Wow, not often Facebook do somthing I agree with.
Does this mean if your employer, or potential employer, asks for your password you can say "No way, Dumb Fuck!"?
Facebook's Chief Privacy Officer has condemned employers who ask for the Facebook log-ins of employees or job applicants. It comes after a young man blogged that a potential employer had asked for his Facebook password during a job interview. In a note on the Privacy page added this morning, FB Privacy honcho Erin Egan also …
I agree. The words are pretty, but I still wouldn't trust them 100%. Credit to them though for their position.
If a prospective employer asked me to give them those details, I'd leave the interview. I wouldn't want to work for a company that wanted to even ask if they could pry into my own private life.
I've been thinking about what the appropriate response to such a question would be. I did consider the walk out route. But I think I came up with a better one:
No, I won't give you the password to my Facebook account. If you want to see my Facebook page, send me a friend invite and tell me the name now and I will approve you as a friend. But if I give you the password to my Facebook account, you'll never be able to trust that I won't give someone my password to your company system accounts.
I don't object to them seeing my Facebook page. I don't believe I have anything incriminating there, if I did it would be gone in a New York minute. If don't want to friend them, just use the last part and turn it around on them.
"What sort of reasonable employer cares what you do outside work anyway?"
A lot of them, if recent trends are any indication. It's been quite some time since a month went by that I didn't hear about someone getting in trouble at work for something on their Facebook, and I've even been asked to investigate a case of an inappropriate post on behalf of my employer (the employee in question was a teacher who had stupidly asked his student's to friend him then posted cover art from smut novels, but still...)
I did just that recently in a Job Interview.
Q: What are your Facebook, Twitter and LinkedIn ID's.
A: I'm awfully sorry. I don't have an account on any of those services.
Then I spent the rest of the interview defending my so called 'Luddite' attitude.
My simple explanation was that, yes I was on LinkedIn once. I linked up with some old friends. From their lax security, someone else was able to find out a lot about me and my history. They then attempted to steal an my Identity. This attack included forging a passport and other documents in my name. Then they 'sold' my car on the internet.
It took me more than a year to fix my identity.
After 30 minutes of being called a luddite, I walked out with the parting words,
'The world would be a better place if more people were concerned about their privacy. If exposing myself on the internet is a condition of employment then I'm not interested'.
It's alright if you're applying for a job that isn't anything to do with the internet.
If you're a web dev / columnist, unfortunately, you either give it to them, or you won't get the job.
Imagine a web dev / columnist that says he hardly connects to the net.
We're stuck between a rock and a hard place.
Yeh, because I bet HR has all the login details for every hack who works on El Reg.
Personally, if I were asked, I would say
"I'm assuming you are asking this to see whether I am sufficiently Internet savvy to be aware of the issues involved in sharing a password with someone, both in terms of breaking the EULA , and the possible problems in employment law, opening a potential employer up to accusations that they made their decision based on marital status, sexual orientation etc... so the correct answer is, 'i'm afraid I have to decline'.
I don't give anyone my passwords, ever.
Thank you, exactly my opinion too.
If I was prepared to give up my own privacy for a financial incentive, there is always the possibility I might do so too for corporate resources. Nope.
Besides, if they want to look they can see the public data. The rest is 100% my own (not that there is anything I do not expose business contacts or family relations via anything online).. For the rest, tough luck.
Oh! So those who are clever enough to realise that FB is an unneccesary waste of time, because we can still contact our friends and colleagues without posting on a "wall" are now considered Luddites'?
What a fool! I'd have laughed at them and pointed out the errors in their thinking!
After a bad experience with an employer not honouring a perk offered verbally in an interview situation, i now tape any job interviews. I think that it is prudent to protect yourself from this nonsenese.
Any employer asking for passwords is a very bad sign. It is probably not worth taking the job.
Taping without the other party's consent is illegal in some countries (intercept law), and in the UK you may tape unannounced, but only for your own use. Even if you correct your notes using a recording you are no longer able to use them in court - but that obviously pre-supposes anyone finds out that you taped it first..
