You might like

78 Responses to Hand over your Facebook username and password if you want a job

  1. Joel · 1292 days ago

    Another alternative is to flush facebook entirely. If you need a job to survive, you can certainly afford to ditch facebook. The world was fine before facebook :)

    • GMR · 1292 days ago

      Or change your password the minute you get home from the interview.

    • Daniel · 1291 days ago

      Or change your facebook name.

    • music2myear · 1291 days ago

      Scorched earth. It works everytime. Except for the cockroaches, they survive.

    • HOLALONG · 1291 days ago


      • Anon · 780 days ago

        That's because you don't have Facebook to remind you ;-)

    • Geir Laastad · 1291 days ago

      I have done just that. I deleted my facebook account after reading about that here on Sophos pages. I just decided I didn't want to be a facebook sheep anylonger. But before that article on Sophos, I was already sick and tired about facebook's way of making privacy difficult for everyone. They have hidden the "Delete account" button so good, it's almost impossible to find, -plus many of their other privacy settings which facebook are forced to have, but do not like you use, is also more or less hidden. The Sophos article helped me decide what I should have done long time ago:

      **Delete Account***

      I will never return to facebook...

  2. Anonymous · 1292 days ago

    Not only "Should be" but I think there's a strong case to be made that it _is_ to ask for this information as it may compel a candidate to hand over information about their sexuality or religious beliefs - information that an employer is strictly prohibited from asking about during interview under anti discrimination laws.

  3. NoSpin1600 · 1292 days ago

    I don't have anything on my Facebook page or in my profile that would prohibit me form getting any job but I do feel this is an invasion of privacy. I think corporations are taking advantage of the current economic situation and high unemployment rates to snoop on prospective employees. If they ask for my Facebook password I should be able to ask that they provide the username and password for the person who will be my supervisor so I can ensure I am going to work for a quality person.

  4. S Burns · 1292 days ago

    I don't need to work for that sort of jerk to survive, thanks very much.

  5. Tom · 1292 days ago

    In Finland we have this called common sense. And, oh, also, LAW. Here it is illegal for employee to search ANY information about you from the web prior to job interview (or after that). Proving they did could be tricky but still.

    You americanos are hilarious.

    • ANONyMOUS · 1291 days ago

      I understand in Finland that the employers there might be able to check your information and it is the Law, but don't you want your privacy, even if you are not hiding something

      • Miles · 1290 days ago

        What? He said it's *illegal* for them to search for information on you.

  6. Nick · 1292 days ago

    I don't believe it should be illegal to request it, just like it isn't illegal to ask for someone's car keys, however it should be illegal to not consider a candidate for a job based on their refusal to accept the request.

    • Phil · 1292 days ago

      Absolutely agree.

      As another alternative, create a second facebook account with the same name and different email address, and use that to create a picture of the person you want them to think you are.

  7. Sure I'll give a prospective employer my Facebook ID and password - right after they give me the id and password for their CEO's email account! Fair is fair

  8. Deactivate the account before the interview so you can truthfully say you don't have Facebook. You can always reactivate it once you get the job.

    I know if something happens to my job and I have to start interviewing again, knowing this, I just might start deactivating the account before interviewing if they're going to be starting this BS.

  9. Jakob · 1292 days ago

    You could also gain some time to clean up your profile by telling that you don't remember the password and have to look it up in your password manager on your home computer.

  10. Rhonda · 1292 days ago

    Tell them to put this request in writing.

    • CallToFreedom · 1292 days ago

      yes, the perfect line to use -- so simple, yet so powerful.

    • Greenaum · 1291 days ago

      GOOD answer!

      • Neosimian Sapiens · 1028 days ago

        Dear Mr. Smith,

        As you requested, we are putting into writing what we discussed at our interview with you. Accordingly, we record that we do not have an opening for you at this time.

        Consolidated Douchebags Inc.

