Boss Fires Employee, Then Asks For Access Codes Months Later

Most people assume that once you’re fired or laid off, your responsibilities end the moment you walk out the door. That’s usually how it works, especially when there’s no proper handoff or follow-up.

For this Redditor, that assumption was tested months after losing his job. After being cut loose with minimal communication and no offboarding, he suddenly received a message from his former boss asking for help accessing something work-related. The request was casual, almost dismissive of how things ended.

Now he’s questioning whether refusing to respond makes him unreasonable or simply cautious. Keep reading to see what access his boss wanted and why the timing made it feel especially inappropriate.

A fired employee is contacted months later when a former boss needs access codes

When someone leaves a job, whether through resignation, layoff, or termination, the relationship between employer and employee changes legally and operationally.

Employers are expected to handle the employee’s departure in a structured way, called offboarding, which includes formally closing access to company systems and data. This process helps ensure security, compliance, and operational continuity after the employee is gone.

Practices repeatedly recommended by security and HR experts include revoking access to systems, deactivating credentials, and changing passwords immediately upon termination.

These steps protect company data and ensure that former employees no longer have login privileges, even if they previously had multi-factor authentication set up on their devices.

For example, one cybersecurity guide explains that offboarding should disable remote access, network accounts, cloud services, and any authentication tied to former employees so that the organization’s infrastructure remains protected.

Another resource notes that properly managed offboarding even includes revoking access to SaaS tools, email accounts, and internal collaboration platforms.

Best practices in professional offboarding also highlight that personal devices should not be used as corporate authentication tools after someone leaves the company.

Using a former employee’s phone for two-factor codes introduces security risks and violates standard security protocols precisely because offboarding is supposed to end access when someone is no longer employed.

In other words, once the OP’s employment ended, the former employer’s expectation that he should still provide access codes tied to his personal device went against typical security norms.

Proper procedure involves revoking and resetting access credentials on the employer’s side rather than asking an ex-employee to continue facilitating access from their personal account.

Additionally, if the system in question allows any authorized person (with the company’s EIN and security answers) to create a new account, that underscores that the employer did not need to depend on the OP’s credentials in the first place.

That strengthens the argument that providing a code after the fact was unnecessary and potentially risky for both parties.

Take a look at the comments from fellow users:

These commenters said any help now requires pay or HR involvement

These commenters said poor offboarding makes it fully the company’s problem

These commenters flagged serious security flaws using personal devices

These commenters framed it as karma and urged ignoring or blocking

These commenters warned of risk and advised cutting contact entirely

These commenters stressed you owe nothing after termination

Most readers agreed this was procedural. Once employment ended without proper offboarding, responsibility shifted entirely to the company. Ignoring the request wasn’t cruelty; it was caution.

Should former employees feel compelled to fix problems they were never asked to hand over? Or is this exactly why processes exist in the first place? If your old boss texted for access months later, would you respond or let HR handle it? Share your take below.