But yes, having a recording is so much easier..
WTF. Think about this. If an employer is wankish enough not to give you something they offered in the interview without a reasonable explanation then why work for them? If its not explicitly written into your contract or offer letter you shouldn't expect it - that's your point of maximum negotiating strength.
And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust.
"And as for recording the interview. If an interviewee asked me to record our conversation they would be out of there so fast their head one spin. I would't employ anyone whose unwilling to start on a basis of a shared professional trust."
Every company I know of insists on recording every time I call them - where is the mutual professional trust there?
Yet you (and others) insist that it's some sort of breach of trust if a current or prospective employee asks to record a conversation with you? Are you really that scared you'll get caught out in a lie?!?
Given that recording a conversation can protect both sides, if one side is extremely anti recording, it makes me doubt their trustworthiness.
A pushy employer can *look* at my profile on my mobile, while I am present, but no way in hell I'd let anybody have my password just because they ask.
That said, even *with* my password, it would be no good. Logins from unknown devices need a code sequence entered before anything happens.
Employer wants password *and* authorisation? Fine. You hand me the legal warrant and I'll hand you the info, else piss off. What is to stop them, then, posting as you? Or anybody if they are lazy with how this information is stored. What next, copies of my house keys so the boss can rummage around one rainy weekend?
I'll find that acceptable employer behavior right after your company agrees that employees handling large amounts of money can work alone in the vault with all that money.
And yes, I expect I HAVE handled more cash money as a treasurer for an organization than any of the people you run credit checks on. At the time, I would probably would have failed your credit check.
Anon, because of the large cash handling.
Here is what FB can do to prove it is sincere:
Prior to interviews, an applicant would pre-set the authorization code to one of two options:
a = the name of the employer and the name of the interviewing officer, information which will be known in advance in most cases
b = the abort code
c= the continue logging in with pre-interview code, preserving the *a* code in case said interviewer attempts to log in even after hiring or declining the applicant
Then, if asked, the applicant can choose to be serious or play games. If serious, the applicant can reply in the negative, but if pressed for it and if desperate for the job, the applicant can hand over the *a* code and wait for a facebook notification. Even if the applicant ultimately does not land the job, the applicant AND facebook can still determine WHICH COMPANY attempted to log in.
To make things dicey, facebook needs a log in app that requires the eye shot of the person entering the code. That means an employer needs to surrender to the eye shot at the interview before getting the code. If THEY refuse, then you DO NOT want to work there. But, later, in case they try to log in anyway, they might have already surrendered an eye shot from their own phones for logins, in which case FB can link up fraudulent log in attempts directly to a person, so long as the fraudulent log on is not done with a 3rd party under duress to do an eye-supply and take the fall.
Has anyone yet heard of a fingerprint reader-capable LCD? It would be interesting if phones had two-factor logins base on those: key in or swipe in AND press one's thumb on the LCD for a scan.
Anyway, action *c* from above would hopefully help to deter disgruntled applicants from abusing the abuse-deserving fools who insist on having the applicant's password. Punishment and protection would have to work both ways, in case it really is being asked just to weed out stupid applicants, who probably do NOT deserve the job if handing over his or her password at an interview.
So by idling and yet having account on facebook with friends saves you from that gigantic scheme? It doesn't.
Especially in IT , giving a password to any third party, even if it is yours is a horrifying sign showing lack of responsibility and basic security practices.
perhaps companies are baiting..
Anyone I interviewed who DID had over his password would quickly find his application in the round file as a security risk. Plus it would be interesting how they would phrase the "no, I don't think so" because that would show how well they deal with conflict.
You are absolutely right., They are looking people to dumb/to desperate to assert their rights. Bob we are going need you complete those reports by 9am Monday or you are fired.They tell you at 5pm Friday Oh by the way you worked 2 hours of over time this week. Would be cool if we just erase those 2 hours so I don't have to write you up. That would be swell Bob.
