Rule number one when applying for a job: lock down your Facebook profile's privacy settings.

There's nothing worse than a perspective employer possessing photographic evidence of exactly how hard you partied in college or the full extent of your airbrushed unicorn t-shirt collection--at least until after you've received your first paycheck.

Employers are tricky: many increasingly require applicants to turn over their social media passwords so they can take a look at interviewees' profiles.

Earlier this week, the state of California took moves to outlaw this practice when the state senate unanimously voted for a bill banning employers from demanding access to the social media profiles of both job applicants and current employees as well as barring retaliation if such requests are denied.

The bill's unanimous passage came thanks to wide support from business groups, such as the California Chamber of Commerce, as well as organized labor.

However, not everyone is entirely sold on a sweeping ban on employers' access to employees' profiles. Senator Ted Gaines (R-Rocklin) told the Sacramento Bee that he is worried about the bill making it more difficult for companies to identify workplace harassment. "I want to make sure we are protecting people's privacy," said Gaines. "[But] I have a concern with being able to address early harassment issues."

Such concerns led to an exception written into the law allowing employers to gain access to employees' personal accounts to look into "allegations of employee misconduct or employee violation of applicable laws and regulations."

Facebook itself has vocally come out against the practice."[We] don't think it's right the thing to do," Facebook Chief Privacy Office Erin Egan told CNN. "But it also may cause problems for the employers that they are not anticipating. For example, if an employer sees on Facebook that someone is a member of a protected group (e.g. over a certain age, etc.) that employer may open themselves up to claims of discrimination if they don't hire that person."

It's against the law for employers to ask interviewees for certain pieces of personal information like race, religion or age; precisely the type of information regularly disclosed on Facebook profiles.

Earlier this summer, the state senate approved a similar bill that also outlawed colleges and universities from asking for social media passwords, a practice sometimes done to ensure that college athletes are complying with NCAA regulations.

California is one of 14 states around the country working on legislation to protect social media passwords. Bills in Illinois and Maryland have already been passed but have yet to go into effect.

At the national level, Senators Chuck Schumer (D-N.Y.) and Richard Blumenthal (D-Conn.) have asked the Department of Justice and the Equal Employment Opportunity Commission to look into whether such password requests are in violation of federal law.

"In an age where more and more of our personal information--and our private social interactions--are online, it is vital that all individuals be allowed to determine for themselves what personal information they want to make public and protect personal information from their would-be employers," said Schumer in a statement to the Associated Press. "This is especially important during the job-seeking process, when all the power is on one side of the fence."

This unequal power dynamic can lead to very uncomfortable situations for job seekers, as one Maryland resident recounted to the Associated Press:

Back in 2010, Robert Collins was returning to his job as a security guard at the Maryland Department of Public Safety and Correctional Services after taking a leave following his mother's death. During a reinstatement interview, he was asked for his login and password, purportedly so the agency could check for any gang affiliations. He was stunned by the request but complied.

"I needed my job to feed my family. I had to," he recalled.

Representative Eliot Engel (D-N.Y.) introduced similar privacy legislation into the U.S. House of Representatives earlier this year, but it has yet to receive a vote.

The California bill is next headed to the state assembly and, if passed, will go to Governor Jerry Brown to be signed into law.

Loading Slideshow...
  • Your Birth Date And Place

    While it might be nice to hear from Facebook well-wishers on your birthday, you should think twice before posting your full birthday. Beth Givens, executive director of the <a href="http://www.privacyrights.org/" target="_hplink">Privacy Rights Clearinghouse</a> <a href="http://finance.yahoo.com/family-home/article/110674/6-things-you-should-never-reveal-on-facebook">advises</a> that revealing your exact birthday and your place of birth is like handing over your financial security to thieves. Furthermore, Carnegie Mellon researchers recently <a href="http://arstechnica.com/tech-policy/news/2009/07/social-insecurity-numbers-open-to-hacking.ars" target="_hplink">discovered</a> that they could reconstruct social security numbers using an individual's birthday and place of birth. Rather than remove your birthday entirely, you could enter a date that's just a few days off from your real birthday.

  • Your Mother's Maiden Name

    "Your mother’s maiden name is an especially valuable bit of information, not least since it’s often the answer to security questions on many sites," writes the <em><a href="http://bucks.blogs.nytimes.com/2010/10/12/what-not-to-tell-facebook-friends/?src=tptw" target="_hplink">New York Times</a></em>. Credit card companies, your wireless service provider, and numerous other firms frequently rely on this tidbit to protect your personal information.

  • Your Home Address

    Publicizing your home address enables everyone and anyone with whom you've shared that information to see where you live, from exes to employers. Opening up in this way could have negative repercussions: for example, there have been instances in which <a href="http://www.huffingtonpost.com/2010/02/17/please-rob-me-site-tells_n_465966.html" target="_hplink">burglars have used Facebook to target users</a> who said they were not at home.

  • Your Long Trips Away From Home

    Don't post status updates that mention when you will be away from home, <a href="http://bucks.blogs.nytimes.com/2010/09/15/dont-tell-facebook-friends-that-youre-going-away/" target="_hplink">advises</a> <em>New York Times</em> columnist Ron Lieber. When you broadcast your vacation dates, you might be telling untrustworthy Facebook "friends" that your house is empty and unwatched. "[R]emind 'friends' that you have an alarm or a guard dog," Lieber writes.

  • Your Short Trips Away From Home

    Although new features like Facebook Places encourage you to check in during outings and broadcast your location (be it at a restaurant, park, or store), you might think twice even before sharing information about shorter departures from your home. "Don’t post messages such as 'out for a run' or 'at the mall shopping for my sweetie,'" Identity Theft 911 <a href="http://identitytheft911.com/company/press/release.ext?sp=11132" target="_hplink">cautions</a>. "Thieves could use that information to physically break in your house."

