Former job asking for laptop password weeks after leaving
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty{ margin-bottom:0;
}
up vote
10
down vote
favorite
I left my job and turned in my laptop.
On that work laptop, I used my "usual" personal password, as the password.
When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.
I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.
I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.
My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.
Now they're bugging me again with texts and calls and I don't have the time to handle this.
What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?
I don't mind doing it, but only if it costs me minutes of my time.
quitting privacy
edited Nov 18 at 6:33
BSMP
3,5111327
asked Nov 17 at 21:38
pailhead
1469
|
show 10 more comments
up vote
10
down vote
favorite
I left my job and turned in my laptop.
On that work laptop, I used my "usual" personal password, as the password.
When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.
I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.
I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.
My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.
Now they're bugging me again with texts and calls and I don't have the time to handle this.
What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?
I don't mind doing it, but only if it costs me minutes of my time.
quitting privacy
edited Nov 18 at 6:33
BSMP
3,5111327
asked Nov 17 at 21:38
pailhead
1469
1
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
7
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
3
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
1
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21
|
show 10 more comments
up vote
10
down vote
favorite
up vote
10
down vote
favorite
I left my job and turned in my laptop.
On that work laptop, I used my "usual" personal password, as the password.
When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.
I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.
I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.
My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.
Now they're bugging me again with texts and calls and I don't have the time to handle this.
What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?
I don't mind doing it, but only if it costs me minutes of my time.
quitting privacy
edited Nov 18 at 6:33
BSMP
3,5111327
asked Nov 17 at 21:38
pailhead
1469
I left my job and turned in my laptop.
On that work laptop, I used my "usual" personal password, as the password.
When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.
I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.
I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.
My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.
Now they're bugging me again with texts and calls and I don't have the time to handle this.
What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?
I don't mind doing it, but only if it costs me minutes of my time.
quitting privacy
quitting privacy
edited Nov 18 at 6:33
BSMP
3,5111327
asked Nov 17 at 21:38
pailhead
1469
edited Nov 18 at 6:33
BSMP
3,5111327
asked Nov 17 at 21:38
pailhead
1469
edited Nov 18 at 6:33
BSMP
3,5111327
edited Nov 18 at 6:33
BSMP
3,5111327
edited Nov 18 at 6:33
BSMP
3,5111327
3,5111327
asked Nov 17 at 21:38
pailhead
1469
asked Nov 17 at 21:38
pailhead
1469
asked Nov 17 at 21:38
pailhead
1469
1469
1
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
7
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
3
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
1
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21
|
show 10 more comments
1
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
7
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
3
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
1
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21
1
1
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
7
7
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
3
3
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
1
1
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21
|
show 10 more comments
7 Answers
7
active
oldest
votes
up vote
22
down vote
accepted
If there is something on the computer they want to retrieve it's usually required that you give them access to the data.
But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.
Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.
Once you get the computer:
- Create a new account
- Give it admin rights
- Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)
- Log in with the new admin account
- Delete your personal account
- Give them password for the new admin account
answered Nov 18 at 0:13
Sopuli
1,193210
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
|
show 8 more comments
up vote
5
down vote
Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.
You returned the hardware, the rest is on them. Give them nothing more.
answered Nov 19 at 20:38
Richard U
82.3k60214327
add a comment |
up vote
4
down vote
There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:
Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.
If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.
answered Nov 19 at 21:24
Ertai87
6,1461619
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
add a comment |
up vote
3
down vote
You received a company laptop that you were given for work and returned it after you left the company.
- You should have given them the password when you returned the laptop.
- You should NOT have used the same password as you use privately.
- Give them the damn password and change your personal password...chances are you've been using it for too long anyways...
...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...
EDIT:
What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:
I'm talking EXPLICITLY about OP's special case and circumstances!
the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
This naturally means in working order for machinery and tools.
It of course includes the data stored on said tools and access to it.the password guarding this access protects company property and business secrets.
the FORMER employee has no right anymore to posess, use or access company property
arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property
Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!
The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
CHANGE YOUR DAMN PASSWORD !!
As a side note:
I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.
I worked at companies where there was NO internet acces on workstations.
Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.
There are even companies that hand you the workstation login password and you don't even have priviliges to change it.
Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.
Keep in mind: your workstation and anything you do on it may be monitored - legally !
All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.
...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
|
show 10 more comments
up vote
0
down vote
It seems they are playing power games, and you are letting them.
Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.
I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.
In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.
That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.
Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.
I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.
PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
add a comment |
up vote
-5
down vote
I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.
What security concern or issue would you create by simply providing them the password via phone, SMS or email?