The examples I've read about were all McJobs. They are just looking for people who will take a crappy job where they have you on camera because they don't trust you already.
Not the type of jobs were you have the domain admin password, or the key to the front door.
Reminds me of the old story about how Thomas Edison would go to lunch with a prospective employee, and then NOT hire them if they salted their meal BEFORE tasting it (something about not wanting to have people who pre-judge situations before getting all their facts, or whatever).
If you hand over your passwords you are giving them access not only to your personal private information but to that of any of your friends who have given your account access to their postings.
If they are deliberately selecting for employment the kind of people who would betray their friends like that then stay *well* away from them.
Interesting point raised there. The only apparently reasonable justification for this practice that anyone has come up with, here and in previous threads, is that it may be justified for security vetting.
But the kind of person who "...would betray their friends ..." just for money is the last sort you should trust in a sensitive post.
"On what grounds would Facebook take legal action against such an employer? "
Unauthorised access of Facebook's computer systems. Like most organisations, FB allows access to their systems only under their own Terms & Conditions - which don't allow access to someone else's FB account: "You will not solicit login information or access an account belonging to someone else.".
Banks fixed it years ago. They own your credit card as an object granted to be used by you so you can't hand it over to another person. If it is stolen, it gives them grounds to be involved in case etc.
Even basic promotion (profiling) cards have it. It depends on which country you are in though.
Why would anyone ever turn this information over to a potential employer? I think that would be a huge warning sign. After all, what might they ask about next? Political leanings, hobbies, religion, sexual orientation?
Laws probably vary by jurisdiction, and even then I don't know that a potential or existing employer could force anyone to do this, other than through the order of a court of law.
There was a story on National Public Radio about a man who was told to divulge his Facebook credentials when he re-applied for a job, so I guess it's spreading.
Obnoxious opinions: A) I'd never bank on Facebook choosing to do the "right thing". B) I'm still so very glad I don't have a Facebook account. (And yes, I know that this could well be extended to other forms of social networks beyond Facebook.)
As prospective employers can still compel you to friend them. I am one of the few remaining humans on this planet who doesn't use Facebook, Twitter, etc. due to an active social life and lack of craving for constant attention. It's a shame that companies are taking advantage of desperate job seekers and I believe it will only get worse.
The only advice I can offer is the same offered by Dominic Connor who recently wrote an article here which pretty much sums up the last 12 years of my life in IT.
After taking a 15% pay cut I moved to a new position with 25% increase, 40 hour work week and somehow was exempt from pre-employment credit check and drug screening. Perception is all that matters in corporate not education, experience or certifications.
"We want your Facebook profile and password"
"I want your bank account ID and password".
"I want a unicorn pony. The difference is, with genetic engineering, I might one day get what I want."
"Either this is a test of how well I manage security, or a gross invasion of my privacy. If the former, I am not sure I want to work for you. If the latter, I definitely don't want to work for you. I am sorry you have wasted my time - this interview is over."
(I shan't write it, but it is one of the shortest English language sentences, consisting of seven letters, a space, and a period, a vulgar imperative verb and a second person pronoun.)
You could always ask to see a copy of their company policy is on computer accounts and passwords. Bit hard for them to expect you to hand over personal account info if employees are required to keep everything secret.
Used to have a FB account as my wife/kids needed extra friends for some game or other but it wasn't my real name and I can't get back into it as I don't remember the DOB I used. Ah well, not that much of a loss I suppose.
Yes! And if their followup response is that they expect (or for the purpose of the interview, presume we expect) employees to provide this info on request, the interviewee's response should be to re-iterate the request for the policy, since if that's the case the company is probably not an attractive employer.
