Former job asking for laptop password weeks after leaving





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty{ margin-bottom:0;
}






up vote
10
down vote

favorite












I left my job and turned in my laptop.



On that work laptop, I used my "usual" personal password, as the password.



When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.



I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.



I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.



My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.



Now they're bugging me again with texts and calls and I don't have the time to handle this.



What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?



I don't mind doing it, but only if it costs me minutes of my time.










share|improve this question




















  • 1




    What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
    – jcmack
    Nov 17 at 21:52






  • 7




    Related: Do I have to relinquish my PC password to my former boss?
    – Dukeling
    Nov 17 at 22:05






  • 3




    If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
    – Dukeling
    Nov 17 at 22:08












  • If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
    – Wais Kamal
    Nov 17 at 22:58






  • 1




    I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
    – pailhead
    Nov 18 at 0:21

















up vote
10
down vote

favorite












I left my job and turned in my laptop.



On that work laptop, I used my "usual" personal password, as the password.



When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.



I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.



I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.



My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.



Now they're bugging me again with texts and calls and I don't have the time to handle this.



What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?



I don't mind doing it, but only if it costs me minutes of my time.










share|improve this question




















  • 1




    What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
    – jcmack
    Nov 17 at 21:52






  • 7




    Related: Do I have to relinquish my PC password to my former boss?
    – Dukeling
    Nov 17 at 22:05






  • 3




    If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
    – Dukeling
    Nov 17 at 22:08












  • If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
    – Wais Kamal
    Nov 17 at 22:58






  • 1




    I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
    – pailhead
    Nov 18 at 0:21













up vote
10
down vote

favorite









up vote
10
down vote

favorite











I left my job and turned in my laptop.



On that work laptop, I used my "usual" personal password, as the password.



When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.



I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.



I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.



My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.



Now they're bugging me again with texts and calls and I don't have the time to handle this.



What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?



I don't mind doing it, but only if it costs me minutes of my time.










share|improve this question















I left my job and turned in my laptop.



On that work laptop, I used my "usual" personal password, as the password.



When I left and turned in the laptop, no-one asked for the password. A couple of weeks later my former manager starts texting me and calling me asking for the password. For security reasons (even stating this feels insecure) I can't give out that password. It's my "personal" password I use in other situations.



I want to get the laptop, login (with my "personal" password) and change the password to 12345678 for them, and give it back.



I offered to receive the laptop, either by having a former co-worker visit me, or have it sent via a courier service or something like that.



My manager and I setup a time for that, which he didn't honor. I offered to meet somewhere near the office when I was in the vicinity but that wasn't honored either.



Now they're bugging me again with texts and calls and I don't have the time to handle this.



What are the expectations here? Can i just simply say "I cant do this" and let it rest? What about "I'll get back to you when i got the time"?



I don't mind doing it, but only if it costs me minutes of my time.







quitting privacy






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 18 at 6:33









BSMP

3,5111327




3,5111327










asked Nov 17 at 21:38









pailhead

1469




1469








  • 1




    What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
    – jcmack
    Nov 17 at 21:52






  • 7




    Related: Do I have to relinquish my PC password to my former boss?
    – Dukeling
    Nov 17 at 22:05






  • 3




    If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
    – Dukeling
    Nov 17 at 22:08












  • If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
    – Wais Kamal
    Nov 17 at 22:58






  • 1




    I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
    – pailhead
    Nov 18 at 0:21














  • 1




    What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
    – jcmack
    Nov 17 at 21:52






  • 7




    Related: Do I have to relinquish my PC password to my former boss?
    – Dukeling
    Nov 17 at 22:05






  • 3




    If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
    – Dukeling
    Nov 17 at 22:08












  • If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
    – Wais Kamal
    Nov 17 at 22:58






  • 1




    I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
    – pailhead
    Nov 18 at 0:21








1




1




What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52




What information is your former manager trying to obtain? At one of my older jobs, I had got a laptop approved when others couldn't. When I left, my manager requested that I transfer the laptop to him and give him the password. I ended up wiping the laptop and giving it to him to set up with his own password before I left.
– jcmack
Nov 17 at 21:52




7




7




Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05




Related: Do I have to relinquish my PC password to my former boss?
– Dukeling
Nov 17 at 22:05




3




3




If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08






If they've already failed to honour two agreed-upon meetings, whether you want to keep trying is completely up to you, and your problem isn't so much "they're asking for a password" as it is "they're not doing what they agreed to do".
– Dukeling
Nov 17 at 22:08














If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58




If I were in your manager's shoes, I will have broken tat password since you left instead of chasing you.
– Wais Kamal
Nov 17 at 22:58




1




1




I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21




I don't know about the information they're trying to obtain nor do i care. I care about not writing down / sharing my password and now that i've read through the comments i care about logging out of facebook, gmail and bank accounts.
– pailhead
Nov 18 at 0:21










7 Answers
7






active

oldest

votes

















up vote
22
down vote



accepted










If there is something on the computer they want to retrieve it's usually required that you give them access to the data.



But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.



Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.



