No. Sharing passwords in Oregon violates state and federal laws, including the Oregon Identity Theft Protection Act and the federal Computer Fraud and Abuse Act, unless explicitly authorized. Unauthorized access risks civil penalties up to $1,000 per violation and criminal charges under ORS 164.377. Employers and service providers must enforce strict access controls to avoid 2026 compliance audits by the Oregon Bureau of Labor and Industries.
Key Regulations for Sharing Passwords in Oregon
- Oregon Identity Theft Protection Act (ORS 646A.600–628): Prohibits sharing login credentials for non-business purposes, imposing fines up to $1,000 per unauthorized disclosure. Entities must document access permissions annually to align with 2026 regulatory updates.
- Computer Fraud and Abuse Act (CFAA): Criminalizes password sharing that exceeds authorized access, with potential felony charges for repeated or large-scale violations. Federal enforcement remains active despite state-level scrutiny.
- Oregon Bureau of Labor and Industries (BOLI) 2026 Compliance Mandates: Requires employers to implement multi-factor authentication (MFA) for sensitive systems and prohibit password sharing in employee handbooks. Non-compliance triggers audits and corrective action plans.