I am also one of the few human beings on this earth who regard these so-called "social networks" as an infernal nuisance and a danger to privacy in general. I wouldn't touch any of them with the proverbial ten foot barge-pole. What enjoyment anyone gets from baring their soul and airing their dirty linen in a very public way is totally beyond me. If I had my way, the likes of Facebook would be legislated out of existence. People (and we are probably talking about a certain type with limited intelligence here) do not seem to fully comprehend the repercussions in later life resulting from perhaps publishing pictures of a drunken binge, for instance. I try and remain as anonymous as possible - even when adding comments!
How very aptly put, the less the Internet knows about me the better, I reserve the right to offer the minimal information, lie about my age and anything else when submitting information that said service has no right to request & may also spew to a bucket load of (not very) carefully selected companies.
& the sooner the rest of humanity does likewise, the better.
FUQIN AYE!!!! GO FACEBOOK. Hair on my neck stood up just now. This is the FIRST time I have ever frackin' fisted the air and hi-5'd facebook!
I hope FB's CTO actually DoEs shut down those snooping employers, and I hope each shut down comes with a "good-bye YIPPIE KAYAE, MOTHAFQQA!"
"And anyone in breach of the Facebook regulations can have their account deleted."
Since Facebook previously wouldn't even delete your account if you're dead, this is a massive turn-up for people who have regretted signing up with them...
Or by "deleted' did you mean "locked and archived so Facebook can still retain all of your personal information and continue selling it to whomever they wish, but you now have no rights to update or alter it", which is their standard practice?
1. Attempting to gain access to social media content that you otherwise cannot.
2. Requiring pain in the arse assessments, like a 15 minute automated skype video interview which gives you 5 minutes to answer each question to camera. I wouldn't have done that even if I did have a fast enough broadband connection back then.
I would not work for anybody who wanted to log into my private accounts - absolutely no chance even if I was starving. The effing cheek!
If I am ever asked this in an interview I will laugh in their face. "You seriously think I am stupid enough to tell you my private log in details? Well in that case we have clearly established that I am over qualified for this position, I bid you good-day."
What next, a clause in your employment contract saying your boss can name your children and pleasure your wife every other Tuesday, and you have to stand there and act as a fluffer before washing the sheets afterwards?
It's the dumb suckers who agree to this I feel sorry for. All you need are a few weak people to agree to a couple of overly pushy employers and then a precedent is set which employers regard as 'standard practice' for all subsequent employees.
You may work for them because you need the money, but they need staff. You're both getting something out of it, You're not surfs, owned by them, so stop acting that way. Employers need to be pushed into supplying face masks, clean air, working toilets and just about anything else because they're like that. This is no different, and they need to be made to stop.
Think about this carefully if you are asked for your Facebook / other social media site credentials in an interview. Who knows, you might really want / need the job. On the other hand, you may not really care if you get the job or not but surely its better to be professional throughout the process and never lose your cool. I think its important to consider your actions and at all times remain polite. I would think this scenario can play out in a couple of ways:
1. They genuinely need to find out who you are: If its for work in a company / gov. dept that requires security clearance (SC / DV / MV etc) up to secret, top secret whatever, then chances are you are going to be vetted anyway and that can involve interviewing your family members, even friends. They will also dig very deeply into your background and financial records. They might genuinely ask for your Facebook credentials and look into your background as a requirement for security clearance. I think the best way to deal with this situation is to request the official SC / DV / MV forms before revealing your Facebook credentials. There will be (and is) a set process for this type of 'vetting'.
2. They are testing your security stance: If I was asked in an interview for these details then I would probably politely reply with a question asking for the reason they require my login details and then remind the interviewer that its bad security practice to ask for login details and even worse for me to reveal the details. Do this BEFORE you deny access or walk out. You might be surprised to learn that politely questioning their motives is the exact kind of attitude they are looking for in an employee. It all might be a test and the key here is to remain professional. Don't be an idiot and don't reply with something sarcastic.
