No. Sharing passwords in Indiana violates state and federal laws, including the Indiana Computer Fraud and Abuse Act and the federal Computer Fraud and Abuse Act, which prohibit unauthorized access to computer systems. Violations may result in civil liability or criminal charges, particularly if done for fraudulent purposes. Employers and individuals must ensure password sharing complies with evolving cybersecurity standards.
Key Regulations for Sharing Passwords in Indiana
- Indiana Computer Fraud and Abuse Act (IC 35-43-2-3): Prohibits accessing a computer system without authorization, which includes sharing passwords that enable unauthorized use. Penalties range from Class A misdemeanors to Level 6 felonies, depending on intent and harm caused.
- Federal Computer Fraud and Abuse Act (CFAA): Applies to interstate or foreign unauthorized access, including password sharing that facilitates data breaches or fraud. Violations may lead to federal prosecution under 18 U.S. Code § 1030.
- Indiana Data Breach Notification Law (IC 24-4.9): Requires businesses to report unauthorized access incidents, including those stemming from shared credentials. Non-compliance risks fines up to $150,000 per violation under the 2026 amendments to IC 24-4.9-3-3.
Local enforcement agencies, such as the Indiana Attorney General’s Cybersecurity Unit, actively monitor password-sharing incidents, particularly in sectors like healthcare and finance where regulatory oversight is stringent. Organizations should adopt written policies prohibiting password sharing and implement multi-factor authentication to mitigate legal exposure.