Job application asks you to provide your Facebook password.

You stay klassy, Bozeman, Montana.

Applying for a job with the City of Bozeman? You may be asked to provide more personal information than you expected.

That was the case for one person who applied for employment with the City. The anonymous viewer emailed the news station recently to express concern with a component of the city's background check policy, which states that to be considered for a job applicants must provide log-in information and passwords for social network sites in which they participate.

The requirement is included on a waiver statement applicants must sign, giving the City permission to conduct an investigation into the person's "background, references, character, past employment, education, credit history, criminal or police records."

"Please list any and all, current personal or business websites, web pages or memberships on any Internet-based chat rooms, social clubs or forums, to include, but not limited to: Facebook, Google, Yahoo,, MySpace, etc.," the City form states. There are then three lines where applicants can list the Web sites, their user names and log-in information and their passwords.

[...] "We do those types of investigations to make sure the people that we hire have the highest moral character and are a good fit for the City," Sullivan said.

Tags: , ,

41 Responses:

  1. violentbloom says:

    that's new. but not surprising.

  2. cjensen says:

    Seems to me that giving out a password for no reason is a good test of a prospective employee. If they give it out, they are a security risk and automatically non-hirable.

  3. bunny42 says:

    Who'd wanna live in Bozeman, anyway? Nothing much there except fish camps, is there? Wonder if this will backfire on the city when they can't find any qualified applicants willing to bend over?

  4. whumpdotcom says:

    How do we know it's really Bozeman?

  5. skreidle says:

    Address? Sure, they'll probably find it anyway. (Just lock down anything you don't want public first.) Username/password? Oh Hell No.

  6. i_e_d says:

    Well at least they're not asking for your password to 4chan

    • kou says:

      The proper term might be tripcode. Nevermind that, I would like to see the expression on their faces when they see 4chan...

  7. substitute says:

    One is tempted to apply and then give them a rigged set of social network profiles containing the worst possible material: nauseating, incomprehensible, terrifying, life-changing mazes of horror. City HR people guzzling whiskey and sobbing under their desks, etc.

    • kou says:

      HR DEPARTMENT: "So what social sites do you belong to?"
         APPLICANT: [Web 2.0 sounding name]
      HR DEPARTMENT: "Hmm, I haven't heard of that. I'll need the URL and password"
         APPLICANT: "Okay, it's..." [Applicant provides website URL and login/pass]
      HR DEPARTMENT: "Uhh, I can't seem to get in. It needs a plugin"
         APPLICANT: "Oh, you just need to install Microsoft Silverlight. You see, it's this Flash thingy..."
      HR DEPARTMENT: >:(
      HR DEPARTMENT: So what's this for again?....
         APPLICANT: "Also, you need to install their special Ask Toolbar to see any profiles. It just takes a second. "

    • 7ghent says:

      Just follow that up with your username and password.

    • danlyke says:

      I was thinking create an account for such a thing, populating it, and simultaneously giving them the account information and finding a way to casually and anonymously leak same on /b/ or somesuch.

      Wait a week or so, then storm down to the city attorney's office and ask if he wants to settle on the defamation of character suit you're about to bring because you trusted the city with information that was used to... well.... 4chan. Shudder.

  8. wasteddream says:

    Hayward PD does this for all applicants.

  9. kou says:

    There is nothing prohibiting an applicant from changing a password after it has been written down. It's good security practice and may be enforced by a password expiration policy as well.

    On the other hand, anyone tech-savvy would not use their real names online - excepting perhaps Facebook and LockedIn - anyways. MySpace is just a pedo trap today, YouTube is NOT!!! intended to be a "chat room" and I didn't even know Google and Yahoo even had "social clubs" and "forums".

    (and no, "Yahoo! 360" and "Google Pages" don't count unless you're willing to include Windows Live Spaces as well. Seems there's no mention of their Flickr and Blogger brand either. )

    • glumx says:

      Google's social network is called Orkut but is only popular in certain places from what I hear, like Brazil apparently.

    • boldra says:

      anyone tech-savvy would not use their real names online

      Either you're suggesting JWZ isn't tech-savvy, or ...

    • pavel_lishin says:

      On the other hand, anyone tech-savvy would not use their real names online

      Why not? I use my real name just about everywhere, and I've rarely regretted it. In fact, it helps me stay in check - it's a lot easier to stay out of flame wars and stop myself from posting hilariously racist and sexist comments when I see my name and realize that with perhaps an hours' time, anyone could probably find out where I live and work.

      • danlyke says:

        Yeah, I've used my real name online since the early '90s (I wanna say "since I could be tried as an adult", which would be the mid '80s, but I think I kept using those identities longer). My cell phone and home address are one click from searching on either "danlyke" or "Dan Lyke", and I'm just fine with that.

        In years of a fairly open online presence I've only gotten one crank phone call related to that (some sales-guy who was probably drunk who was trying to get me to change my opinion on Kirby vacuum cleaners, based on a discussion forum denigration I'd made about same) and have had some good contacts.