3. They are wanting to examine your Facebook profile and there is no requirement for security clearance: These types of companies are the ones to watch. Think about the company for a moment before you answer. Your probably going to be pigeon holed in a role and be micro managed 100% of the time. You might find yourself in a company which views the barrier between home and work life as a very grey line. But if you are going for an interview with a company I would have expected you to do your homework before going. Find out who they are, what they might ask in an interview, ask around friends and colleagues. If you suspect you are in an interview with a type 3 company, ask the same question as point 2 above. See how they respond. You can always deny you have a Facebook account or better still disable it before your interview because you will have done your homework and know what kind of a company you might be dealing with. Don't be rude, you never know when you might be revisiting this company in the future when you NEED a job. Personally I would not reveal my credentials but I might offer to 'friend' one of their HR reps if they want to view my profile and I really needed the work.
I think the most important thing is to never be rude. Keep your cool, stay polite and genuinely ask the question about why they want your credentials before assuming its for something like snooping or covert monitoring. After all, you don't want to make a name for yourself in the HR / recruitment circles as being rude, arrogant and unprofessional. Not in this job market anyway.
And, I'm not a Google Plus user but I suspect the logon details for Google Plus might even allow access into your GMail account, online photos and all other aspects of the Google Suite of apps? Or are the credentials separate for each part of Google? I think I will stay away from Google Plus.
All good advice - be prepared and be polite. On the subject of preparation, a copy of FB's new privacy page would be worth having to hand should you want to object to a request.
I do have a bit of difficulty with point 1, though. I can understand that high security clearance might require that they know a lot more about a candidate, but in acquiescing to such a demand the candidate reveals a careless attitude to the privacy and confidences of others - hardly an encouraging sign. If I were presented with such a request then I would decline, regardless of the consequences.
I've actually held security clearance (thankfully expired now) and I know that they do not check Facebook or any other social media system as a part of the clearance process. It's simply not reliable - you are basically telling the world what you want it to hear, which is probably a long way from the actual truth. Plus the security services have much more effective ways to dig into your background.
Scenario #1 is I think the only valid case for employers to ask for FB details.
The times that I saw a SysAdmin job opening on such an institute, it made it absolutely clear that the candidate should have no misconceptions that a very extensive security screening is part of the selection process. They don't surprise you with these kinds of questions in an interview. The security screening is formalized as part of the procedure.
Alas, as thoughts about high levels of security kept triggering my fetish for KGB agents of the long blond hair, big boobs and leather pants variety ("Ve vill be talked about zekret in hotel room")... I never really came round to applying.
It's also worth pointing out that on both Facebook and Google+ you can create lists or circles with extremely limited profiles (so that they see no more than the public) and dump any HR 'friends' in there, although I would probably just walk (politely).
Any employer who asks to invade my privacy as a pre-requestite of employment is not the employer for me.
1. Is the facebook account an advertising point for something like a band?
1a. Does the person asking have any experience with security or computers or programming or webmaster and actually have a NEED like say the bands label or some other promoter posting ads for concerts? (there may actually be a NEED here)
2. Would you give someone root on an unmanaged box without knowing anything about them?
3. Would you give them root on a managed box without knowing anything about them?
I think the bottom line here is we have a bunch of people on the web who don't know jack about security, police state laws, or tcpip. So they give their shit away like the dumb muppets they are.
or, "Steve Jobs was my hero, you may want to make it fast because my car without out license plate is parked in your one handicapped spot and OSHA is on the way over and they're bringing La Migra with them. BTW, my FB page is in a little known Arabic dialect used only in the tribal areas of Pakistan. For some reason it loads very slowly and asks if you are selling lemon cake .... no ... yellow cake, yes, that's it. Won't be a problem, will it ?"
Cant say that anyone has ever asked me for a password to anything but if push came to shove and i had no choice, then why not just set up a fake account, you can quite easily auto post status updates on a schedule - "i love my job", "my employers are lovely", "My employers treat me right", "My employers love me and they only asked for my password so that they can take better care of me"
that sort of thing.
Then hand over the password to that one.
Still, No company has any business asking for this information, Is it an american thing?
With the recent Uk government suggestion that they want access to our facebook accounts i kind of just stopped using it anyway, in this day and age you cant trust these people not to abuse it and to keep it secure.