Once you get the computer:




  1. Create a new account

  2. Give it admin rights

  3. Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)

  4. Log in with the new admin account

  5. Delete your personal account

  6. Give them password for the new admin account






share|improve this answer

















  • 1




    Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
    – pailhead
    Nov 18 at 0:18






  • 1




    @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
    – Sopuli
    Nov 18 at 13:39






  • 1




    hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
    – Fattie
    Nov 18 at 15:17






  • 1




    If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
    – Fattie
    Nov 18 at 15:19






  • 1




    @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
    – Sopuli
    Nov 18 at 15:58


















up vote
5
down vote













Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.



You returned the hardware, the rest is on them. Give them nothing more.






share|improve this answer




























    up vote
    4
    down vote













    There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:




    Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.




    If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.






    share|improve this answer























    • I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
      – Rui F Ribeiro
      2 days ago






    • 1




      @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
      – Ertai87
      2 days ago




















    up vote
    3
    down vote













    You received a company laptop that you were given for work and returned it after you left the company.




    1. You should have given them the password when you returned the laptop.

    2. You should NOT have used the same password as you use privately.

    3. Give them the damn password and change your personal password...chances are you've been using it for too long anyways...


    ...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...



    EDIT:
    What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:




    • I'm talking EXPLICITLY about OP's special case and circumstances!


    • the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
      This naturally means in working order for machinery and tools.
      It of course includes the data stored on said tools and access to it.


    • the password guarding this access protects company property and business secrets.


    • the FORMER employee has no right anymore to posess, use or access company property


    • arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property



    Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!



    The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
    Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
    CHANGE YOUR DAMN PASSWORD !!



    As a side note:

    I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.

    I worked at companies where there was NO internet acces on workstations.

    Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.

    There are even companies that hand you the workstation login password and you don't even have priviliges to change it.

    Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.


    Keep in mind: your workstation and anything you do on it may be monitored - legally !



    All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.



    ...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...






    share|improve this answer



















    • 16




      Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
      – TwiN
      2 days ago






    • 1




      The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
      – DigitalBlade969
      2 days ago






    • 6




      It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
      – TwiN
      2 days ago








    • 2




      No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
      – pailhead
      2 days ago






    • 2




      If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
      – pailhead
      2 days ago


















    up vote
    0
    down vote













    It seems they are playing power games, and you are letting them.



    Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.



    I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.



    In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.



    That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.



    Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.



    I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.



    PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.






    share|improve this answer























    • This contradicts another answer though. Seems like i could get sued in the US.
      – pailhead
      2 days ago










    • They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
      – Rui F Ribeiro
      2 days ago




















    up vote
    -5
    down vote













    I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.



    What security concern or issue would you create by simply providing them the password via phone, SMS or email?



    Does your previous laptop contain any sensitive, classified, credit card or other critical information?



    Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.






    share|improve this answer



















    • 8




      It doesn't seem very nice to call OP ridiculous, petty and a control freak.
      – Dukeling
      Nov 17 at 23:44






    • 3




      Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
      – ThiefMaster
      Nov 17 at 23:48






    • 1




      The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
      – Steve
      Nov 17 at 23:54






    • 4




      With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
      – Sopuli
      Nov 17 at 23:59






    • 4




      I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
      – pailhead
      Nov 18 at 0:10


















    up vote
    -11
    down vote













    Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.



    If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".



    If you don't have the time for this, then legal action would be really, really inconvenient for you.






    share|improve this answer





















    • I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
      – pailhead
      Nov 18 at 0:15










    • So the part here is, go to your old company, i can't for various reasons. I will at some point.
      – pailhead
      Nov 18 at 0:16






    • 8




      Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
      – DaveG
      Nov 18 at 1:19










    • @DaveG If the data is not accessible because a login password is needed, then the data is not there.
      – gnasher729
      Nov 18 at 14:09










    • How is it know if data is there at all?
      – pailhead
      Nov 18 at 22:29











    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "423"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    noCode: true, onDemand: false,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














     

    draft saved


    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f122990%2fformer-job-asking-for-laptop-password-weeks-after-leaving%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown




















    StackExchange.ready(function () {
    $("#show-editor-button input, #show-editor-button button").click(function () {
    var showEditor = function() {
    $("#show-editor-button").hide();
    $("#post-form").removeClass("dno");
    StackExchange.editor.finallyInit();
    };

    var useFancy = $(this).data('confirm-use-fancy');
    if(useFancy == 'True') {
    var popupTitle = $(this).data('confirm-fancy-title');
    var popupBody = $(this).data('confirm-fancy-body');
    var popupAccept = $(this).data('confirm-fancy-accept-button');

    $(this).loadPopup({
    url: '/post/self-answer-popup',
    loaded: function(popup) {
    var pTitle = $(popup).find('h2');
    var pBody = $(popup).find('.popup-body');
    var pSubmit = $(popup).find('.popup-submit');

    pTitle.text(popupTitle);
    pBody.html(popupBody);
    pSubmit.val(popupAccept).click(showEditor);
    }
    })
    } else{
    var confirmText = $(this).data('confirm-text');
    if (confirmText ? confirm(confirmText) : true) {
    showEditor();
    }
    }
    });
    });






    7 Answers
    7






    active

    oldest

    votes








    7 Answers
    7






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    22
    down vote



    accepted










    If there is something on the computer they want to retrieve it's usually required that you give them access to the data.



