No, sharing passwords in West Virginia violates state and federal cybersecurity laws, exposing individuals and organizations to civil liability under the West Virginia Computer Crime and Abuse Act (WVCCAA) and potential federal enforcement under the CFAA. Recent 2026 guidance from the West Virginia Attorney General’s Cybersecurity Unit emphasizes heightened scrutiny of unauthorized access, particularly in sectors like healthcare and finance.
Key Regulations for Sharing Passwords in West Virginia
- West Virginia Computer Crime and Abuse Act (WVCCAA, W. Va. Code § 61-3C-3): Prohibits knowingly accessing a computer system without authorization, which includes sharing or using another’s credentials. Violations may result in misdemeanor or felony charges, depending on intent and harm caused.
- Federal Computer Fraud and Abuse Act (CFAA, 18 U.S.C. § 1030): Applies to interstate or foreign access; sharing passwords to circumvent security measures may trigger federal enforcement, especially if data is exfiltrated or modified.
- Sector-Specific Compliance (2026 Updates): The West Virginia Division of Homeland Security and Emergency Management (DHSEM) now mandates annual cybersecurity training for state contractors, explicitly banning password sharing under revised procurement guidelines effective January 2026.
Organizations in West Virginia must enforce strict access controls and document user authentication protocols to mitigate legal exposure. Failure to comply risks enforcement actions from the West Virginia Attorney General’s Office or federal agencies, including fines up to $10,000 per violation under state law and $250,000 under the CFAA.