Under English law the potential employer would have two rather serious issues assuming the Facebook terms and conditions forbid you to share your password and access to the account (I haven't even bothered checking as this is bound to be true)
By asking you to hand over your password in breach of your contract with Facebook the interviewing company has broken UK employment law. I'm not sure what the consequences are but you could take them to a tribunal if it is the reason you didn't get the job.
Since Facebook have not given you the right to authorise their accessing your account than if they access it (or even just try to access it) they are in breach of the computer misuse act which is a criminal offence. If they ever tried to use information in a legal way that had been acquired by accessing your account it would have to be presented by a witness who explicitly claimed to have commited the offence (not a good move).
Bottom line is Facebook are correct, under English law this actually does amount to hacking.
I was forgetting
Its probably a breach of the human rights act as well. Strikes me this represents a clear breach of privacy and there is no way it qualifies for any of the exemptions.
I would not want to be an officer of any company following this practice in the UK
IANAL, but I think previous posters saying that they would take the line “I presume this is some sort of test” are missing a trick.
Given that accessing the account would be a breach of the Communications Act (in the UK), surely the very act of asking for your login credentials is a criminal act in itself ? Not sure whether it could count as blackmail (if you don’t do X, then we won’t give you a job), or bribery (we *will* give you a job if you do X), but it’s certainly ‘social engineering’, to get unauthorised access to a system.
I don’t see how it is therefore any different from the interviewer saying “one last thing…suck my cock”. He has committed a criminal act, and this isn’t negated by him backtracking and saying “oh that was just a test to see how you’d react, hahaha”.
Interested in people’s opinions on that… but if I’m correct then the appropriate response would be to advise them that they have just committed an offence, and you *are* going to report it to the authorities – and then walk out.
Personally I’d also contact media such as El Reg and the Grauniad, and as you didn’t get the job, there should be no problem naming company names, either…
(Thinks : I’m not actually looking for a job at the moment, but I might just start applying for a few, just for the laughs mwahaha…)
I don't think anyone has mentioned this but what about previous employers. If a potential employer had access to your account and you had "friended" any work colleagues, even if you were very careful about the data you posted, it would be an easy way for them to head-hunt or solicit potentially valuable possibly industry sensitive information from them. A quick message to an ex or current co-worker "What do you think about this project ? I think it's heading in the wrong direction. " sort of thing (many people thinking of leaving an employer would be reluctant to tell their current bosses they were thinking of it until they had something secured).
This is only a short hop from. He's a Military Officer, his son is looking for work. Invite him in. Get his log in details. Tell him he didn't get the job but we now know where and when his fathers next posting is. I know this all seems a bit black op's but isn't social engineering all about getting into peoples comfort zones to do nefarious things?
BTW. Just because I mention friending co-workers doesn't mean I would do it but some peoples lives ARE work and do, whatever we may think of it.
Notwithstanding the excellent advise to stay polite and professional, there is a possible legal issues of Economic Duress, Coercion of Will and possibly the Unfair Contract Terms Act 1977.
I'm not sure which, if any, apply at interview stage as they are all contract law, but you could argue that an interview is the first steps to forming a contract of Employment.
There is no contract until such a time as they offer you a job and you accept. If the contract includes a clause that forces you to hand your Facebook login details over then you are bound by the terms of the contract (of course if they use those details then they are guilty under the Computer Misuse Act - pointed out by a previous poster). If they ask for the details without this being a requirement, and subsequently sack you for refusing, then an employment tribunal would probably find against them.
Don't believe the empty promises spewed by the clueless. Face Plant is not likely to sue as they would lose. An employer can ask any question that is not a violation of law. You can refuse to provide your password and they can refuse to hire you or they can fire you if you are a current employee.
I'm not a lawyer, but I can read.