    But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.



    Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.



    Once you get the computer:




    1. Create a new account

    2. Give it admin rights

    3. Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)

    4. Log in with the new admin account

    5. Delete your personal account

    6. Give them password for the new admin account






    share|improve this answer

















    • 1




      Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
      – pailhead
      Nov 18 at 0:18






    • 1




      @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
      – Sopuli
      Nov 18 at 13:39






    • 1




      hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
      – Fattie
      Nov 18 at 15:17






    • 1




      If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
      – Fattie
      Nov 18 at 15:19






    • 1




      @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
      – Sopuli
      Nov 18 at 15:58















    up vote
    22
    down vote



    accepted










    If there is something on the computer they want to retrieve it's usually required that you give them access to the data.



    But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.



    Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.



    Once you get the computer:




    1. Create a new account

    2. Give it admin rights

    3. Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)

    4. Log in with the new admin account

    5. Delete your personal account

    6. Give them password for the new admin account






    share|improve this answer

















    • 1




      Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
      – pailhead
      Nov 18 at 0:18






    • 1




      @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
      – Sopuli
      Nov 18 at 13:39






    • 1




      hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
      – Fattie
      Nov 18 at 15:17






    • 1




      If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
      – Fattie
      Nov 18 at 15:19






    • 1




      @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
      – Sopuli
      Nov 18 at 15:58













    up vote
    22
    down vote



    accepted







    up vote
    22
    down vote



    accepted






    If there is something on the computer they want to retrieve it's usually required that you give them access to the data.



    But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.



    Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.



    Once you get the computer:




    1. Create a new account

    2. Give it admin rights

    3. Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)

    4. Log in with the new admin account

    5. Delete your personal account

    6. Give them password for the new admin account






    share|improve this answer












    If there is something on the computer they want to retrieve it's usually required that you give them access to the data.



    But this doesn't mean you need to give them access to your account. Giving them your password opens up serious security and identity issues.



    Apparently they don't have company IT department who could grant access, so they need your help. After they have failed twice to do what was agreed, you could start ignoring them. But if you don't want to burn bridges and/or start fighting, you may want to set up a meeting to correct the issue.



    Once you get the computer:




    1. Create a new account

    2. Give it admin rights

    3. Transfer all required files from your personal account to a folder where this new account can access them (folder in root or something)

    4. Log in with the new admin account

    5. Delete your personal account

    6. Give them password for the new admin account







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered Nov 18 at 0:13









    Sopuli

    1,193210




    1,193210








    • 1




      Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
      – pailhead
      Nov 18 at 0:18






    • 1




      @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
      – Sopuli
      Nov 18 at 13:39






    • 1




      hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
      – Fattie
      Nov 18 at 15:17






    • 1




      If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
      – Fattie
      Nov 18 at 15:19






    • 1




      @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
      – Sopuli
      Nov 18 at 15:58














    • 1




      Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
      – pailhead
      Nov 18 at 0:18






    • 1




      @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
      – Sopuli
      Nov 18 at 13:39






    • 1




      hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
      – Fattie
      Nov 18 at 15:17






    • 1




      If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
      – Fattie
      Nov 18 at 15:19






    • 1




      @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
      – Sopuli
      Nov 18 at 15:58








    1




    1




    Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
    – pailhead
    Nov 18 at 0:18




    Is there some reasonable time frame for the 3rd meeting that wouldn't count as me yanking them around, and wouldn't count as them harassing me?
    – pailhead
    Nov 18 at 0:18




    1




    1




    @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
    – Sopuli
    Nov 18 at 13:39




    @Fattie That would protect his other accounts where he re-used the same password. But still giving access to his work account is a bad security practice. It opens up the possibility to abuse the identity for both of the parties. Even if this is the standard in many places, it's still worth mentioning that you can hand over the data without compromising the identity/security.
    – Sopuli
    Nov 18 at 13:39




    1




    1




    hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
    – Fattie
    Nov 18 at 15:17




    hi @Sopuli ... I .. understand what you're saying clearly, but .. I guess it's hard for me to see an application for that. Are you invisaging: person P works at company C. She gets laptop L. She creates an account "A" on L. So, account A will sure have stuff such as code, a copy of Visual Basic, secret blueprints of the engine and so on. You're saying that within account A, person P may indeed also have stuff such as, you know, personal stuff relating to person P .. web searches, purchase of art gallery tickets, books they are reading etc. Have I understood you? (cont ....)
    – Fattie
    Nov 18 at 15:17




    1




    1




    If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
    – Fattie
    Nov 18 at 15:19




    If that's what you mean, i guess then (1) you're right, that "personal stuff of P on account A" would have to be sequestered, removed. only the "actual corporate" stuff in A would be handed over, the rest ("actually personal") would ideally be erased from existence. But (2) could be a cultural thing, but that wouldn't happen in my neck of the woods? Account "A" is 100% business only. Zero comingling.
    – Fattie
    Nov 18 at 15:19




    1




    1




    @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
    – Sopuli
    Nov 18 at 15:58




    @Fattie This is getting a bit off-topic. There might be confidential discussions in slack/skype/etc. There might be documents, like your work contract, stock options etc. There might be confidential emails. There could be connection to database or server from that laptop with stored credentials. Just a few examples. All purely work related, but things that should not be disclosed to anybody else. Like said, you should never give your identity to anybody else, only the data.
    – Sopuli
    Nov 18 at 15:58












    up vote
    5
    down vote













    Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.



