My brother passed away very suddenly a few years ago, and I was put in charge of wrapping up and archiving his "digital" life. We were very lucky that we had access to a recovery email for his main gmail account (as well as a couple of passwords that his partner knew) and was able to access and archive virtually all data we could think of (services like Google Takeout were invaluable). I realized that if this had happened to me, it would have been virtually impossible to do, as all my passwords and credentials are in my password manager, and the password to that was only in my head.
It's a good thing to plan for this eventuality, to make it easy for your family and friends to wind up your "digital life" after you've passed. 1Password has a very good solution for this, with a "recovery document" you can print out and write down your password on, which contains instructions anyone else would need to access your 1Password account. I gave a copy of this document printed out to a small number of people I trust implicitly.
You never know when something sudden can happen to you. For the sake of those you leave behind, it's a nice gift to plan for this eventuality, even if it seems far off at the moment.
Others in this thread have talked about safety deposit boxes and buried crates. I'd add that you can just give some trusted party a normal encrypted USB flash drive, and eliminate the risk of getting absolutely rinsed out in the event of a house burglary by splitting the password amongst an arbitrary number of your other contacts using the Shamir's Secret Sharing algorithm.
If you put at least 3 of these
on top of each other, my Google
recovery code will appear here:
2 £ 3 > ]7 7#A E
(each with different characters shown, of course. Ask a mathematician to make sure any 3 will show the full code, and any 2 won’t show enough to recover it)
Put them in envelopes, write “open in case John Doe dies” on them, and distribute them among friends.
If you distribute enough of them, I think there’s a reasonable chance they’ll recover your data.
As an improvement, distribute them not to your friends, but to their kids (the probability is higher they’ll be sane of mind when you die), and tell your attorney who has one.
I think that’s overkill, though. I’ve done it simpler: I wrote the full recovery codes down a few times and put them in a few places in my house.
I think that’s fine if I assume burglars won’t take them or won’t know what to do with them and I won’t die in a disaster that also destroys my house.
As someone who _has_ had their house burn down and had to recover their digital life from backups (successfully), this is why I've not made the step to yubikeys.
I'd say a regular will, sealed at a notary is just okay.
If you are really paranoid, why not write a service that works like a dead mans switch and when you don't trigger it for n days it sends all the keys to the kingdom to those who should receive them.
At this point I've moved almost everything off Google and basically now only use my Gmail account for logins on websites I don't want to give my real email address to and to keep Inactive Account Manager setup to send the necessary info to get into my 1Password account to my brother if I die.
I have a will setup with all my financial details and have set beneficiaries everywhere but this feels like a good backup in case I forget to update it with something or my family has trouble gaining access using other means.
That’s a helpful link! Do you know if google allows access to Gmail once inactivity is triggered? Ideally my contacts could use it to recover access to my password manager.
You have the option to allow that yes. When you add people to be contacted you're able to granularly decide what parts of your google account they get access to and can optionally add a personal message as well.
I am picturing a room full of non-programmers staring at all these documents, codes and Docker commands and saying “Well, Greg was obviously crazy. Instead of leaving any of his passwords, he just left pages of gibberish. I guess we’ll never be able to access anything.”
Me too, but then I realise that one should include at least a few tech savvy friends - or references to good coworkers or similar which these friends could contact.
I wouldn't trust USB flash drives with anything long term. Best archival method would be to print something out (perhaps an encrypted message in a QR code), have it put away somewhere secure, and use that for a key to unlocking everything else.
Yes, this, USB flash drives live at most 5 years or something. Things get even worse for SSD.
If we are talking just about credentials, you can just print the password and access instructions to a password manager and give it to the people you trust. This is one place were having a cloud password manager might be helpful, otherwise you would need to also provide the access to a device containing the offline manager (or a updated copy of it)
You probably don't need to keep a whole flash drive for credentials. Unless you also want to keep some other files secure without being on other devices
Bitcoiners have been thinking about this storage problem for a decade now. Secure electronic devices in faraday cages and tamper and water proof bags or engraved steel plates (possibly cut up and distributed) seem to be the way to go for storing small bits of extremely valuable information.
Or of course you can use multiple key storage techniques and have a 2 out of 3 or more type setup. It all depends on how valuable the information is.
