Hacker News new | comments | ask | show | jobs | submit login
Employer asking for GitHub password. How to handle this? (hashnode.com)
5 points by Liriel 6 months ago | hide | past | web | favorite | 4 comments

Well this is a though one. There also is not enough information provided. Lets assume hes a regular employee.

Apart from the obvious that the employer absolutely has no right to demand a password, Code written for the company does not belong in a private repository.

Most contracts state that everything created during working hours belongs to the company. This means that he is in quiet the trouble if he writes on code for other companies when he is supposed to work for his employer.

In this case they have the right to demand access(not by demanding the password though)

An alternative would be to provide access using the means provided by GitHub.

The "boohoo my company is evil" narrative is understandable. But lets not forget that this situation would not exist , if all was handled correctly by the employee.

"...two managers have now scheduled to have a meeting with me regarding this."

Dude, why's a self-respecting, upstanding person like you working for such scumbags? Tell them to bring all of the managers. Advise them all that the policy is unacceptable and they're not getting any of yo' passwords.

A solution: a GitHub account for company code, with your old code forked.

This part is fucking ridiculous:

> the manager in question demands passwords from everyone for every bit of software and every single device their subordinates use. That data is kept on a spreadsheet right on their desktop

Time to name and fucking shame, shit like this cannot be allowed to continue.

"Respectfully, my GitHub password is NOYFB."

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact