Today, I was asked by my employer for my GitHub password. This is something I'm not willing to give out, especially since I work on other projects (outside of work) and am not willing to compromise anyone's data.
Anyone have any advice on how to respond to this request?
This may be more of a rant here:
I ask this because the manager in question demands passwords from everyone for every bit of software and every single device their subordinates use. That data is kept on a spreadsheet right on their desktop!!! They also remote in to work devices using unsecure software and I'm basically waiting for the next data hack.
- This has progressed a little more than I thought it would.
- I let me employer know that I am responsible for more data than just their company's and I am not willing to compromise anyone's data. As it would be a security issue for me to disclose my password, I am unable to provide my login credentials to them.
- Within 5 minutes of that, two managers have now scheduled to have a meeting with me regarding this.
- This seems awfully strange. I'll keep updating as new events unfold.
- Wow! Thank you everyone for responding! Ended up getting an engineering team together to educate the management on the risks of their current system.
- It sounds like management is going to take this advice to change their password control situation. Sounds like they were not used to hearing "no" (more or less) from an employee.