    You returned the hardware, the rest is on them. Give them nothing more.






    share|improve this answer

























      up vote
      5
      down vote













      Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.



      You returned the hardware, the rest is on them. Give them nothing more.






      share|improve this answer























        up vote
        5
        down vote










        up vote
        5
        down vote









        Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.



        You returned the hardware, the rest is on them. Give them nothing more.






        share|improve this answer












        Any IT department worth it's salt can hack a laptop to get in. Worst case scenario, they wipe the drive and start over with a new Image, which is what they should do anyway.



        You returned the hardware, the rest is on them. Give them nothing more.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 2 days ago









        Richard U

        81.9k60212326




        81.9k60212326






















            up vote
            4
            down vote













            There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:




            Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.




            If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.






            share|improve this answer























            • I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
              – Rui F Ribeiro
              2 days ago






            • 1




              @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
              – Ertai87
              2 days ago

















            up vote
            4
            down vote













            There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:




            Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.




            If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.






            share|improve this answer























            • I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
              – Rui F Ribeiro
              2 days ago






            • 1




              @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
              – Ertai87
              2 days ago















            up vote
            4
            down vote










            up vote
            4
            down vote









            There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:




            Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.




            If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.






            share|improve this answer














            There's an old adage: "Fool me once, shame on you. Fool me twice, shame on me". Well, it looks like you've been fooled twice, as you've tried to set up two in-good-faith meetings to rectify the situation, and they have in bad faith not met either of those meetings. At this point, in my opinion, it's on them to set up a meeting time that works for you, not the other way around. My response to their next communique would be something like this:




            Sorry, but I've tried to set up a meeting with you guys twice in good faith to try to fix this situation. I simply cannot shanghai my schedule around you guys any more to schedule any more meetings which you have shown to not respect. You have my address [presumably they actually have this, usually you give it to them when you start employment]. I am working a new job now and my work hours are 9am-5pm [or whatever your hours are]. I need some commuting time, so please schedule a time to come to the local Moondollar coffee shop near my place after 6pm on a weekday evening to have this situation resolved. If you can't do that, then I'm sorry but I can't help you.




            If they are unable or unwilling to schedule a meeting according to the time you've set out for them, then that's too bad for them; unless you have critical business information that you are legally liable for on that laptop, there's nothing they can do to make you work on their schedule. If they meet your schedule, then I defer to Sopuli's answer as to how to proceed. If, however, they schedule a meeting with you on your schedule and then miss it a third time, well, there's another adage for that: "Three strikes, you're out!" At that point I would just stop taking their calls and stop responding to their emails, and in the very extreme case that they don't get the hint, consider going to local law enforcement for harassment.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited 2 days ago

























            answered 2 days ago









            Ertai87

            6,1161619




            6,1161619












            • I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
              – Rui F Ribeiro
              2 days ago






            • 1




              @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
              – Ertai87
              2 days ago




















            • I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
              – Rui F Ribeiro
              2 days ago






            • 1




              @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
              – Ertai87
              2 days ago


















            I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
            – Rui F Ribeiro
            2 days ago




            I would not invite them at home. A coffee shop/neutral public ground is much better and provides a quick way of losing them quickly or tell them to get lost if they start being unpleasant.
            – Rui F Ribeiro
            2 days ago




            1




            1




            @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
            – Ertai87
            2 days ago






            @RuiFRibeiro Fair enough. In reality I would probably do that as well, I just provided that as an example of something like what I might say, not what I actually would say. I'll edit the answer though to reflect that.
            – Ertai87
            2 days ago












            up vote
            3
            down vote













            You received a company laptop that you were given for work and returned it after you left the company.




            1. You should have given them the password when you returned the laptop.

            2. You should NOT have used the same password as you use privately.

            3. Give them the damn password and change your personal password...chances are you've been using it for too long anyways...


            ...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...



            EDIT:
            What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:




            • I'm talking EXPLICITLY about OP's special case and circumstances!


            • the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
              This naturally means in working order for machinery and tools.
              It of course includes the data stored on said tools and access to it.


            • the password guarding this access protects company property and business secrets.


            • the FORMER employee has no right anymore to posess, use or access company property


            • arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property



            Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!



            The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
            Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
            CHANGE YOUR DAMN PASSWORD !!



            As a side note:

            I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.

            I worked at companies where there was NO internet acces on workstations.

            Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.

            There are even companies that hand you the workstation login password and you don't even have priviliges to change it.

            Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.


            Keep in mind: your workstation and anything you do on it may be monitored - legally !



            All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.



