How to Securely Hand Over Passwords and Data When Changing Jobs
A practical guide to safely transferring work accounts, passwords, and confidential data to your successor when leaving a job. Encrypted sharing methods and handover checklists.
The Hidden Security Risk of Job Transitions
Every year, millions of employees change jobs. During the transition, sensitive data — passwords, API keys, client information — must be passed from the departing employee to their successor.
Too often, this happens through Messenger, email, or sticky notes. These methods leave credentials permanently exposed in chat histories, email threads, and on desktops. When the departing employee's devices are compromised later, everything they shared is at risk.
Sensitive Data That Needs Handover
| Category | Examples | Risk Level |
|---|---|---|
| Service accounts | CMS, hosting, domain, social media | High |
| API keys & tokens | Payment systems, third-party integrations | Very High |
| Database access | DB host, username, password | Very High |
| Client data | Contact lists, contract details | High |
| Internal docs | Strategy reports, budgets, plans | Medium |
| Physical access | Office door codes, safe combinations | High |
Methods You Should Never Use for Handover
1. Sending passwords through iMessage or Messenger
Chat histories persist forever. Even after you leave, your passwords sit in someone's conversation thread.
2. Spreadsheets with password lists
Unencrypted Excel files can be opened by anyone. Sharing via USB adds the risk of physical loss.
3. Sticky notes on monitors
Visible to anyone who walks by the desk — visitors, cleaning staff, delivery people.
4. Passwords in email body text
Email syncs across multiple devices, is searchable, and is a prime target for hackers.
The 5-Step Secure Handover Process
Step 1: Inventory all handover items
Two weeks before your last day, list every account, credential, and dataset that needs to be transferred.
Step 2: Transfer account ownership where possible
Google Workspace, AWS, Slack, and most enterprise tools allow admins to transfer ownership directly.
Step 3: Use LOCK.PUB for password delivery
For accounts where ownership transfer isn't possible, create an encrypted memo on LOCK.PUB.
How to use:
- Create a secret memo on LOCK.PUB
- Enter the list of passwords and credentials
- Set an access password + expiration (e.g., 7 days)
- Share the generated link with your successor
- Communicate the access password via phone call or in person
Once your successor views the memo and the link expires, no one else can access it. The credentials don't linger in any chat history.
Step 4: Have your successor change all passwords
Instruct them to immediately change every password they've received.
Step 5: Deactivate the departing employee's access
On their last day, revoke all account access immediately.
Handover Security Checklists
Departing Employee Checklist
- Create inventory of all handover items
- Transfer account ownership where possible
- Deliver passwords via LOCK.PUB encrypted memo
- Delete work data from personal devices
- Log out of all work messaging and email apps
IT Admin Checklist
- Deactivate departing employee's accounts
- Reset 2FA on shared accounts
- Change all shared passwords
- Revoke VPN and remote access
- Collect company devices
Successor Checklist
- Change all received passwords immediately
- Set up 2FA on all accounts
- Verify access scope and permissions
- Confirm LOCK.PUB links have expired
Real-World Mistakes
Case 1: Former employee accessing Slack 6 months later
A company forgot to deactivate a Slack account, allowing the former employee to read confidential channels for months.
Case 2: API key leaked through old iMessage thread
An API key shared via iMessage during handover remained in chat history. When the ex-employee's phone was compromised, the key was exposed.
Case 3: Shared account password never changed
A departing employee continued accessing a shared CMS because the password was never updated after their departure.
Summary
Job changes are a part of professional life, but handover security is routinely overlooked. Instead of sending passwords through iMessage, use LOCK.PUB's encrypted memos with expiration dates. Follow a structured checklist, and you'll significantly reduce the risk of data leaks.
A secure handover protects both the person leaving and the team staying behind.
Keywords
You might also like
How to Send Confidential Files Safely on Microsoft Teams
Learn the security risks of sharing sensitive documents through Teams chat, and how to use SharePoint permissions, link protection, and encryption for safe file sharing.
How to Share Zoom Meeting Recordings Safely — Without Risking Leaks
Learn how to securely share Zoom meeting recordings with colleagues and clients. Password protection, link expiration, and encryption best practices.
Secure File Transfer Methods Compared: SFTP, Encrypted Cloud, and More
Compare the most secure file transfer methods including SFTP, encrypted cloud storage, password-protected links, and encrypted email. Pros, cons, and use cases for each.
Create your password-protected link now
Create password-protected links, secret memos, and encrypted chats for free.
Get Started Free