  11. Ben · 1292 days ago

    Just create a second Facebook profile for prospective employers.

    If I was asked at an interview to give up any password, I would think it was a test to check I understood information security- if a candidate for a Police job gives away a password to someone interviewing them, then they would probably be the type of person to give away a password when the "IT Dept" call.

  12. anonemployer · 1292 days ago

    It is a bad choice for employers to request this information. If they learn from a candidate's FB page that the candidate has a protected characteristic (disability, religion, etc.) that they are legally prohibited from asking about in an interview, and then do not offer the candidate the position, they are setting themselves up for a lawsuit.

    • Greenaum · 1291 days ago

      Hope so. Hope one happens soon. This is the sort of thing some halfwit reptile in HR (or "Personnel", to give it a sensible name) thinks up, then every other idiot in the same role hears about and starts doing.

      It's distressing to me, that so many of the smartest people have their employment managed by some of the stupidest.

      I can see a doubling of Facebook's user base coming up. Everybody's account, and everybody's fake work account. Would be a nice way of misleading the company, if they're stupid enough to believe what they read on Facebook.

    • Beth j · 1290 days ago

      They are setting themselves up for a lawsuit IF it can be proved that employer discriminated on the basis of that, and also IF the person seeking the job could afford to sue. Few have those resources, and employers know this.

  13. David · 1292 days ago

    You can also tell the person interviewing you that not only would you be in breach of contract if you gave them your login details, but they too would be breaking facebook's terms and conditions if they used that information...

    From Facebooks T&C:

    "You will not solicit login information or access an account belonging to someone else."

  14. ankherplonk · 1292 days ago

    I'd terminate the interview immediately, mentioning privacy laws and common decency. My privacy is more important than their money.

  15. Davidinmd · 1292 days ago

    If they can't see my profile through a public search, they have as much right to view it as they have the right to go through my mail, listen to my personal calls and voice mail. Which is to say none. Further, my age, race, religion, sexual orientation and other information that may be in my Facebook profile are not items that an interviewer is legally allowed to ask for in most situations. As a result, asking for access to Facebook should be prohibited on those grounds as well.

  16. Myles · 1292 days ago

    I would simpy refuse if they asked for me to provide it, advising that I am not going to be pressured into breaking not only the T&C's of Facebook, I will not be breeching my freinds privacy & trust, and that my Ethics are stronger than that.

    Fortunatly I've not been asked for this kind of information in the UK yet.

    I would be tempted to lodge a concern with the company they are acting against the Computer Misuse Act, though I'm not sure if there is a US Equivalent?

  17. Muddog · 1292 days ago

    Oh well guess i wouldn't get the job. I don't have a profile on facebook only a name and a few photos,But i'll be damned if i would let them or any one elce that i don't know have my password.

  18. Suzanne · 1292 days ago

    I strongly recommend AGAINST lying in an interview, even if it's a question that you don't believe they have the right to ask. They still might agree to consider you if you refuse to give them the information, but if they discover that you were untruthful, you'll be automatically disqualified.

  19. Derf · 1292 days ago

    My solution is that my facebook name is nothing like my real name, my userpic is never my face, and is tightly locked in the "friends" solution listed above - and even if it DID come up an employer would have to search for a name which looks nothing like my real one.

    You can then safely say you don't even have one. Just don't get caught surfing at work.

  20. Compudoc · 1292 days ago

    You can certainly use the T&C statement that Facebook requires you to adhere to as a reason not to release the information. It is breach of contract.

  21. John · 1292 days ago

    As various people have pointed out above this type of request exposes the company to numerous legal risks.

    Even searching a person's public pages can create problems because it can expose the person making the hiring decision to information they are not allowed to request. For example you can't ask "are you pregnant?" but that's something you might discover on a Facebook page. Companies who do these type of searches often ask legal to do it for them and tell them whether there is anything relevant. If the process is done properly, it puts a firewall between the person reviewing public social networking information and the person making the hiring decision.