            ...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...






            share|improve this answer



















            • 16




              Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
              – TwiN
              2 days ago






            • 1




              The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
              – DigitalBlade969
              2 days ago






            • 6




              It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
              – TwiN
              2 days ago








            • 2




              No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
              – pailhead
              2 days ago






            • 2




              If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
              – pailhead
              2 days ago















            up vote
            3
            down vote













            You received a company laptop that you were given for work and returned it after you left the company.




            1. You should have given them the password when you returned the laptop.

            2. You should NOT have used the same password as you use privately.

            3. Give them the damn password and change your personal password...chances are you've been using it for too long anyways...


            ...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...



            EDIT:
            What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:




            • I'm talking EXPLICITLY about OP's special case and circumstances!


            • the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
              This naturally means in working order for machinery and tools.
              It of course includes the data stored on said tools and access to it.


            • the password guarding this access protects company property and business secrets.


            • the FORMER employee has no right anymore to posess, use or access company property


            • arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property



            Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!



            The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
            Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
            CHANGE YOUR DAMN PASSWORD !!



            As a side note:

            I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.

            I worked at companies where there was NO internet acces on workstations.

            Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.

            There are even companies that hand you the workstation login password and you don't even have priviliges to change it.

            Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.


            Keep in mind: your workstation and anything you do on it may be monitored - legally !



            All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.



            ...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...






            share|improve this answer



















            • 16




              Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
              – TwiN
              2 days ago






            • 1




              The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
              – DigitalBlade969
              2 days ago






            • 6




              It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
              – TwiN
              2 days ago








            • 2




              No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
              – pailhead
              2 days ago






            • 2




              If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
              – pailhead
              2 days ago













            up vote
            3
            down vote










            up vote
            3
            down vote









            You received a company laptop that you were given for work and returned it after you left the company.




            1. You should have given them the password when you returned the laptop.

            2. You should NOT have used the same password as you use privately.

            3. Give them the damn password and change your personal password...chances are you've been using it for too long anyways...


            ...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...



            EDIT:
            What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:




            • I'm talking EXPLICITLY about OP's special case and circumstances!


            • the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
              This naturally means in working order for machinery and tools.
              It of course includes the data stored on said tools and access to it.


            • the password guarding this access protects company property and business secrets.


            • the FORMER employee has no right anymore to posess, use or access company property


            • arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property



            Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!



            The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
            Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
            CHANGE YOUR DAMN PASSWORD !!



            As a side note:

            I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.

            I worked at companies where there was NO internet acces on workstations.

            Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.

            There are even companies that hand you the workstation login password and you don't even have priviliges to change it.

            Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.


            Keep in mind: your workstation and anything you do on it may be monitored - legally !



            All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.



            ...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...






            share|improve this answer














            You received a company laptop that you were given for work and returned it after you left the company.




            1. You should have given them the password when you returned the laptop.

            2. You should NOT have used the same password as you use privately.

            3. Give them the damn password and change your personal password...chances are you've been using it for too long anyways...


            ...oh and try not to use the same password everywhere, especially if it is a privacy sensitve account...



            EDIT:
            What people don't seem to understand and why this answer has almost as many downvotes as upvotes is:




            • I'm talking EXPLICITLY about OP's special case and circumstances!


            • the WORK relation ENDED and the employee was required (usually by contract) to return all company property.
              This naturally means in working order for machinery and tools.
              It of course includes the data stored on said tools and access to it.


            • the password guarding this access protects company property and business secrets.


            • the FORMER employee has no right anymore to posess, use or access company property


            • arguably - and this could be an interesting legal question - any data (including the password itself) stored on company property becomes also company property



            Why is this not getting in some heads, that in order to properly hand over the WORK laptop and information on it the employee is required to relinquish access (THE PASSWORD) to the employer ?!



            The fact that the employee used his personal password is irrelevant and solely the fault of this employee.
            Not to mention that this whole discussion about privacy issues loses any merit as soon as the employee does what we all should do regularly:
            CHANGE YOUR DAMN PASSWORD !!



            As a side note:

            I worked at companies where they had keyloggers and internet monitoring enabled on every workstation.

            I worked at companies where there was NO internet acces on workstations.

            Internet acces for work reasons was enabled on dedicated access points and private communication was allowed only on personal equipment and on a separate WIFI network.

            There are even companies that hand you the workstation login password and you don't even have priviliges to change it.

            Hell, I even worked at companies that didn't allow recoding equipment (including mobile phones) on the floor in the vicinity of displays or whiteboards.


            Keep in mind: your workstation and anything you do on it may be monitored - legally !



            All the work you do belongs to the employer and unauthorized use of the (often) expensive professional equipment and software licenses for personal projects for instance constitues a serious misuse of property.



            ...see what you made me do...exploding an answer from a few sentences into a tl;dr explanation of things that I assumed were obvious...