Security against unauthorized use and data lifespan are separate concerns. They're not fully orthogonal—security tends to make things more brittle—but you can apply whatever form of security you like and then store the secured data in any way you like. Hardburn seems to have been talking purely about the useful life of the archived data. The charge in flash storage leaks, so the data is eventually lost if not refreshed. A flash drive is reliable for a year, but not a decade. If you want long term storage you're going to want something else. Paper would be fine for most uses. An ordinary printout subjected to ordinary handling is good for a few decades with reasonable storage conditions.
I had a similar situation where I lost my brother very unexpectedly. I ended up having to run a password cracker on his windows account because nobody had a recovery email. Thankfully his windows credentials were not very strong and his gaming GPU was able to crack the password in a few days using a Linux livecd, and I was able to expand from there into his 1Password account. Like you, I realized that having a trusted second party with the keys to my digital kingdom would be a wise choice in case of a disaster.
This is one of the reasons that I’ve begun to pare down the number of online financial accounts I have, even though churning for bonuses is fun.
Every single one will have to be dealt with eventually by someone, so if I can reduce the number of banks I deal with it’s worth it, even at some small cost of not being “perfectly optimal”.
Yeah I used to have a massive spreadsheet tracking the entirety of household finances. I was worried that no one would know where the money was if I suddenly died, so I started a monthly finance 1:1 with my spouse. Even wrote an "upon death or incapacitation" playbook for her.
The second session was just her saying WTF I can't keep track of the location, ownership and tax benefits of 40 accounts!
I've since closed 3/4 of all accounts because of that.
The killer for me was working out how much time I was spending playing Excel Warrior and how much it was “making” me and realizing that I was working in my free time for Pennie’s.
that is what keeps me from getting into all this detailed finance management or worse trading, likewise any other side business that could earn some money but just isn't the kind of work i want to do.
making a budget is useful, as is tracking your expenses, but that's about it for me.
Banks are the last thing I'd worry about (I wouldn't) - they're highly regulated, audited, and have been dealing with this forever, since before 'passwords'.
Additionally, if you don’t list a beneficiary on any of these accounts, they have to go through probate court to gain access. The fewer hurdles and headaches that your loved ones have to go through the better. Having dealt with this early this past year with a family member, having the list of “chores” to do upon passing helps and reduces the headaches. Especially if those funds are necessary to pay for the sudden bills that a funeral and so on can bring up.
My wife and I have four kids and for each of them is a personal savings account, a savings account we keep for them to accumulate over time to avoid a taxable lump sump “gift”, and a tax advantaged educational savings account. For ourselves we have brokerage, savings, checking, and each have pretax and post-tax advantaged retirement accounts and health savings accounts. Many tech employees would also have 401k and possibly equity compensation accounts. And then any credit or debt (mortgage) accounts on top of that.
Our family is big, and the number of accounts scales with the number of people, but that’s about 25 without getting into anything moderately interesting.
The US based financial industry is a make work project for bankers as far as I can tell. The US creates all sorts of classification of money causing the need for at least 3 retirement account types, a college savings account per Child per contributor.
I'm only scratching the surface of the number and types of accounts an American can have. It is also useful to have different banks for different services.
Pretty common in the US verses the EU/UK. The basic middle income set would be:
A checking account
A savings account (might be at the same institution as the checking, might not)
From your employment you may have.
- A 401k Account
- A Health Savings Account (HSA)
- A Health Flexible spending account
These will be at whatever institution your employer uses. As these change every time you change jobs you might have multiples of these in play unless you are diligent in rolling over and closing old accounts.
You also might have:
- Individual Retirement Account (possibly two, one Roth, non-Roth)
- College Savings Account (if you have kids and want save for collage in a tax friendly way)
- Money Market/Broker account for stocks etc.
If you live in a community property state then you probably have a second set of some these so you that you don't mix individual assets with community assets.
Market consolidation has made it easier to go with an single provider for a lot of the above, but it's still busy work keeping on top of everything.
The only reasons I can imagine are fund transfer times, and some isolation security for big amounts. As a fellow dutchie, I just use one bank for personal, and one for my business.
You sign up for them and never close them. I probably have nearly 50 credit card accounts alone and since they're free of monthly/yearly fees, I really don't have much motivation to close them.
On top of that I have two retirement accounts, four bank accounts (not counting various accounts AT those banks), and more. They collect if you don't weed them out.
Someone may have chequing+saving at one bank, a stock brokerage (or retirement savings) account at another institution, and a may have credit card(s) from completely different one(s).