    Asking for and using the username and password is just plain stupid. It's not just a violation of Facebook's terms and conditions; it's a federal crime. The interviewee could file a complaint with the Justice Department and the FTC.

    • Mrs. W · 1291 days ago

      Let's go for something that affects both genders equally.

      "How old are you?" (your birthdate is a required part of your profile, and wouldn't be hidden if they log in as you)
      "What religion are you?"

    • Jon Fukumoto · 1291 days ago

      You're absolutely correct. An prospective employee can sue the company for using such tactics. I wouldn't allow access to my Facebook account to anyone. This type of tactic has "lawsuit" written all over it, and I would refuse to work for any company who uses such unethical tactics. It should be illegal for any company to request access to anyone'a Facebook account, and that they face hefty fines for invasion of privacy.

    • Mark · 1291 days ago

      Looking for information that they legally prohibited from asking IS EXACTLY why they want to look at a prospective employee's FB.

  22. loren · 1292 days ago

    If your profile uses the new "Timeline", Facebook no longer offers the first option of limiting who can search for you by your username.

    • caroletheriault · 1292 days ago

      We have just looked into this and it *looks* like the setting still works under the new timeline. If you select the who can look you up with your email address or mobile phone number option and you select Just Friends, it seems to do the same thing as it does currently and block people finding you by name....

    • guest · 1290 days ago

      no problem - my FB username is the (fictional) name of my character in an mmo that's associated with a free throwaway email address. All my FB settings are set to not show to anyone but me, and all the 'private' info inside my FB profile is bogus, and there is only one friend connected who's FB account is also setup and set the same way. They can search all they want, my name is not in FB anywhere except where it happens to match someone else who isn't me.

  23. Brittney · 1292 days ago

    We shouldn't have to go through the trouble of creating a "second" Facebook or deactivating one because a possible employer is trying to loophole their way out of asking questions. If they want information from us, that's what the interview is for. To ask questions. It's an invasion of privacy and Facebook has nothing to do with your qualifications for the job.

    • I agree with you 100%, but when the only way to apply with a certain company was to give them access to Facebook, I created a new page. I have been looking for work much too long. It felt asking prospective employers into my messy house for tea. You had to wonder if the dog had dragged your underwear out.

  24. Originally, I thought it would be wise to protect you, the interviewee, by allowing you to refuse the request with no repercussions. I thought allowing the interviewer to ask you for your password would be fine, as long as you has a legal opt out.

  25. One possible response....

    "I'm sorry Mr Interviewer, my Facebook password is only on my Yubikey and I have left it at home. Sorry, but I have no idea what the password is, as I never have to type it in any more."

    • Techno · 1291 days ago

      Indeed, I genuinely don't know my Facebook password because it was generated by and is stored in a password storage program. I just copy and paste it into the field without seeing it.

  26. Cat · 1292 days ago

    If I was sitting in an interview and was holding in my lap a journal and the prospective employer said, "Is that a journal you have there? May I read through it?" I think asking to read your facebook account would be the exact same thing. It is a personal electronic diary of your day to day activities. If you wanted total strangers to read it you would have your settings set to public. This is a complete invasion of privacy!

    Possibly employers could tell interviewees that they have a policy of termination if anything is posted about the company or employees that defames the character of such. A firm reminder to keep your page solidly private. Oh but that's a whole other court case involving the First Amendment and freedom of speech.

    • Derek Harris · 1286 days ago

      You're mixing issues here: the first ammendment applies to the government taking an action based on political speech; it does not apply to administrative or civil action taken by a private company or individual in response to defamitory speech.

  27. Eric · 1292 days ago

    I agree with what some other have already: It already is illegal for prospective employers to make such a request. By law, they can't delve into matters such as family status and religion, and for most of us (certainly for me) that sort of information is readily available through logging into a person's Facebook account.

