How to Hold a Bad Photography Client to Ransom

How to Hold a Bad Photography Client to Ransom

Unfortunately, it really is a case of "when" rather than "if" you will experience a bad photography or video client. The biggest problem is that once a person or business has your work there really is nothing to stop them from leaving you high and dry. Here's how to keep the upper hand and maximize your chances of always getting paid.

Depending on what industry you work in, the payment terms for photographers can vary massively. Like it or not, some of us still don't get paid for our services until long after the work has been delivered. In the fashion industry, for example, I can wait as long as 90 days to be paid. This really does pose a potential problem in that some clients may not keep up their side of the agreement and actually pay you.

This article is not about how to extract money from a client who won't pay, but more a preventative measure you can occasionally put in place to help keep the balance of power in your favor and minimize the chances that you will be left out of pocket. The simple technique I suggest using is to send the client two folders of your images, one containing the full resolution files and another folder containing low-resolution preview files (you could even watermark these if you want to add more protection). The trick here is that the folder with the full-size images in is actually password protected. This means the client will only be able to see the smaller versions of the preview files until you decide to give out the password to access the larger ones.

Now I appreciate you won't be able to use this method for every client you have but it is something worth having in your arsenal to give you an extra level of protection on some occasions. What I love about this approach is that I only have to send files out from a job once. The alternative is much more time consuming in that I would have to send low-resolution files first, wait to be paid, and then send the larger files at a later date. The other benefit of sending everything in one go is that having password protected files sat on a clients computer is a great reminder and motivator to pay a photographer what they are owed.

There are many ways you can password protect folders on both Mac and PC, but I have found the simplest and most universal way to do this cross-platform is to password protect a zip file. Not only can this be done with free or existing software, but it won't require your client to download any third-party program to access the encrypted folder.

Here's how I do this on a Mac:

1. Open Terminal

First, you'll need to start the Terminal application by either opening the Spotlight search bar on your Mac and typing “Terminal” or by going into the Applications folder, opening up “Utilities,” and then clicking on “Terminal.”

2. Encrypting Single Files

If you just have one file to add a password to type the following into Terminal and hit enter:

zip -e NameToGiveZipFile.zip FileToEncrypt.jpeg

In my example "NameToGiveZipFile.zip" is called "Final_Image.zip" and "FileToEncrypt.jpeg" which is the image I am adding the password to is called: "Hero_Shot.jpeg." To keep this example as simple as possible I placed the image in the location of HD/Users/YourName/ as that is where Terminal looks first as default.

After hitting enter you will be asked to input a password. Type the password that you will use for this protected Zip file and hit enter. You’ll then verify the password you’ve chosen by typing it in again when prompted. Unlike other places that you type in a password, Terminal won't actually show any characters being typed out, this is totally normal.

After that, the process will be completed and you will find your new encrypted file in HD/Users/YourName/. To test the file out you can click on the zip file where you will be greeted with a password screen.

3. Encrypting Multiple Folders

To compress several files within a folder, you will need to type the following and hit enter:

zip -er ~/Desktop/NameToGiveZipFile.zip /Users/YourName/Desktop/FolderName/

In my example, "NameToGiveZipFile.zip" is called "Full_Resolution_Tiffs.zip" and the "FolderName" is called "Processed_Tiffs." This folder is located on my desktop at /Users/Paul/Desktop but can be anywhere on your computer. Just be sure to type the full path out correctly.

After hitting enter you will be asked to input a password. Type the password that you will use for this archive in and hit enter. You’ll then verify the password you’ve chosen by typing it in again when prompted.

Next, Terminal will show you a list of all the folders it has encrypted. The zip file has now been successfully created.

This time as requested in the code the newly created zip file has been saved to the desktop. If you want to check the password is working correctly you can click on the zip where you will be greeted with a password screen.

To keep things simple for those who have not used Terminal before all file and folder names in the examples above do not include spaces. You can learn about how to use spaces in names here but as this may be some people's first foray into using command lines I didn't want to make things any more complex than they needed to be. It is also worth knowing that everything is case sensitive in Terminal so make sure all names are typed exactly as they were created.

For those not on a Mac here's how to add passwords to zip files on Windows.

So there you have it, a quick and easy way to keep some of the power in your hands while waiting to be paid. As mentioned earlier I appreciate that this technique won't always be appropriate to use but it may just be something you implement when you get a bad feeling about a client. Password protecting zip files is far from the most secure method of encryption but the goal here is to use something that will work across platforms and requires no additional software. If adding passwords to folders via Terminal doesn't appeal to you then there are online transfer services which will allow you to add a password during the upload process. Whichever way you choose to password protect be sure to be upfront with clients about what they are to expect when they receive their files and most importantly don't forget the passwords that you use.

Is password protection something you would consider using on clients from time to time? Do you implement something like this already? I'd love to hear your thoughts in the comments.

Lead image by PublicDomainPictures from Pixabay.

Log in or register to post comments

72 Comments

Tihomir Lazarov's picture

Nice tip, Paul

Paul Adshead's picture

Hey thanks Tihomir! not something for everyday use but it's worth having such a trick up your sleeve...

