No, sharing passwords in Connecticut violates state cybersecurity statutes and federal computer fraud laws, with penalties under C.G.S. § 52-570b and potential CFFA exposure. Employers and individuals risk civil liabilities and criminal charges for unauthorized access, particularly under the 2026 Connecticut Data Privacy Act’s stricter enforcement mechanisms.
Key Regulations for Sharing Passwords in Connecticut
- Computer Crime Statute (C.G.S. § 52-570b): Prohibits knowingly accessing computer systems without authorization, including via shared credentials, with fines up to $5,000 per violation and potential imprisonment.
- Connecticut Data Privacy Act (CTDPA, effective 2026): Imposes obligations on controllers to implement safeguards against unauthorized access, making password sharing a compliance failure subject to administrative penalties.
- Federal Computer Fraud and Abuse Act (CFAA): Applies to interstate contexts, criminalizing password sharing that exceeds authorized access, with penalties including fines and up to 10 years imprisonment for aggravated offenses.
Enforcement Context: The Connecticut Office of the Attorney General’s Cybersecurity Unit actively monitors password-sharing incidents, particularly in healthcare and financial sectors, where breaches trigger mandatory breach notifications under C.G.S. § 36a-701b. Employers must document access controls to avoid vicarious liability for employee misconduct.