    And, frankly, if anyone were to make such a request of me, I'd consider filing a complaint if I felt that in any way my rejection were due to my refusal of the request.

  28. Jeff Sergeant · 1292 days ago

    It's already illegal to ask someone's age, marital status, sexual preference etc... If you make it clear that these are apparent from your profile, how is asking for your Facebook log in any different?

  29. Guest · 1291 days ago

    Seriously, if employers are so paranoid that they must request such information, it's a sign that there is something seriously wrong with that employer. Despite all the precautions, hiring someone is always a risk. I'm sometimes amazed at how some interviewers want a guarantee on a person when there really isn't one.

  30. Kristina · 1291 days ago

    The issue is not just invasion of MY privacy but also invasion of the privacy of those who are friends on my account. I'm sorry, there's no way I am going to risk my friends privacy just so a company can decide if what I do in my off time is good enough for me to work for them.

  31. dkitch · 1291 days ago

    It's already illegal to do this. In the US, you cannot ask for details on someone's age, marital/family status, birthplace, affiliations, etc during an interview. This is all information that is available on a person's Facebook profile.

    People who are forced to reveal their Facebook information should file a complaint with the Equal Opportunity Employment Commission

  32. Joshua B. · 1291 days ago

    Just keep your profile private, and say you don't use Facebook... You won't appear in any search results :)

    • The problem with that is that Facebook search is one of the best parts of Facebook. I have had many people I 'lost' through the years find me. It's great.

  33. pinktech · 1291 days ago

    Hmmmm, wonder what comes next?

    Then, hopefully in language I would use with my grandmother, I'd offer to friend him and let him see what's there. Beyond that, no, they will do reference and background checks, and a drug test; if that's not enough, too bad. I'd walk out, and that's coming from someone who lost her job 20 months ago. I might send a letter to the head of HR or the company manager/owner stating what happened in the interview and asking if that is standard procedure (it may be an interviewer error). If it is the way they roll, well by golly, I'd get the word out.

  34. Neil · 1291 days ago

    Don't use the utter tripe which is Facebook.

  35. Who's too blame · 1291 days ago

    Asking for direct access to someones account is going too far. I can see an employer creating a company account that you would have to friend so they can see your profile. I have seen people get fired for posting information about co-workers or confidential information in which they should be fired. I also have seen people get fired for using twitter in which they released confidential or private information to the public. At some point and time the person that puts the information out there has to be responsible for their actions.

  36. sentinel150 · 1291 days ago

    I will allow my new employer to "friend" me on facebook but access to my password will not happen. Security is not a game played lightly. I know that Law Enforcement is most likley already on my friends list pretending to be a pritty girl in a two piece or somthing like that, you get the idea. I have nothing to hide and if that's how they wish to spend our tax money then so be it, let them violate the TOS, my password is mine. lol and I just changed it again, lol

  37. Rob · 1291 days ago

    If you do give your password, then don't forget to change it immediately after the interview. Insist on watching them accessing your profile and/or providing a keystrioke log.

    Better still, change the pssword before the interview to something completely different from all your private passwords. That will take some management, as it is far easier to set up a new account password for yourself than to set up an account for someone else or group with a password that dosen't bear any relationship to one you might use.

  38. I'd assume it was a trick question and would say so, because surely one would assume an employer to be looking for trustworthy employees able to keep confidentialities in the work place.

    Should someone who is willing to give away their own secrets and even break the terms of a user agreement based on the possibility of a reward, in this case the offer of a job and the financial gain that may go with that be trusted with secrets and confidentialities in the work place?

