This past week, many site owners of Zenfolio and SmugMug that shoot Boudoir photography had found out private and unlisted galleries were being accessed by people who were using these photos for ransom, personal pleasure and other terrible things.

There are forums and chats specifically dedicated to figuring out passwords, sharing links and finding other ways to access these private galleries. Many of these photos can be damaging to careers and lives if pictures are released in a public forum. So you can image how upset photographers and clients have been when they found out about this.

This breach of security is a lesson we all can learn on protecting our photos and our clients.

Many steps that are being taken to up security on protecting passwords. Don MacAskill from SmugMug posted this as a reply on his company’s Facebook page:

2014-02-07_1142 copy

“This appears to be bad case of weak password,” said MacAskill. “This forum was engaged in a guessing game, and they often found success by simply using what they knew to guess the passwords.

Common problems found were

  • Many of the URLs had the actual password in the the gallery Title/URL
  • Many put the actual password in the Password Hint field.
  • Passwords were almost all single words, usually a name or a short word.
  • The password hints were often too informative
  • The password was easy to guess out of a few dozen guesses simply based on the Password Hints.

There were other easy to spot security breaches, said MacAskill.

“Other (passwords) appeared to be easily guessed by simply Googling the photographer or scanning their social media, like Facebook or Twitter. Things like birthdays, pet names, favorite sports teams – these are all pretty easy to obtain if you have the photographer or client’s name, which was often provided in the URL or Title.”

Turns out that all the security measures in the world won’t protect you if you use a weak password.

Editor’s Note: For an example, click here.


The best advice to follow is to use strong, hard-to-guess passwords. These include mixing in numbers, symbols, and capital letters. Here’s a recent New York Times piece with some advice:…/how-to-devise-passwords-that…

What can you do to help protect your accounts?

  1. Make a password much more difficult. Many passwords are too easy. When you have a gallery named, “Jenny” and your set your password as “Jenny” that’s not exactly the best way to protect that account. Also, make sure you password protect a gallery BEFORE uploading photos. Many of these guys follow photographers RSS feeds and get into galleries while the images are being uploaded and before passwords are added. Keep your hints clever but don’t include any part of the password.
  2. Make a gallery unlisted or private. Companies like Zenfolio and SmugMug offer security settings for galleries that only you can see with a direct link. For extra security, make it unlisted with a password.
  3. Make sure you have your images right-click protected. You would be surprised to find that many site owners have not right-click protected files. It’s usually a simple gallery setting. You can often search your sites FAQ’s or contact customer service who will be more then happy to make sure your pictures are being protected.
  4. If possible, don’t post any potential images that could be stolen. Instead, meet your client in person and deliver digital copies. Then use a local printer or upload directly to the print shop if prints are desired. The best way to avoid stolen photos is to never put them online in the 1st place.

Keep in mind, this isn’t just about Boudoir photography. Years ago, I was apart of a cloth diapering community and we discovered to our horror that our images we were sharing of our kids in diapers were being stolen and used in forums dedicated to looking for malicious use. It was an eye opening experience that forever changed the way I post pictures.

Bottom line, there are unfortunately people out there who have ill intentions on using photos we hold dearly. Please take the time to protect your images, your brand, and your clients.


This Post Sponsored by:

The Digital Camera Store At Amazon

Join the conversation! 6 Comments

  1. Very informative warning. Will be sure to pay closer attention to the security I am in control of.

  2. The disabling right click is pointless. If someone is looking to steal your images like these people they will have a script that turns right click back on or just drag the image to their desktop.

    • Adding barriers helps. Pam’s point is valid. Throw up as many roadblocks as possible.

    • The roadblocks comment below is valid also, but I have to say as an IT prof as well as a photographer, it’s ridiculously easy to set up an auto-snip or auto-screenshot single-key macro where you can capture and save screen by screen with a single key press :-\ but the more difficulty, the better!

  3. Great article. Thanks for sharing. Password naming convention is very critical to business.


Let us know your thoughts...

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About Pamela Ann Berry

Pamela has worked in Film and Radio for over 15 years. She started as a PA on major sets and eventually moved up to script supervisor. From there the roles of producing, directing, editing and camera operator followed. In college she was recruited right off the air from her college radio station and went on to be on air talent for country, top 40, and alternative radio stations including a 2 year gig as an Emcee for Radio Disney. Pamela currently tech edits books on Adobe Premiere Pro, Photoshop, After Effects, Illustrator & Motion. Her main love is being behind the camera whether its doing video or photography.


A Photographer You Should Know, Business


, , , , , , ,