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited yesterday

























            answered Nov 18 at 6:10









            DigitalBlade969

            2,7431314




            2,7431314








            • 16




              Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
              – TwiN
              2 days ago






            • 1




              The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
              – DigitalBlade969
              2 days ago






            • 6




              It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
              – TwiN
              2 days ago








            • 2




              No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
              – pailhead
              2 days ago






            • 2




              If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
              – pailhead
              2 days ago














            • 16




              Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
              – TwiN
              2 days ago






            • 1




              The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
              – DigitalBlade969
              2 days ago






            • 6




              It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
              – TwiN
              2 days ago








            • 2




              No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
              – pailhead
              2 days ago






            • 2




              If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
              – pailhead
              2 days ago








            16




            16




            Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
            – TwiN
            2 days ago




            Seriously? Your solution is to "give them the damn password"? If you're going to be rude and give a terrible answer, don't bother answering. You should never disclose your password. Even though I agree that he shouldn't have used his personal password, he may have exposed his personal accounts to security concerns, and that he should change his personal passwords, I don't see why he should have to give his password. He gave in his two weeks notice, his employer didn't mention anything about it at anytime, it is their fault, not his.
            – TwiN
            2 days ago




            1




            1




            The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
            – DigitalBlade969
            2 days ago




            The problem is, it is the companies WORK laptop with the WORK data it holds. By not giving them the password he basically didn't hand over the laptop / data, as it is unusable (not everyone knows how or wants to crack the login or reinstall the whole thing).There is NO private data supposed to be on that machine, so he won't give them access to his personal files and the fact that he uses the password elsewhere can (needs to) be remedied before he hands it over.My comment was in jest and to show how unprofessional his behaviour actually is.Don't be so salty about a snarky comment...k
            – DigitalBlade969
            2 days ago




            6




            6




            It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
            – TwiN
            2 days ago






            It's not unusable, I have never had to provide my password after leaving a company, the de facto standard is for them to wipe the drive and reinstall the OS. Like I said, I agree with you on the personal password point, it shouldn't be used for non-personal stuffs, but it being a business laptop doesn't justify giving up your credentials because they neglected to ask for it (or warn you about it) during your 2 weeks notice.
            – TwiN
            2 days ago






            2




            2




            No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
            – pailhead
            2 days ago




            No one asked me for anything but the laptop. Things happened rather quickly, one thursday i put in my 2 weeks, the next morning i was escorted out of the office. I was a bit baffled but i thought they knew what they were doing. During that brief encounter, they just asked for the laptop, not the password. I thought i would at least hand off the code i've been writing for the last two weeks, including that morning but nothing was asked of me. Had they respected my two weeks im sure i would have cleared the password issue, handed back the asset properly etc.
            – pailhead
            2 days ago




            2




            2




            If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
            – pailhead
            2 days ago




            If i spend a couple of hours doing that now id like to get paid. If not, a few minutes at my place or a coffee shop nearby would do.
            – pailhead
            2 days ago










            up vote
            0
            down vote













            It seems they are playing power games, and you are letting them.



            Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.



            I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.



            In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.



            That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.



            Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.



            I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.



            PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.






            share|improve this answer























            • This contradicts another answer though. Seems like i could get sued in the US.
              – pailhead
              2 days ago










            • They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
              – Rui F Ribeiro
              2 days ago

















            up vote
            0
            down vote













            It seems they are playing power games, and you are letting them.



            Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.



            I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.



            In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.



            That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.



            Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.



            I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.



            PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.






            share|improve this answer























            • This contradicts another answer though. Seems like i could get sued in the US.
              – pailhead
              2 days ago










            • They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
              – Rui F Ribeiro
              2 days ago















            up vote
            0
            down vote










            up vote
            0
            down vote









            It seems they are playing power games, and you are letting them.



            Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.



            I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.



            In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.



            That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.



            Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.



            I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.



            PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.






            share|improve this answer














            It seems they are playing power games, and you are letting them.



            Either they are outright incompetent, or they are out there just to get your password for some unknown reason. e.g. It is trivial to get to the data they want from the notebook unless you used some form of encryption.



            I would not worry so much about providing whatever they are asking as you already left the company and returned the notebook.



            In fact, we might in Europe even have privacy laws protecting us from having to give a private password, be it your password your user from work or the same as personal use.



            That said, if you have in writing that you tried in good faith to attend to their request, I would start ignoring their contacts; if not I would make a point of answer them via email and tell them since they failed the last two times, that you will only do that if they come a location near you (a nearby coffee shop for instance). In that way you also put in writing the last two occurrences.



            Nevertheless, you have whatsoever no obligations to them anymore. Furthermore, it was both their fault they failed to meet you to take care of something of their interest, and the code was not committed because they escorted you out of the building.



            I advise cutting their contacts short, and only complying to a court order if it comes to that - which I honestly doubt. The present situation is nothing but consequences of their own doing.