    Of course if they didn't agree and continued to pursue the pass word, I suppose I'd assume I was dealing with an idiot and probably wouldn't want to work for such a person anyway. lol

  39. Robert W. · 1290 days ago

    Interviewers are asking you to facilitate a crime and are committing one themsleves
    by asking for your username and password. They are guilty of Criminal Solicitation by
    asking you to commit Criminal Facilitation, so they can commit crimes like Computer
    Trespass, Unauthorized Access, Wiretapping, and violations of State and Federal law
    by the company and its employees.
    These are ALL felonies with serious fines and prison time. Tell the interviewer this
    and ask them if they'd rather work for the Bureau of Prisons instead, then ask to see
    their boss immediately. If not available escalate the issue asking to see the next one
    higher up, until someone in authority like an executive officer has to answer for this.
    Tell the interviewer if he/she doesn't comply, you will call the police and FBI then file
    a criminal complaint against them and the company under the Penal Laws and the
    United States Codes.
    Finally tell the interviewer if you're not hired, you will file complaints with the EEOC and
    U.S. Dept. of Justice for violating your civil rights.

  40. Bob · 1290 days ago

    So now I am not being interviewed for my skills, but for personal aspects?

    The first error in thinking here is that we all use Facebook in different levels of intensity and for different purposes. I for example might use Facebook purely to stay in contact with my family living in other countries, somebody else uses it only to play games, somebody else uses it by doing anything you can think of, ie keeping contact with their families and friends, playing games, belong to different pages, etc, etc, etc. Because of this you are starting to have disparate levels of "insight" into different applicants, ie, you are not being compared at the same level (competence etc) which in some countries as already being argued as being illegal, as all applicants are supposed to be compared equally on even keel - ie send me your CV, give me a presentation, etc.

    In the same vein, before anybody looks at MY Facebook page, they will first have to look into all other existing employees' Facebook pages during the interview process as well, otherwise again they are not being consistent. And I as the interviewee then also want full access to the interviewer's Facebook page, as this might then make me decide that I don't WANT to work there after all.

    As other people have also already indicated, what prevents an applicant from having a nice, sterile Facebook page that makes them look like the ideal applicant, but also a different page where they ACTUALLY mess around, and this person might also perform activities that the interviewer does not agree with? There is no way the prospective employer will know about that in any case. And let us say for example that I am a complete agnostic/atheist/etc and it is portrayed in my FB pages, so certain of my actions I consider to be 100% acceptable (and it is in a wider community), but it is in contradiction to what my Bible-bashing interviewer thinks - even though my private life does not have any effect to my work-ethics and does not affect how I interact with colleagues, etc? But this is now held against me in interview because of this invasion of my private life?

    If a company thinks that they have that right to invasion of privacy, I assume the next thing is for male bosses to have full access to female cloakrooms - at the end of the day, actually - they will have more right to that, as the cloakrooms are after all business property whereas Facebook is not?

    • aschengeschwandtner · 1287 days ago

      You do not need to be consistent in your hiring policy. It may change over time and you do not have to apply it retrospectively. And thank god for that. I am a senior engineer but having read a few job adverts for junior positions in my own team, I know I would not get my own job.

  41. Beth h · 1290 days ago

    If someone *does* request a password and one is provided to them, doesn't that also mean that they could continue surfing the persons FB whenever they wanted to? I would assume that one's pw could be changed, but the whole thing is creepy.

  42. Nick · 1290 days ago

    When I first saw this thread I thought it was a joke - a hoax.

    People really need to take their on-line security far more seriously than they apparently do.

    Passwords should not be shared. At all.

  43. Pete McNesbitt · 1290 days ago

    So exactly what is this FACEBOOK stuff people always talk about? I know I live under a rock but if I need to get a hold of someone I still use a phone (a landline at that), I still write actual physical letters and send them with stamps. The cell phone I own I will use only if the vehicle I'm driving breaks down. I still buy foldable paper maps. I still take photographs with a camera. Yes I do have computers a Compaq Presario and an equally old eMac. Both still working just fine.
    What I don't need, is to be is so connected that every little thought and misdeed needs to be sent out to everyone I know automatically and traced by any hacker or agency.

