No, sharing passwords in New York violates multiple state and federal laws, including the Computer Fraud and Abuse Act (CFAA) and New York Penal Law § 156.05, which criminalize unauthorized access to computer systems. Employers and individuals risk civil liability and criminal penalties under the 2024 amendments to NY Gen. Oblig. Law § 5-336, which explicitly prohibit password sharing in employment contexts. The NY Attorney General’s 2025 enforcement guidance further clarifies that even “consensual” sharing may constitute a breach under NY’s cybersecurity regulations.
Key Regulations for Sharing Passwords in New York
- New York Penal Law § 156.05: Classifies unauthorized use of a computer system as a misdemeanor, with felony charges possible for aggravated offenses. Password sharing without explicit authorization triggers liability, particularly in corporate or institutional settings.
- NY Gen. Oblig. Law § 5-336 (2024): Prohibits employers from requiring or coercing employees to share passwords, imposing fines up to $10,000 per violation. The law extends to third-party contractors under NY’s 2026 cybersecurity compliance framework.
- CFAA & NY AG Enforcement: Federal and state agencies actively pursue cases where password sharing facilitates data breaches or fraud, as outlined in the NY AG’s 2025 guidance on “Access Control Violations.” Violations may result in injunctions, restitution, and criminal referrals.