So that could potentially be (at least) three different financially-related accounts.
Not so uncommon in NL. As a Dutchy you should have heard of Bunq which allows you to open unlimited accounts. The idea is to use each as savings pots for specific things such as a holiday, car, groceries, etc.
Other banks allow the same thing via virtual accounts.
Sign up bonuses. Some give an extra few percent on interest when you sign up, so you move all your money in, collect, then close the account out and go to another bank and repeat.
It’s not necessarily related to wealth (except that you need some savings), but when ING Direct was a thing my wife and I had an account for every savings goal and used it as our “envelope” system. There was no cost per account and you could open one in seconds, so we had a bunch of low value (dozens of dollars! Dozens!) accounts for saving for our next phone or vacation. That could have been done with a spreadsheet, but it was less work to just make separate accounts.
> all my passwords and credentials are in my password manager, and the password to that was only in my head.
It’s not just death I worry about. Anything that causes me to lose my memory of the password, from disease to head injury, leaves those trying to help me locked out of everything.
A password manager is an incredibly helpful tool to leave behind, it’s a compiled list of all vendors you have registered an online account with.
But, IIUC, without legal authority to access those accounts on my behalf it might not be sufficient. I’m planning to talk to an attorney that specializes in taking care of the legal side too. IIUC there are accounts you need legal authority to access even if you have the password. For example, if I give my friend the password to my 401k with the purpose of managing my estate, them using that password can put them in a legally gray area.
Also planning to work out a rough order of importance and context for a subset of accounts can help. Like writing down which financial vendor is managing the life insurance policy and whether that’s tied to my employer or not (if I lose my job leading up to my death, I.e. during a long battle with an injury, will I lose my life insurance before it pays out?)
A “red binder” project is on my families short list - the “I’m dead or incapacitated, here’s what you do” playbook. The above is how I’m thinking about things. I would love to hear more thoughts/perspectives
> But, IIUC, without legal authority to access those accounts on my behalf it might not be sufficient.
Relatedly, most digital accounts explicitly don't survive the user in their Terms of Service agreements. I think there are a lot of legal battles to come over digital inheritance rights for accounts like Movies Anywhere and Steam and App Store purchases.
Another consideration, when my dad passed we had his passwords but not his phone or tablet pins/patterns.
Both devices are encrypted, and the samsung I believe is set to wipe after a number of failed attempts. While there probably isn't anything on them, it's always been a pain to not know.
> While there probably isn't anything on them, it's always been a pain to not know.
I know I wouldn't care because I'd be dead, but I really do not want my family getting on to my personal devices after I'm dead. Those are things that I will never give them the passwords for, not everything is their business.
I think that's fine; albeit a potentially awkward conversation, I personally would rather have known "hey, here's what you can get into, here is what is private" but we never talked about it at all.
Especially important to communicate that in your case, on the off chance they want to hire a data recovery firm in some hope of saving wedding photos or something
> Especially important to communicate that in your case, on the off chance they want to hire a data recovery firm in some hope of saving wedding photos or something
I share any photos with them they might want, but I hopeful that Apple's security setup prevents any practical data recovery. I know my family too well, if I explicitly said "this is private" they'd be trying to get in the moment I was cold.
There's nothing bad on my devices, but there's lots they don't need to know about me.
Imagine once bronies age enough that they kick the bucket en masse and their families spend tens of thousands on data recovery only to discover "damn, that's a lot of horse porn."
Doesn't matter as much what you do or how, but more importantly that you've communicated it to the people who will have to deal with your stuff if you were to kick the bucket tomorrow.
My parents simply made a list of passwords on a piece of paper, buried with the other important papers.
I have a doc, which is password-protected and shared with my wife. It contains details of bank accounts, how to access shares, who we're insured with and passwords / passcodes for things she might need access to.
i have all the family photos on encrypted devices, and the most efficient way to share them is to share the passwords for those devices. my phone they don't need because the important stuff from the phone is backed up anyways, so they just need that backup.
so i guess the easiest way is to keep separate backups of stuff you want to keep private and stuff you want to share.
My brother-in-law's mother passed away last year and he was in a similar situation. Even beyond the digital realm, there are so many details in a person's life that have to be attended to. Insurance, mortgage, vehicle ownership, etc etc. It's really an overwhelming process and it took a toll on him.
I've been thinking about building a platform to help prepare for and guide families who are faced with this kind of situation.
