In the description for the OneCore script on Hotscripts, it says the following:
"One-click password protection of your backend secures the backend"
This is not accurate. Apart from a quick, easy to bypass dirty password fix, there was nothing to prevent even a beginning scriptkiddy from accessing both the content and the back-end, anyone who can type a searchquery into Google can find a way to bypass this so-called security.
Unsafe, unfinished, not worth the time to install.