            PS. As for managing passwords. I rarely use the same password in two different services, and I usually use 2FA in services that support them. The 2FA software is in my phone and my smartwatch. In my former work, when I handed them back their MacBook Pro, I just had to logout of my Gmail and disassociate it of my private Apple account.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited yesterday

























            answered Nov 18 at 23:00









            Rui F Ribeiro

            3,5851021




            3,5851021












            • This contradicts another answer though. Seems like i could get sued in the US.
              – pailhead
              2 days ago










            • They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
              – Rui F Ribeiro
              2 days ago




















            • This contradicts another answer though. Seems like i could get sued in the US.
              – pailhead
              2 days ago










            • They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
              – Rui F Ribeiro
              2 days ago


















            This contradicts another answer though. Seems like i could get sued in the US.
            – pailhead
            2 days ago




            This contradicts another answer though. Seems like i could get sued in the US.
            – pailhead
            2 days ago












            They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
            – Rui F Ribeiro
            2 days ago






            They also can try to sue here... Between the request not having any thecnical basis and you having documented the multiple enconteur failures... If you go there, just login and change the password, do not sign any form at all, even to get in, and if they have work clarification requests of any form, tell them to get lost. They seem to be bent on getting the password, and I think they will not accept a no. There could be other reasons, but I think they want to get you in the premisses to be able to coerce you into it.
            – Rui F Ribeiro
            2 days ago












            up vote
            -5
            down vote













            I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.



            What security concern or issue would you create by simply providing them the password via phone, SMS or email?



            Does your previous laptop contain any sensitive, classified, credit card or other critical information?



            Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.






            share|improve this answer



















            • 8




              It doesn't seem very nice to call OP ridiculous, petty and a control freak.
              – Dukeling
              Nov 17 at 23:44






            • 3




              Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
              – ThiefMaster
              Nov 17 at 23:48






            • 1




              The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
              – Steve
              Nov 17 at 23:54






            • 4




              With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
              – Sopuli
              Nov 17 at 23:59






            • 4




              I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
              – pailhead
              Nov 18 at 0:10















            up vote
            -5
            down vote













            I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.



            What security concern or issue would you create by simply providing them the password via phone, SMS or email?



            Does your previous laptop contain any sensitive, classified, credit card or other critical information?



            Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.






            share|improve this answer



















            • 8




              It doesn't seem very nice to call OP ridiculous, petty and a control freak.
              – Dukeling
              Nov 17 at 23:44






            • 3




              Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
              – ThiefMaster
              Nov 17 at 23:48






            • 1




              The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
              – Steve
              Nov 17 at 23:54






            • 4




              With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
              – Sopuli
              Nov 17 at 23:59






            • 4




              I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
              – pailhead
              Nov 18 at 0:10













            up vote
            -5
            down vote










            up vote
            -5
            down vote









            I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.



            What security concern or issue would you create by simply providing them the password via phone, SMS or email?



            Does your previous laptop contain any sensitive, classified, credit card or other critical information?



            Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.






            share|improve this answer














            I'm much more security aware than most, it's part of my professional responsibilities. But I have to say you're being ridiculous here.



            What security concern or issue would you create by simply providing them the password via phone, SMS or email?



            Does your previous laptop contain any sensitive, classified, credit card or other critical information?



            Any security professional will tell you that you use security procedures that are appropriate to the information. This just sounds like you're being petty and a control freak for no valid reason.







            share|improve this answer














            share|improve this answer



            share|improve this answer








            edited Nov 17 at 23:32

























            answered Nov 17 at 23:01









            Steve

            4,17431330




            4,17431330








            • 8




              It doesn't seem very nice to call OP ridiculous, petty and a control freak.
              – Dukeling
              Nov 17 at 23:44






            • 3




              Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
              – ThiefMaster
              Nov 17 at 23:48






            • 1




              The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
              – Steve
              Nov 17 at 23:54






            • 4




              With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
              – Sopuli
              Nov 17 at 23:59






            • 4




              I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
              – pailhead
              Nov 18 at 0:10














            • 8




              It doesn't seem very nice to call OP ridiculous, petty and a control freak.
              – Dukeling
              Nov 17 at 23:44






            • 3




              Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
              – ThiefMaster
              Nov 17 at 23:48






            • 1




              The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
              – Steve
              Nov 17 at 23:54






            • 4




              With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
              – Sopuli
              Nov 17 at 23:59






            • 4




              I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
              – pailhead
              Nov 18 at 0:10








            8




            8




            It doesn't seem very nice to call OP ridiculous, petty and a control freak.
            – Dukeling
            Nov 17 at 23:44




            It doesn't seem very nice to call OP ridiculous, petty and a control freak.
            – Dukeling
            Nov 17 at 23:44




            3




            3




            Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
            – ThiefMaster
            Nov 17 at 23:48




            Unless the usage of the computer was 100% professional with absolute no personal usage (and thus e.g. a stored facebook password or something else that's not the company's business) AND the password OP used on the laptop was completely unrelated from all his other passwords it's absolutely understandable that he doesn't want to give out that password.
            – ThiefMaster
            Nov 17 at 23:48




            1




            1




            The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
            – Steve
            Nov 17 at 23:54




            The OP gives no indication at all that the computer contains personal information, nor any indication that he needs to remove anything at all. As written there is no justification what so ever for his behavior or demands. If he modifies his OP I'll modify my answer.
            – Steve
            Nov 17 at 23:54




            4




            4




            With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
            – Sopuli
            Nov 17 at 23:59




            With proper IT they could gain access to the computer without giving password. If password is given, it jeopardizes both parties as your identity is shared now. Either one of the parties could commit a crime and blame the other one. This is a huge no-no and security aware person should know this.
            – Sopuli
            Nov 17 at 23:59




            4




            4




            I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
            – pailhead
            Nov 18 at 0:10




            I've logged into my personal gmail, my facebook, i've ordered tickets through ticketfly etc etc. But this is less of a concern than giving someone a password that is my password for something else.
            – pailhead
            Nov 18 at 0:10










            up vote
            -11
            down vote













            Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.