        And its given me a bunch of good anecdotes on "why you shouldn't be a dick on the net" to tell to the kiddies, including that a discussion is how I ended up with my stint at Pixar.

        • pavel_lishin says:

          It's kind of funny. I started off using a handle that didn't really contain anything traceable to me for everything.

          Then my friend reset my Yahoo! password, and its policy at the time was to send the new password to a backup e-mail address.

          Of course, the backup e-mail address by then had been closed down, and I lost my e-mail account, and forced to re-create that identity, I got lazy and went with my name. If it weren't for my friend, I could still be posting as wolf303.

          In fact, thinking back, haven't there been a flurry of articles on HackerNews and reddit and such about the value of using your real name on the work you do online, so that you can build a reputation with other people in the field? Staying very anonymous seems like something that's great for middle schoolers and trolls.

          Also, care to share some of the anecdotes? (Although maybe jwz's livejournal may not be the best place for that...)

          • lionsphil says:

            Ditto on both the real names issue, the interest in the anecdotes, and probably-somewhere-else of the telling.

            (Short version: "me too!")

          • danlyke says:

            The big one is that back in 1995 I'd started an ISP in Chattanooga Tennessee with a few friends, giving me access to and a place to toss a web page, on which I started to write some graphics stuff. One day Ed Catmull sent me an email out of the blue asking if I wanted to come interview at Pixar, on the basis of what he'd seen of me on the net.

            Lots of other littler times, I think I got lunch at CGDC 'cause someone recognized my name and I'd helped them with a QuickTime codec in some forum, things like that, but a lot of the connections that have moved me through my career, such as it is, have been made online.

            Nothing cosmic or earth-shattering, although Pixar was a fun half-decade and got me out to California, but I've just had a bunch of reminders that my online presence and persona is an extension of my real-life one. I didn't get much out of college, but I had one professor who told me repeatedly "whatever else you do, publish, publish, publish". I believe he was right, and the net makes it cheap and easy to do that.

      • with perhaps an hours' time, anyone could probably find out where I live

        Fifty-three seconds:

        Looks like you flamed someone and they came to your house and
        kicked over your trash can.

        • pavel_lishin says:

          Well, you got close to my parents' house, but not quite.

          Actually, that's something that bothers me a lot more. If I well and truly piss off an internet psychopath, my parents will be the ones to get bricks heaved through their windows.

    • editer says:

      MySpace is just a pedo trap today

      Spoken like someone who's never been there. Plenty of people still use (or should I say "put up with") MySpace; it's much more popular than Facebook among several demographics.

  10. rjhatl says:

    "We do those types of investigations to make sure the people that we hire have the highest moral character and are a good fit for the City," Sullivan said.

    You just know that with quotes like that, a story about Sullivan's dungeon of preschool child slaves is going to break in the next six months. It's inevitable.

  11. jkonrath says:

    You could always give them a user/pass on a site you've constructed that will then install an unending amount of malicious shit in their PC, including some nice spyware to bot their entire computer force, plus a nice goatse screensaver and toolbar set.

  12. "You know, I can understand that concern. One thing that's important for folks to understand about what we look for is none of the things that the federal constitution lists as protected things, we don't use those. We're not putting out this broad brush stroke of trying to find out all kinds of information about the person that we're not able to use or shouldn't use in the hiring process," Sullivan said.

    Now these are the words of a man who knows exactly what he's doing. I feel relieved already.

  13. 5beroptic says:

    How about I give you the login-in information for my EatShitnDie account?

  14. telecart says:

    Isn't Bozeman, Montana the place that kicked out Robert Pirsig for being a 'radical' ?

  15. cattycritic: I can understand requesting social network ids, but not login credentials
    as one commenter said, it's almost exactly like asking to read someone's diary, but also to be able to edit it
    I'd just claim I didn't have any, or I'd set up a fake one just to throw them off

    christopher575: I'd just leave Montana

    cattycritic: yes, one's presence in some podunk place like Bozeman Montana is already questionable

    christopher575: why get a job with the city when you're obviously a meth cooker anyway?

  16. cowboyx says:

    I believe the Mayor and all of his councilors should also provide their login information to the citizens.

    [...] "We do those types of investigations to make sure the people that we hire have the highest moral character and are a good fit for the City," Sullivan said.

    Fair is fair.

    • kingfox says:

      Now that's transparency.

      Also, they are asking people to violate the terms of service for these "social clubs", which clearly forbid sharing passwords, to make sure they're of sound moral character? Err, what?

  17. dzm6 says:

    They're putting the policy on hold while they evaluate its legality and why the community seems so upset by it.

  18. Dennis says:

    From Bozeman's IT Policy:

    The following activities are deemed inappropriate uses of City of Bozeman systems and services and are prohibited:

  19. Sharing E-mail and Internet account passwords with another person, or attempting to obtain another person's E-mail and Internet account password. E-mail and Internet accounts are only to be used by the registered user.
  20. Emphasis mine.

  21. coldacid says:

    Seems they decided that they didn't want to be a bunch of retards after all, and rescinded the password thing.