Bert McLendon's picture

Nice tip! Here is something I put in my contract that weeds out clients that don't intend to pay while the client who intends to pay doesn't mind at all. "No rights granted until the invoice is paid in full." Even though I collect 50% up front and the other 50% net 30, it's never been an issue. Clients who don't want to pay will want this removed (don't do it), and the clients who intend to pay, don't care it's in there. It turns it from a few thousand dollar invoice to a $250,000 copyright infringement case if they don't pay. I've never had a problem since this has been added.

Paul Adshead's picture

Hey Bert, thanks for the info. I have two pages of T's&C's on my invoices and business contacts but I'm not really sure how many actually read them.

I should probably make that part bold!

Thanks for the inspiration...

Bert McLendon's picture

haha I don't care if they read them, as long as they sign on the dotted line. =P

Paul Adshead's picture

hahaha! great point!

This +1,000.
Whenever a new working photographer has a payment issue with a client and asks me advice; my first question is: What does the contract say? 99 times out of 100, I get a blank stare as they realize how badly they screwed up and then they ask where they can get standard contract wording.
I direct them to this: https://www.amazon.com/ASMP-Professional-Business-Practices-Photography/...
Don't give away your rights, always license.
As Bert said, bad clients are culled when you ask for a retainer to book a date (some states don't allow non-refundable deposits, don't use that term) and more are culled when you state that no rights are given until payment is in full.

Photo Kaz's picture

Not sure you could claim anywhere near $250K unless you registered the copyright and actually followed through with the suit. Without the registration damages are much lower.

Paul Adshead's picture

Very true, and why it's important we register all our work!

Christopher Eaton's picture

Great tip.

Christian Madsen's picture

Using encrypted Zip archives is not very secure, there are several programs out in the open that will crack an encrypted Zip file in a matter of hours (at most). If you want real security use PGP/GPG symmetric encryption (using a strong crypto-algorithm) and send the password later. Of course this is a bit more complicated and requires that the client installs PGP/GPG on their systems.

Paul Adshead's picture

Hey Christian, thanks for your concern. As mentioned above I do say how encrypted Zip archives are not that secure.

In my experience, most clients are far from tech-savvy and if they really want to go to the efforts and costs to crack a Zip they probably are never gonna pay me anyway...

Thanks for your advice!

Actually, it can be quite secure--certainly secure enough for the purposes needed here. The security is all in the quality of the password. Use a 16-character (or longer) password containing upper, lower, numbers and symbols and that ZIP won't be opened until long after its useful life has come and gone. We're talking 37,157,429,000,000,000,000,000,000,000,000 combinations for just a 16-character password and an order of magnitude more for each additional character.

Much of the misunderstanding of ZIP passwords goes back to vulnerabilities in the early ZIP specification along with an 8-character maximum password length.

Paul Adshead's picture

Great point Timothy, thanks for the sums.

Christian Madsen's picture

My point was not about the password strength but rather the underlying encryption algorithm, and if the algorithm can be broken, then it doesn't matter how good the password is, and the problem I described is about the algorithm. As far as I know you can get Zip with strong encryption algorithms such as AES-256, but zip archives generated with these algorithms cannot be guaranteed to be read by all zip-programs.

Use WinRAR and drag and drop the files you need, set up to RAR 5 compression (default now), encrypt filenames/files and it's harder for programs to crack plus the client can't see file names. That way you've delivered the files, and pending payment you'll release the password.

Or do as I do, just don't release the files/media until all payments are completed.

Paul Adshead's picture

Hey Daris, will this require additional software at the clients end?

Joakim Drake's picture

It will, at least for osx. Unrarx is popular for this purpose.

Paul Adshead's picture

Thanks Joakim, because I don't always know what OS the client is on, or if work is being passed straight onto a third party grahic designer/retoucher I try to make sure things are cross-platform with no additional software required.

Never used Unrarx but will investigate it. Many thanks!

You can set the archive as a self-extracting exe if you wished.

Paul Adshead's picture

Sounds perfect for clients on Windows.

EXE will be a problem on OSX though?

Not sure, as most Apple owners will dual boot in many cases. Maybe for consumers but most businesses usually I deal with don't complain plus unrar works on the EXE at least on Windows. I rarely deal with macOS these days though.

Paul Adshead's picture

that's cool, thanks for the info Daris...

Christian Madsen's picture

Sending .exe files is a good way to either end up in a spam-filter or have the .exe file removed in transit to avoid vira that usually gets send via .exe files.

You upload to Dropbox/OneDrive/GDrive and link to them. As you said, you never send an exe via e-mail as that's going to get the message kicked into touch.

Kyle Medina's picture

Wow brilliant. (slow clap)

Paul Adshead's picture

It's better to get some form of clap than no clap at all Kyle...

I mean, 1 form of the clap isn't good to have... but it's easily treatable...

Paul Adshead's picture

Thank you doctor. That's good to know...

Robert Bell's picture

Been looking for something I could use on both Macintosh and Windows easily. Many thanks!