  • Your Inappropriate Photos

    By now, nearly everyone knows that racy, illicit, or otherwise incriminating photos posted on Facebook can cost you a job (or worse). But even deleted photos could come back to haunt you. Ars Technica recently <a href="http://arstechnica.com/web/news/2010/10/facebook-may-be-making-strides.ars" target="_hplink">discovered</a> that Facebook's servers can store deleted photos for an unspecified amount of time. "It's possible," a Facebook spokesperson <a href="http://arstechnica.com/web/news/2010/10/facebook-may-be-making-strides.ars" target="_hplink">told</a> Ars Technica, "that someone who previously had access to a photo and saved the direct URL from our content delivery network partner could still access the photo."

  • Confessionals

    Flubbing on your tax returns? Can't stand your boss? Pulled a 'dine and dash?' Don't tell Facebook. The site's privacy settings allow you to control with whom you share certain information--for example, you can create a Group that consists only of your closest friends--but, once posted, it can be hard to erase proof of your illicit or illegal activities, and difficult to keep it from spreading. There are countless examples of workers getting the axe for oversharing on Facebook, as well as many instances in which <a href="http://www.huffingtonpost.com/2010/08/16/arrested-over-facebook-po_n_683160.html" target="_hplink">people have been arrested</a> for information they shared on the social networking site. (Click <a href="http://www.huffingtonpost.com/2010/07/26/fired-over-facebook-posts_n_659170.html" target="_hplink">here</a> to see a few examples of Facebook posts that got people canned.)

  • Your Phone Number

    Watch where you post your phone number. Include it in your profile and, depending on your privacy settings, even your most distant Facebook "friends" (think exes, elementary school contacts, friends-of-friends) might be able to access it and give you a ring. Sharing it with Facebook Pages can also get you in trouble. Developer Tom Scott created an app called <a href="http://www.huffingtonpost.com/2010/05/24/evil-facebook-app-exposes_n_587144.html" target="_hplink">Evil</a> that displays phone numbers published anywhere on Facebook. <a href="http://www.huffingtonpost.com/2010/05/24/evil-facebook-app-exposes_n_587144.html" target="_hplink">According to Scott</a>, "There are uncountable numbers of groups on Facebook called 'lost my phone!!!!! need ur numbers!!!!!' [...] Most of them are marked as 'public', and a lot of folks don't understand what that means in Facebook's context -- to Facebook, 'public' means everyone in the world, whether they're a Facebook member or not."

  • Your Vacation Countdown

    <a href="http://finance.yahoo.com/family-home/article/110674/6-things-you-should-never-reveal-on-facebook" target="_hplink">CBSMoneyWatch.com</a> warns social network users that counting down the days to a vacation can be as negligent as stating how many days the vacation will last. "There may be a better way to say 'Rob me, please' than posting something along the lines of: 'Count-down to Maui! Two days and Ritz Carlton, here we come!' on [a social networking site]. But it's hard to think of one. Post the photos on Facebook when you return, if you like. But don't invite criminals in by telling them specifically when you'll be gone," MoneyWatch <a href="http://finance.yahoo.com/family-home/article/110674/6-things-you-should-never-reveal-on-facebook" target="_hplink">writes</a>.

  • Your Child's Name

    Identity thieves also target children. "Don't use a child's name in photo tags or captions," <a href="http://www.consumerreports.org/cro/magazine-archive/2010/june/electronics-computers/social-insecurity/7-things-to-stop-doing-on-facebook/index.htm" target="_hplink">writes</a> Consumer Reports. "If someone else does, delete it by clicking on Remove Tag. If your child isn't on Facebook and someone includes his or her name in a caption, ask that person to remove the name."

  • Your 'Risky' Behavior

    CBSMoneyWatch.com <a href="http://moneywatch.bnet.com/saving-money/blog/devil-details/6-things-you-should-never-reveal-on-facebook/2360/?tag=content;col1" target="_hplink">writes</a>: <blockquote>You take your classic Camaro out for street racing, soar above the hills in a hang glider, or smoke like a chimney? Insurers are increasingly turning to the web to figure out whether their applicants and customers are putting their lives or property at risk, according to Insure.com.</blockquote> There have been additional <a href="http://www.huffingtonpost.com/2010/02/22/facebook-twitter-users-co_n_471548.html" target="_hplink">reports</a> that insurance companies may adjust users' premiums based what they post to Facebook. Given that criminals are turning to high-tech tools like Google Street View and Facebook to target victims, "I wouldn't be surprised if, as social media grow in popularity and more location-based applications come to fore, insurance providers consider these in their pricing of an individual's risk," <a href="http://www.huffingtonpost.com/2010/02/22/facebook-twitter-users-co_n_471548.html" target="_hplink">says</a> Darren Black, head of home insurance for Confused.com.

  • The Layout Of Your Home

    <a href="http://identitytheft911.com/company/press/release.ext?sp=11132" target="_hplink">Identity Theft 911</a> reminds Facebook users never to post photos that reveal the layout of an apartment or home and the valuables therein.

  • Your Profile On Public Search

    Do you want your Facebook profile--even bare-bones information like your gender, name, and profile picture--appearing in a Google search? If not, you should should block your profile from appearing in search engine results. Consumer Reports <a href="http://www.consumerreports.org/cro/magazine-archive/2010/june/electronics-computers/social-insecurity/7-things-to-stop-doing-on-facebook/index.htm" target="_blank">advises</a> that doing so will "help prevent strangers from accessing your page." To change this privacy setting, go to Privacy Settings under Account, then Sharing on Facebook.

  • How To Remove Yourself From Facebook Ads

Related on HuffPost: