• FreeAdvice has a new Terms of Service and Privacy Policy, effective May 25, 2018.
    By continuing to use this site, you are consenting to our Terms of Service and use of cookies.

work password assistance needed.

Accident - Bankruptcy - Criminal Law / DUI - Business - Consumer - Employment - Family - Immigration - Real Estate - Tax - Traffic - Wills   Please click a topic or scroll down for more.

question101

Junior Member
My supervisor has required that everyone in the office give her their personal passwords to everything related to the job, including email, timesheet, phone messages, hard drive etc.

I realize that everything related to the company is not protected by privacy laws and my supervisor has the right to view anything that is company owned. My concern and question is this...

As the supervisor, she has the ability to view our information using HER passwords as the administrator. She should be able to override our passwords and access our information as herself. I do not want her to access my information with my password because if something were to happen, ie she delete something or change something, the documentation would show I did it because she used my user name and password to access the information.

Does she have a right to our personal passwords?

I live in MD, thanks in advance.
 


seniorjudge

Senior Member
question101 said:
My supervisor has required that everyone in the office give her their personal passwords to everything related to the job, including email, timesheet, phone messages, hard drive etc.

I realize that everything related to the company is not protected by privacy laws and my supervisor has the right to view anything that is company owned. My concern and question is this...

As the supervisor, she has the ability to view our information using HER passwords as the administrator. She should be able to override our passwords and access our information as herself. I do not want her to access my information with my password because if something were to happen, ie she delete something or change something, the documentation would show I did it because she used my user name and password to access the information.

Does she have a right to our personal passwords?

I live in MD, thanks in advance.

Q: Does she have a right to our personal passwords?


A: Yes.
 

mitousmom

Member
Since your computer belongs to your company and probably is supposed to be used for work, the company can require you to provide it with your password.

However, many company's don't, for the very reasons you cited. Usually, there is a designated Administrator who can access anyone's computer without having the individual's password. Since she already has Administrator capability, it is curious that she needs individual passwords.

You may want to determine whether the company has given your supervisor the authority to obtain everyone's password. She may be doing this on her own, without being aware of the company's policy/practice.
 

xylene

Senior Member
mitousmom said:
Since your computer belongs to your company and probably is supposed to be used for work, the company can require you to provide it with your password.

However, many company's don't, for the very reasons you cited. Usually, there is a designated Administrator who can access anyone's computer without having the individual's password. Since she already has Administrator capability, it is curious that she needs individual passwords.

You may want to determine whether the company has given your supervisor the authority to obtain everyone's password. She may be doing this on her own, without being aware of the company's policy/practice.
Absolutely right mitousmom.

From an Information Security perspective what this supervisor is doing is absolutely stupid.
 

seniorjudge

Senior Member
question101 said:
My supervisor has required that everyone in the office give her their personal passwords to everything related to the job, including email, timesheet, phone messages, hard drive etc....
The supervisors in my office tell the employees the same thing (on my orders); the alternative is to find a new job.
 

xylene

Senior Member
seniorjudge said:
The supervisors in my office tell the employees the same thing (on my orders); the alternative is to find a new job.
Solid legal argument good sir, as always. However, it is not increasing your IT security or ability to monitor employees. In fact it is nearly blinding your ability to monitor your supervisors and administrators.

If I may ask a question- where are the collected passwords then entrusted? To a piece of paper? To an electronic file? The administrator can always see what is being done- there is no need to login directly under a specific users password for effective. Logining in as that person, with their password only makes it impossible to know exactly who logged in- the point of uniquely known user-only passwords.

Password registering creates a vulnerability to internal and external penetrations of security. It also falsely assumes that only the lowest rung of employees is capable of computer misuses and worse.

Think of it this way- do your supervisiors have identical copies of their subordinates pass cards for monitored doors? Knowing who comes and goes is security. Giving people the ability to come and go as 'others' is a formula for a problem.

Your legal creditials are well said, mine are only an enthusiatic interest in research. If you doubt what I say, talk to an IT security consultant. The "my way or the highway" line of oversight and password registration is just asking for an unitentional or inside security breech.
 

seniorjudge

Senior Member
xylene said:
Solid legal argument good sir, as always. However, it is not increasing your IT security or ability to monitor employees. In fact it is nearly blinding your ability to monitor your supervisors and administrators.

If I may ask a question- where are the collected passwords then entrusted? To a piece of paper? To an electronic file? The administrator can always see what is being done- there is no need to login directly under a specific users password for effective. Logining in as that person, with their password only makes it impossible to know exactly who logged in- the point of uniquely known user-only passwords.

Password registering creates a vulnerability to internal and external penetrations of security. It also falsely assumes that only the lowest rung of employees is capable of computer misuses and worse.

Think of it this way- do your supervisiors have identical copies of their subordinates pass cards for monitored doors? Knowing who comes and goes is security. Giving people the ability to come and go as 'others' is a formula for a problem.

Your legal creditials are well said, mine are only an enthusiatic interest in research. If you doubt what I say, talk to an IT security consultant. The "my way or the highway" line of oversight and password registration is just asking for an unitentional or inside security breech.


I know where all my employees live and so does Cousin Vito....
 

question101

Junior Member
In this case, she keeps them on a piece of paper in our employee file.

I am not arguing that she has a right to view our work and correspondence, I am simply saying that I want the work that I do and the correspondence sent and received with my username/password comes from me, not someone else who accessed my account.

Thanks again
 

Find the Right Lawyer for Your Legal Issue!

Fast, Free, and Confidential
data-ad-format="auto">
Top