  44. Bill · 1290 days ago

    There is a very simple solution. I created a domain that is made up of 32 random characters. Then at my hosting provider I created an email address that is also made up of 32 random characters also. So when I got asked for my Facebook log on credentials I hand them a business card that has my 68 character logon and my 40 character password, that has been printend in a 10 point non-serif font, with only one space between the two. It resembles a PGP key block rather than a username and password. So now the person is sitting there looking at 109 random characters with no clue on what to do. I did the same thing for my facebook username URL (<user name> ) I created a 59 letter username. Then when I am asked to friend a company profile I always tell them to send me a request and hand them another card with the extremely long nasty looking username url that is again listed in 10 point non-serif font.

  45. guest · 1290 days ago

    If' you're being interviewed for a job at NSA, you might as well figure they either already KNOW your FB login and password, or it isn't the agency you thought it was. They'll directly interview all the friends you've ever known back to your childhood anyway.

  46. Freida Gray · 1290 days ago

    If you tell them you don't have Facebook,what do you tell them when they ask why your name,date of birth &current address all appear on a Facebook account?

    • I think the idea is that you hide your Facebook profile from public view, and from being searched for by folks who aren't already your fb friends.

  47. Why bother with any alternatives such as hiding information. It's no employer's business what I do on Facebook or any other social media. The only thing they need to know is whether or not I can perform the job. I wouldn't work for any company who wants keys to my home or passwords to any social media sites I use. Are they going to give me their passwords or keys to their home so I can "spy" on them? Think NOT! What an absolute load of BS.

  48. Dilbert · 1289 days ago

    In breach of fundamental IT Policies, if he complied the interviewer should be disciplined on the spot. How can that employee be trusted with his company password?
    This is not 'fine' under any circumstances. Not without a legal subpeona at the very least.
    Facebook is just one of many social networking systems, did they not also ask for his Bebo password, MySpace password, Hotmail, Gmail, Tumblr, Flickr and Harmony Central access? Or retrieve his Geocities account?

  49. Jack Wilborn · 1289 days ago

    Doesn't matter what's on your page, nobody has any reason to access this information. I think Sophos stated most of them with their follow these... Also I have stated many times our (USA) legislators need to be more up on evolution of software and how to protect the general populous. Many data items are not protected by law, and need to be viewed the same as we feel about the information we ship around. I totally agree with the rules you agree to with Facebook. Would some police department like you to break an agreement, with them as they are asking you to break with Facebook? Also, what if you don't have a social account? Many don't and it isn't really social if you aren't physically with someone.

  50. cedarflame · 1289 days ago

    So it would seem your poll on whether it should be illegal to be a scumbag corporate personal info raper is somewhat redundant.
    since it's been clearly pointed out in these commentaries why it is already illegal.

    since most people have a natural healthy aversion to pulling out a gun and shooting a (information) thief;
    therefore i suspect this tyype of corporate criminality will continue, and these ethically
    barren interviewers will be analagous to airport security hoodlums.
    the equivalent of legal criminals.

  51. Dave · 1288 days ago

    I'd love to know who the 8% of people are who think it shouldn't be illegal for employers to request this info. No doubt either pushovers or people requesting the information themselves.
    This is an outright invasion of privacy. If I was asked for this in a job interview I'd immediate tick myself off the candidate list by the response I would give the employer! I don't even understand how there is a discussion on this mater. It's wrong, full stop.

  52. JimmyJohnson · 933 days ago

    I don't use facebook, I know how security works. But if I ever get asked that question, it's a simple "No, and I don't want to work for a company that will treat it's employees like this." And I politely thank them for their time, and end the interview.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Hi. I am a social, brand and communications expert with 10 years in senior roles in the tech space. I'm currently Sophos' s Global Director of Social Media and Communities. Proudest work achievement? Creating and launching award-winning Naked Security. Outside work, I am a mean cook, an avid reader, a chronic insomniac, a podcast obsessive and blogger .