Does the GPL require that I provide passwords or authorization keys for online services or root accounts to users of the software?
When the GPL requires that the software include “any encryption or authorization keys necessary to install and/or execute modified versions from source code in the recommended or principal context of use, such that they can implement all the same functionality in the same range of circumstance”, this does not include passwords or keys for logging in to online subscription services or administrative accounts. The inability to login to a system should be considered in the “range of circumstances”, and is not a restriction on the software, but on the users made by service providers to charge a price for their services or maintain security on a system. A few sentences later, the GPL better explains the requirement as, “A key need not be included in cases where use of the work normally implies the user already has the key and can read and copy it, as in privacy applications where users generate their own keys.
When the GPL requires that the software include “any encryption or authorization keys necessary to install and/or execute modified versions from source code in the recommended or principal context of use, such that they can implement all the same functionality in the same range of circumstance”, this does not include passwords or keys for logging in to online subscription services or administrative accounts. The inability to login to a system should be considered in the “range of circumstances”, and is not a restriction on the software, but on the users made by service providers to charge a price for their services or maintain security on a system.