I had to go through this for my Mom an ex-pat in Israel. The account I was using was a joint-schwab account we had shared for 2 decades.
I mentioned to Schwab that she had passed and they froze the account until I could prove the estate was less than $14 Million. Needless to say this was a disaster as I was in a foreign country writing checks left and right.
The issue was that it was foreign addressed account of a US domiciled bank. The IRS places the liability of the taxes on the bank if the estate is over $12 Million. Schwab would recognise a letter from the IRS stating that or any US probate court. My Mom's estate with no US assets has no US based probate court access. The IRS rule was enacted after our joint-account was opened and blew up our estate plan.
Needless to say in 30 years I only had one problem with Schwab (which I had praised as the best bank ever until that moment). I have been unwinding all of my families Schwab accounts.
I think the hard part is more that it's difficult to focus on the business decisions against the background of a loved one's death, more than the process itself is difficult.
You pretty much need an estate lawyer just to navigate all of the legal stuff associated with a person's passing, and I went through this a few years ago with my own father.
But the majority of attorneys who handle estates can also handle all of the financial and personal details as well. The only times this really NEEDS to get complicated is when the estate has a negative net worth (which means a potential lack of funds to close the estate), contains businesses that need to be sold or split up, or when survivors fight each other for their percentage of the inheritance.
I've recently been planning for my death, no urgent need, but you never know.
I've put a backup of my keepass passwords on a USB as well as a printout of the passwords and the master password in a firebox. I also keep a list of assets and financial accounts in there along with birth certificates and passports. My spouse and I both have a key.
I would have used a safe deposit box but those are disappearing.
Weirdly this is something I’ve been thinking about a lot recently. I had no idea 1Password provided a recovery kit until you mentioned it. Just had a look and looks good.
I’ll definitely go through the steps, but I’m wondering what the best way to store it is. Feels weird keeping a document lying around giving access to all your passwords, bank cards, finances etc.
My system is a little custom and complicated and tailored for me specifically, but basically my device periodically sends a ping to a service I built in cloud. I also have something like the google inactive account manager set up which is probably easiest for most people who use gmail:
I'm lucky enough to never have been put in this situation, so please excuse my ignorance: why does someone need to be able to sign in to my accounts when I'm no longer?
Lots of other people have mentioned very good practical reasons (and you can read the linked post for others, like people being unsure of what the password to the Vim FTP is), but there are lots of good sentimental ones as well.
When something like this happens, you lose your mind slightly, and you become obsessed with preserving whatever is possible to preserve of the person. I went so far as to record his voice-mail message, just because I felt i needed to.
Of all the internet stuff, the thing that was most important to us was photos: he was a photographer, and he used a photo-uploading service (I think it was Google Photos, but I'm unsure, it's been a couple of years) and I was able to get an archive with all his thousands of photographs.
Eventually, I put everything I could possibly find (computers, internet services, whatever) into one big zip file, and put it on my local NAS (which is backed up to the cloud). I don't think I'll ever have the heart to go through it again, but my brother had young kids who never really got to know their dad. I figure one day they might want to look at it (even if it's 30 years from now) so it makes me feel good to know that it's been preserved.
When my father in law passed away his wife asked me to get some photos on a thumb drive for her. I knew his password from watching him login, I also went ahead and deleted his browser history.
If you are perfectly prepared for your passing and made your will, arranged all the financial stuffs, told your friends and family everything needed etc. then you don't need to give access to your accounts. But many people don't have that luxury. When death is unexpected, things get messy, e.g you may want to continue paying the mortgage on time, or shutdown social media accounts, or make announcement of their passing using those accounts, or contact their lawyer, or cancel subscribed services, and so on.
While most people have focused on post-mortem account recovery, that's not the only occasion. The small company I've worked for has had the last three administrators leave the company in arrears for a time with quick departures and little handoff of procedures. It is all the more frustrating because we overtly use a shared password managment tool for accessing client servers.
When my dad died my mom needed access to all the accounts to do things like pay the electric bill. That is all done online so without him logging into the online bill pay she would have no way to know what was owed. I suppose after a few months of not paying they would send a paper bill, but then there are late fees and the like.
Doesn't work for all services. Some services will, if unable to charge the card,send whatever amount to collections, and now they have to deal with that.