            If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".



            If you don't have the time for this, then legal action would be really, really inconvenient for you.






            share|improve this answer





















            • I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
              – pailhead
              Nov 18 at 0:15










            • So the part here is, go to your old company, i can't for various reasons. I will at some point.
              – pailhead
              Nov 18 at 0:16






            • 8




              Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
              – DaveG
              Nov 18 at 1:19










            • @DaveG If the data is not accessible because a login password is needed, then the data is not there.
              – gnasher729
              Nov 18 at 14:09










            • How is it know if data is there at all?
              – pailhead
              Nov 18 at 22:29















            up vote
            -11
            down vote













            Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.



            If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".



            If you don't have the time for this, then legal action would be really, really inconvenient for you.






            share|improve this answer





















            • I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
              – pailhead
              Nov 18 at 0:15










            • So the part here is, go to your old company, i can't for various reasons. I will at some point.
              – pailhead
              Nov 18 at 0:16






            • 8




              Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
              – DaveG
              Nov 18 at 1:19










            • @DaveG If the data is not accessible because a login password is needed, then the data is not there.
              – gnasher729
              Nov 18 at 14:09










            • How is it know if data is there at all?
              – pailhead
              Nov 18 at 22:29













            up vote
            -11
            down vote










            up vote
            -11
            down vote









            Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.



            If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".



            If you don't have the time for this, then legal action would be really, really inconvenient for you.






            share|improve this answer












            Presumably you were asked to return that laptop with all the data on it. Which you didn't. Whose fault that is is another matter, but the company could sue you for damages. Would they win? Maybe yes, maybe not. Would it cost you time and money? Most definitely both.



            If the password isn't sensitive to you (it's not a duplicate of your banking password or another password, for example) then just hand it over. If that's not secure, that's not your problem, they asked for it. If the password is sensitive to you (unlocks access to your bank account as well) go to your old company and change the password to "123456".



            If you don't have the time for this, then legal action would be really, really inconvenient for you.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 17 at 23:48









            gnasher729

            79.4k34144250




            79.4k34144250












            • I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
              – pailhead
              Nov 18 at 0:15










            • So the part here is, go to your old company, i can't for various reasons. I will at some point.
              – pailhead
              Nov 18 at 0:16






            • 8




              Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
              – DaveG
              Nov 18 at 1:19










            • @DaveG If the data is not accessible because a login password is needed, then the data is not there.
              – gnasher729
              Nov 18 at 14:09










            • How is it know if data is there at all?
              – pailhead
              Nov 18 at 22:29


















            • I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
              – pailhead
              Nov 18 at 0:15










            • So the part here is, go to your old company, i can't for various reasons. I will at some point.
              – pailhead
              Nov 18 at 0:16






            • 8




              Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
              – DaveG
              Nov 18 at 1:19










            • @DaveG If the data is not accessible because a login password is needed, then the data is not there.
              – gnasher729
              Nov 18 at 14:09










            • How is it know if data is there at all?
              – pailhead
              Nov 18 at 22:29
















            I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
            – pailhead
            Nov 18 at 0:15




            I sat down with an HR person and my manager and they said something along the lines of "hand over your laptop" which i did. What is inconvenient for me is staying in San Francisco while there are hazardous air conditions. Probably not enough to get sued, i'm just wondering what kind of time line and compromise i can look for.
            – pailhead
            Nov 18 at 0:15












            So the part here is, go to your old company, i can't for various reasons. I will at some point.
            – pailhead
            Nov 18 at 0:16




            So the part here is, go to your old company, i can't for various reasons. I will at some point.
            – pailhead
            Nov 18 at 0:16




            8




            8




            Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
            – DaveG
            Nov 18 at 1:19




            Gnasher, he DID return the laptop with all of the data. That's the first line of the post. Security 101 is that you NEVER, EVER give up your personal password. If the company set up the laptop without a separate account, that's the company's screwup. Sopuli has the correct answer, which is to that the company gives the OP the laptop, he creates a new account, copies any necessary data to that account, and then deletes his old account.
            – DaveG
            Nov 18 at 1:19












            @DaveG If the data is not accessible because a login password is needed, then the data is not there.
            – gnasher729
            Nov 18 at 14:09




            @DaveG If the data is not accessible because a login password is needed, then the data is not there.
            – gnasher729
            Nov 18 at 14:09












            How is it know if data is there at all?
            – pailhead
            Nov 18 at 22:29




            How is it know if data is there at all?
            – pailhead
            Nov 18 at 22:29


















             

            draft saved


            draft discarded



















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f122990%2fformer-job-asking-for-laptop-password-weeks-after-leaving%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown











            Popular posts from this blog

            AnyDesk - Fatal Program Failure

            How to calibrate 16:9 built-in touch-screen to a 4:3 resolution?

            QoS: MAC-Priority for clients behind a repeater