8 of 8

@Cid L wrote:

The freelancer I'm working with has changed the login credentials to get into my wordpress admin page ...

When I try to login I get a 404 page 

Hi Cid L,

If you get a 404 page, that doesn't mean your freelancer has changed the login credentials. 404 means the page doesn't exist. There is a possibility of changing the login permalink (/wp-login.php) or dashboard permalink (/wp-admin/) thus you're getting 404 error. We, WP developers usually hide login permalink for security purpose and to prevent from brute force attack.
Talk to your freelancer about the issue and you'll find the right answer.


"I'm silently judging your font choice."