You'd think it's that easy. Some places literally are unable to do anything unless you're some sort of "signatory" or the actual account holder. No amount of if, buts, maybes, and certified/stamped copies of death certificates will convince them.
I couldn't even cancel the health insurance company's recurring payments after a death. And they had the audacity to send a "how was your hospital stay" questionnaire to the account holder's email after they were "discharged" by the hospital.
> And they had the audacity to send a "how was your hospital stay" questionnaire to the account holder's email after they were "discharged" by the hospital.
That feels like an email that deserves an honest response:)
Its not just about passing away, even a sudden incapacitation from which you do recover may pose a bit of a challenge for the relatives:
Some time ago my dad had some severe heart problems which lead to him being hospitalised for multiple months and a lengthy recovery where he was in full "vegetable" mode in the beginning. As he is somewhat of a "patriarch" personality the whole family finances, insurances etc. where all on his personal system.
It really was "fun" to sort everything out for us and even more "fun" for himself making any sense of his whole accounting sheme after suffering some memory loss during the whole ordeal.
So... having some "letter of last resort" deposed somewhere may even benefit yourself...
that's what would scare me the most. to forget my passwords due to some accident. if i pass away it wouldn't matter to me, but the thought of recovering from an illness but then not being able to access things that i had before is horrifying.
I'm genuinely curious why this needs to be done. Maybe I'm weird, but I don't think I have anything valuable online that my family would want. Of course, there are all my financial accounts, but I would think that just a password wouldn't do them much good with those, at least to legally drain them. I would think (and could be wrong) they would need to go through legal channels for that. What else is there? I can't imagine they want download my email which is mostly just business transactions anyway.
I can think of a handful of things that it might be nice or convenient for someone to be able to access (subscription services and whatnot), but I agree that it seems legally unwise to encourage anyone to try to log into my financial accounts and move money around after I die. Naming a beneficiary is a sounder strategy.
When we talk about these things it is always assumed that we want our family to have access to our digital lives after we die. I have lots of pictures from shared memories that I want my family to have - and they already do.
Other things I want to die with me - things that were not shared with my family before I died shouldn't be shared with them after I die.
Why is it that we generally assume that we should get access to other peoples private stuff because they are dead?
Again, not trying to make this an attack on you.
And of course I am excepting getting access to bank accounts and insurance.
I'm with the other guy. Your unique pattern of electronic activity has ceased irrecoverably. No need for your patterns of electronic activity in computers to be any different.
Now that I think about it, I should probably do the same. I use Bitwarden and they allow you to add an 'emergency contact' that is granted access after X amount of days.
My condolences about the loss of your brother. My kid brother passed away a few years ago as well, and his digital footprint is one of the most vivid portraits of his last years, and to me a treasure beyond accounting.
I strongly second the imperative to preserve as much as possible in the event that any of us suffer a mischief.
Had the same experience with my dad passing recently, we had access to everything because we know the passwords he uses and he was ok with sharing those with us.
Will definitely look into the 1password emergency kit, thanks for mentioning it. 2fa is the other big challenge after that.
LastPass let you put two emails as your family members and you setup a 30 day limit to show you are alive. If your loved ones require access to your passwords and you are not there for 30 days, Lastpass release your passwords to them
I keep a hard card in my safe next to my property titles, and other important paper work that has my bitwarden master password on it. From there who ever processes my estate should have no problems accessing everything
I had a similar experience about 18 months ago when my friend A. suddenly died. He was fit and healthy, but for some reason had a seizure on a bike ride, crashed, and that was the end of his story.
Unfortunately for his widow, she and he were not on a family account with Apple, and so it took a LOT of rigmarole to even access, say, the photos on his phone.
Apple now has a "Legacy Contact" feature you can enable; this is a VERY VERY GOOD IDEA FOR MOST PEOPLE. I assume Google has something similar if you're on Android.
The tl;dr is really "you just gotta have a plan." When you go, next week or decades from now, it'll be hard for those you leave behind. Do whatever you can to make it easier for them.
It's a good thing to plan for this eventuality, to make it easy for your family and friends to wind up your "digital life" after you've passed. 1Password has a very good solution for this, with a "recovery document" you can print out and write down your password on, which contains instructions anyone else would need to access your 1Password account. I gave a copy of this document printed out to a small number of people I trust implicitly.
You never know when something sudden can happen to you. For the sake of those you leave behind, it's a nice gift to plan for this eventuality, even if it seems far off at the moment.