Does your previous laptop contain any sensitive, classified, credit card or other critical information?
Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.
answered Nov 17 at 23:01
Steve
4,17431330
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
|
show 15 more comments
up vote
-11
down vote
Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.
If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".
If you don't have the time for this, then legal action would be really, really inconvenient for you.
answered Nov 17 at 23:48
gnasher729
79.6k34144250
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
add a comment |
StackExchange.ready(function () {
$("#show-editor-button input, #show-editor-button button").click(function () {
var showEditor = function() {
$("#show-editor-button").hide();
$("#post-form").removeClass("dno");
StackExchange.editor.finallyInit();
};
var useFancy = $(this).data('confirm-use-fancy');
if(useFancy == 'True') {
var popupTitle = $(this).data('confirm-fancy-title');
var popupBody = $(this).data('confirm-fancy-body');
var popupAccept = $(this).data('confirm-fancy-accept-button');
$(this).loadPopup({
url: '/post/self-answer-popup',
loaded: function(popup) {
var pTitle = $(popup).find('h2');
var pBody = $(popup).find('.popup-body');
var pSubmit = $(popup).find('.popup-submit');
pTitle.text(popupTitle);
pBody.html(popupBody);
pSubmit.val(popupAccept).click(showEditor);
}
})
} else{
var confirmText = $(this).data('confirm-text');
if (confirmText ? confirm(confirmText) : true) {
showEditor();
}
}
});
});
7 Answers
7
active
oldest
votes
7 Answers
7
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
22
down vote
accepted
If there is something on the computer they want to retrieve it's usually required that you give them access to the data.
But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.
Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.
Once you get the computer:
- Create a new account
- Give it admin rights
- Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)
- Log in with the new admin account
- Delete your personal account
- Give them password for the new admin account
answered Nov 18 at 0:13
Sopuli
1,193210
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
|
show 8 more comments
up vote
22
down vote
accepted
If there is something on the computer they want to retrieve it's usually required that you give them access to the data.
But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.
Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.
Once you get the computer:
- Create a new account
- Give it admin rights
- Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)
- Log in with the new admin account
- Delete your personal account
- Give them password for the new admin account
answered Nov 18 at 0:13
Sopuli
1,193210
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
|
show 8 more comments
up vote
22
down vote
accepted
up vote
22
down vote
accepted
If there is something on the computer they want to retrieve it's usually required that you give them access to the data.
But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.
Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.
Once you get the computer:
- Create a new account
- Give it admin rights
- Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)
- Log in with the new admin account
- Delete your personal account
- Give them password for the new admin account
answered Nov 18 at 0:13
Sopuli
1,193210
If there is something on the computer they want to retrieve it's usually required that you give them access to the data.
But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.
Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.
Once you get the computer:
- Create a new account
- Give it admin rights
- Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)
- Log in with the new admin account
- Delete your personal account
- Give them password for the new admin account
answered Nov 18 at 0:13
Sopuli
1,193210
answered Nov 18 at 0:13
Sopuli
1,193210
answered Nov 18 at 0:13
Sopuli
1,193210
answered Nov 18 at 0:13
Sopuli
1,193210
1,193210
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
|
show 8 more comments
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
1
1
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
– pailhead
Nov 18 at 0:18
1
1
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
@Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
– Sopuli
Nov 18 at 13:39
1
1
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
– Fattie
Nov 18 at 15:17
1
1
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
– Fattie
Nov 18 at 15:19
1
1
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
@Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
– Sopuli
Nov 18 at 15:58
|
show 8 more comments
up vote
5
down vote
Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.
You returned the hardware, the rest is on them. Give them nothing more.
answered Nov 19 at 20:38
Richard U
82.3k60214327
add a comment |
up vote
5
down vote
Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.
You returned the hardware, the rest is on them. Give them nothing more.
answered Nov 19 at 20:38
Richard U
82.3k60214327
add a comment |
up vote
5
down vote
up vote
5
down vote
Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.
You returned the hardware, the rest is on them. Give them nothing more.
answered Nov 19 at 20:38
Richard U
82.3k60214327
Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.
You returned the hardware, the rest is on them. Give them nothing more.
answered Nov 19 at 20:38
Richard U
82.3k60214327
answered Nov 19 at 20:38
Richard U
82.3k60214327
answered Nov 19 at 20:38
Richard U
82.3k60214327
answered Nov 19 at 20:38
Richard U
82.3k60214327
82.3k60214327
add a comment |
add a comment |
up vote
4
down vote
There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:
Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.
If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.
answered Nov 19 at 21:24
Ertai87
6,1461619
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
add a comment |
up vote
4
down vote
There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:
Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.
If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.
answered Nov 19 at 21:24
Ertai87
6,1461619
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
add a comment |
up vote
4
down vote
up vote
4
down vote
There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:
Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.
If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.
answered Nov 19 at 21:24
Ertai87
6,1461619
There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:
Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.
If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.
answered Nov 19 at 21:24
Ertai87
6,1461619
edited Nov 19 at 21:37
answered Nov 19 at 21:24
Ertai87
6,1461619
answered Nov 19 at 21:24
Ertai87
6,1461619
answered Nov 19 at 21:24
Ertai87
6,1461619
6,1461619
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
add a comment |
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
– Rui F Ribeiro
Nov 19 at 21:35
1
1
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
@RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
– Ertai87
Nov 19 at 21:36
add a comment |
up vote
3
down vote
You received a company laptop that you were given for work and returned it after you left the company.
- You should have given them the password when you returned the laptop.
- You should NOT have used the same password as you use privately.
- Give them the damn password and change your personal password...chances are you've been using it for too long anyways...
...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...
EDIT:
What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:
I'm talking EXPLICITLY about OP's special case and circumstances!
the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
This naturally means in working order for machinery and tools.
It of course includes the data stored on said tools and access to it.the password guarding this access protects company property and business secrets.
the FORMER employee has no right anymore to posess, use or access company property
arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property
Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!
The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
CHANGE YOUR DAMN PASSWORD !!
As a side note:
I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.
I worked at companies where there was NO internet acces on workstations.
Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.
There are even companies that hand you the workstation login password and you don't even have priviliges to change it.
Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.
Keep in mind: your workstation and anything you do on it may be monitored - legally !
All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.
...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
|
show 10 more comments
up vote
3
down vote
You received a company laptop that you were given for work and returned it after you left the company.
- You should have given them the password when you returned the laptop.
- You should NOT have used the same password as you use privately.
- Give them the damn password and change your personal password...chances are you've been using it for too long anyways...
...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...
EDIT:
What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:
I'm talking EXPLICITLY about OP's special case and circumstances!
the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
This naturally means in working order for machinery and tools.
It of course includes the data stored on said tools and access to it.the password guarding this access protects company property and business secrets.
the FORMER employee has no right anymore to posess, use or access company property
arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property
Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!
The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
CHANGE YOUR DAMN PASSWORD !!
As a side note:
I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.
I worked at companies where there was NO internet acces on workstations.
Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.
There are even companies that hand you the workstation login password and you don't even have priviliges to change it.
Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.
Keep in mind: your workstation and anything you do on it may be monitored - legally !
All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.
...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
|
show 10 more comments
up vote
3
down vote
up vote
3
down vote
You received a company laptop that you were given for work and returned it after you left the company.
- You should have given them the password when you returned the laptop.
- You should NOT have used the same password as you use privately.
- Give them the damn password and change your personal password...chances are you've been using it for too long anyways...
...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...
EDIT:
What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:
I'm talking EXPLICITLY about OP's special case and circumstances!
the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
This naturally means in working order for machinery and tools.
It of course includes the data stored on said tools and access to it.the password guarding this access protects company property and business secrets.
the FORMER employee has no right anymore to posess, use or access company property
arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property
Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!
The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
CHANGE YOUR DAMN PASSWORD !!
As a side note:
I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.
I worked at companies where there was NO internet acces on workstations.
Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.
There are even companies that hand you the workstation login password and you don't even have priviliges to change it.
Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.
Keep in mind: your workstation and anything you do on it may be monitored - legally !
All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.
...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
You received a company laptop that you were given for work and returned it after you left the company.
- You should have given them the password when you returned the laptop.
- You should NOT have used the same password as you use privately.
- Give them the damn password and change your personal password...chances are you've been using it for too long anyways...
...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...
EDIT:
What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:
I'm talking EXPLICITLY about OP's special case and circumstances!
the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
This naturally means in working order for machinery and tools.
It of course includes the data stored on said tools and access to it.the password guarding this access protects company property and business secrets.
the FORMER employee has no right anymore to posess, use or access company property
arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property
Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!
The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
CHANGE YOUR DAMN PASSWORD !!
As a side note:
I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.
I worked at companies where there was NO internet acces on workstations.
Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.
There are even companies that hand you the workstation login password and you don't even have priviliges to change it.
Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.
Keep in mind: your workstation and anything you do on it may be monitored - legally !
All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.
...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
edited Nov 20 at 7:45
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
answered Nov 18 at 6:10
DigitalBlade969
2,7531314
2,7531314
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
|
show 10 more comments
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
16
16
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
– TwiN
Nov 19 at 4:56
1
1
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
– DigitalBlade969
Nov 19 at 5:09
6
6
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
– TwiN
Nov 19 at 5:12
2
2
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
– pailhead
Nov 19 at 6:00
2
2
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
– pailhead
Nov 19 at 6:00
|
show 10 more comments
up vote
0
down vote
It seems they are playing power games, and you are letting them.
Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.
I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.
In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.
That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.
Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.
I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.
PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
add a comment |
up vote
0
down vote
It seems they are playing power games, and you are letting them.
Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.
I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.
In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.
That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.
Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.
I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.
PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
add a comment |
up vote
0
down vote
up vote
0
down vote
It seems they are playing power games, and you are letting them.
Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.
I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.
In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.
That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.
Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.
I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.
PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
It seems they are playing power games, and you are letting them.
Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.
I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.
In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.
That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.
Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.
I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.
PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
edited 2 days ago
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
answered Nov 18 at 23:00
Rui F Ribeiro
3,5851021
3,5851021
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
add a comment |
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
This contradicts another answer though. Seems like i could get sued in the US.
– pailhead
Nov 19 at 2:00
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
– Rui F Ribeiro
Nov 19 at 11:43
add a comment |
up vote
-5
down vote
I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.
What security concern or issue would you create by simply providing them the password via phone, SMS or email?
Does your previous laptop contain any sensitive, classified, credit card or other critical information?
Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.
answered Nov 17 at 23:01
Steve
4,17431330
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
|
show 15 more comments
up vote
-5
down vote
I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.
What security concern or issue would you create by simply providing them the password via phone, SMS or email?
Does your previous laptop contain any sensitive, classified, credit card or other critical information?
Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.
answered Nov 17 at 23:01
Steve
4,17431330
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
|
show 15 more comments
up vote
-5
down vote
up vote
-5
down vote
I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.
What security concern or issue would you create by simply providing them the password via phone, SMS or email?
Does your previous laptop contain any sensitive, classified, credit card or other critical information?
Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.
answered Nov 17 at 23:01
Steve
4,17431330
I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.
What security concern or issue would you create by simply providing them the password via phone, SMS or email?
Does your previous laptop contain any sensitive, classified, credit card or other critical information?
Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.
answered Nov 17 at 23:01
Steve
4,17431330
edited Nov 17 at 23:32
answered Nov 17 at 23:01
Steve
4,17431330
answered Nov 17 at 23:01
Steve
4,17431330
answered Nov 17 at 23:01
Steve
4,17431330
4,17431330
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
|
show 15 more comments
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
8
8
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
It doesn't seem very nice to call OP ridiculous, petty and a control freak.
– Dukeling
Nov 17 at 23:44
3
3
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
– ThiefMaster
Nov 17 at 23:48
1
1
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
– Steve
Nov 17 at 23:54
4
4
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
– Sopuli
Nov 17 at 23:59
4
4
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
– pailhead
Nov 18 at 0:10
|
show 15 more comments
up vote
-11
down vote
Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.
If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".
If you don't have the time for this, then legal action would be really, really inconvenient for you.
answered Nov 17 at 23:48
gnasher729
79.6k34144250
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
add a comment |
up vote
-11
down vote
Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.
If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".
If you don't have the time for this, then legal action would be really, really inconvenient for you.
answered Nov 17 at 23:48
gnasher729
79.6k34144250
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
add a comment |
up vote
-11
down vote
up vote
-11
down vote
Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.
If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".
If you don't have the time for this, then legal action would be really, really inconvenient for you.
answered Nov 17 at 23:48
gnasher729
79.6k34144250
Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.
If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".
If you don't have the time for this, then legal action would be really, really inconvenient for you.
answered Nov 17 at 23:48
gnasher729
79.6k34144250
answered Nov 17 at 23:48
gnasher729
79.6k34144250
answered Nov 17 at 23:48
gnasher729
79.6k34144250
answered Nov 17 at 23:48
gnasher729
79.6k34144250
79.6k34144250
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
add a comment |
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
– pailhead
Nov 18 at 0:15
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
So the part here is, go to your old company, i can't for various reasons. I will at some point.
– pailhead
Nov 18 at 0:16
8
8
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
– DaveG
Nov 18 at 1:19
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
@DaveG If the data is not accessible because a login password is needed, then the data is not there.
– gnasher729
Nov 18 at 14:09
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
How is it know if data is there at all?
– pailhead
Nov 18 at 22:29
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f122990%2fformer-job-asking-for-laptop-password-weeks-after-leaving%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52
7
Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05
3
If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08
If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58
1
I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21