The "Computer Misuse Act 1990" says :
(1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access toany program or data held in any computer [F1, or to enable any such accessto be secured] ;
(b) the access he intends to secure [F2, or to enable to be secured,] is unauthorised;and
(c) he knows at the time when he causes the computer to perform the functionthat that is the case.
Regardless of whether you believe in Facebook's good intentions, any company which accesses a user account itself will fall foul of the act. It is clearly an offence for them to do so.
The "Serious Crimes Act" says :
45 Encouraging or assisting an offence believing it will be committed
A person commits an offence if—
(a) he does an act capable of encouraging or assisting the commission of anoffence; and
(b) he believes—
(i) that the offence will be committed; and
(ii) that his act will encourage or assist its commission.
So if a company asks for the account details, gets them and uses them, it will have commited an offence under the CMA.
Given that the company's use of the credentials is a specific aim of the transaction both parties will have committed an offence under the SCA, even at the interview stage.
A company may get away with 'just asking' at the interview, but any company which fired an employee for not complying with a demand to commit a crime must surely be liable for unfair dismissal at least.
Has anyone (here) actually been asked for a password at an interview, personally, themselves? Not a friend-of-a-friend, or a story you heard, or something you read on the internet. Anyone have actual first-hand knowledge? Otherwise, I'll assume it is just another one of those pesky internet rumour nonsenses. Surely very, very few interviewers would be foolish as to ask for login details and expect there not to be trouble.
Tell them to look up the European Human rights act:
the right not to be punished for something that wasn't a crime when you did it
the right to respect for private and family life
freedom of expression
the right not to be discriminated against in respect of these rights and freedoms
Company vs European Court.
"And anyone in breach of the Facebook regulations can have their account deleted.
We’ll take action to protect the privacy and security of our users, whether by engaging policymakers or, where appropriate, by initiating legal action, including by shutting down applications that abuse their privileges"
Application = FB application, not user account
On the spectrum between refusal and acquiescence:
Tell them you won't hand over login details but you will login in for them and supervise them while they access your social media accounts
Tell them to email you when they are ready to login, mail them the password
Ask them to first sign an indemnity against any loss or damges arising from misuse of your login details
(it might be highly amusing watching them realise for the first time that their policy could land them in huge amounts of crap)
It's an auto-generated password stored in an encrypted file on my laptop, and then "remembered" by the facebook app on my phone. I typed it precisely once - into the fb app on my phone when I logged in the first time. Other than that, I just copy/paste when I want to log in.
Since I wouldn't have my laptop (or the backups) with me in the interview, I couldn't give them the password. I take my security relatively seriously, and I would expect any job I apply for to take the same attitude
As well as Employment/Discrimination Legislation - specifically you cannot discriminate against a person applying for a job (or anything really) based on religion, sexual orientation etc. so you can't ask for it as part of a job application or interview. Accessing somebody's farcebook account could/would reveal some information that cannot be used in reviewing your job application. If you didn't get the job you could easily claim that it was because they found out you were gay/christian/islamic/bisexual from FB and sue them for discrimination - something the company should be trying to avoid at all costs, as even the allegation of racism/sexism/homophobia can be damaging to an organisation.
So that only makes 5 laws so far then....
If asked to give the information (apart from trying not to burst out laughing) just give them a fake username or (if you actually have a real username) a fake password.
If it was a test, and they say "Aha, we were testing you". You can say "I know - nobody is stupid enough to ask what you did, as it is illegal in so many ways, and only an idiot would answer it truthfully - hence I assumed it was a test and gave you false information".
If it was not a test (personally I would leave at this point) and they tried the password and it didn't work, just say."Ah, the person who interviewed me earlier this morning must have changed my password. That's what happens when you give passwords out I guess."
I'd be very reluctant to hand over login detials but If I really wanted/needed the job (principles are great as long as you can still pay the bills) and suspected that they might ask to see my FB profile, I'd simply add a status update along the lines of "Got an interview for a briliiant job with a great company later, wish me luck", then after a couple of days just change my password.
Biting the hand that feeds IT © 1998–2019