Slashdot Mirror
Arranging Electronic Access For Your Survivors?
smee2 writes "In the past, when a family member died, you could look through their files and address books to find all the people and businesses that should be notified that the person is deceased. Now the hard-copy address book is becoming a thing of the past. I keep some contact information in a spreadsheet, but I have many online friends that I only have contact with through web sites such as Flickr. My email accounts have many more people listed than my address book spreadsheet. I have no interest in collecting real world info from all my online contacts. The sites where I have social contact with people from around the world (obviously) require user names and passwords. Two questions: 1. How do you intend to let the executors of your estate or family members know which online sites/people you'd like them to notify of your demise? 2. How are you going to give access to the passwords, etc. needed to access those sites in a way that doesn't cause a security concern while you're still alive?"
'To who it may concern. Please use the below username and password to inform the other posters at AlbinoAmazonAmputeeLovers.com of my sad demise.'
I have a password keeper on my Palm and my Blackberry. At the moment, every password and game keycode are in the Palm but I need to export that out and into something similar on the computer so I can back it up.
[John]
Shit better not happen!
a USB drive in the fireproof safe next to any important papers. Passwords for things they don't need to see are not on that drive. If you are worried even more, get a safety deposit box at the bank. Keep it updated and all will be ok. Then, on the other hand, some people don't care... the world can figure it out on their own.
Support NYCountryLawyer RIAA vs People
keep unencrypted discs/disks with whatever you want them to have
keep encrypted discs/disks with unfiltered material from your active backups
ask survivor(s) to kindly chuck computer in shredder upon death.
1.) Isn't this what a will is for?
2.) If you're really concerned about security, you could have the portion of the will that deals with passwords and such encrypted, and keep the encryption key in a different location or with a different agency, with instructions to each that the key is only to be used upon the event of your death.
____
~ |rip/\/\aster /\/\onkey
You write a will. Just as you list ALL financial accounts, you also list ALL social networking accounts. Including your passwords for these sites. Instruct your executor to email/post as you to all about your death. Yeah, I know, writing down passwords is not the brightest idea, but hey these are social networking accounts, not truly important things. I.E. Don't give out the key to your house, but do give out the key to your mailbox. Your account number and similar financial information that you have already given to your will is FAR more important. Therefore if you are trusting your executor with all that financial info, you should be able to trust them with a password. If you are truly paranoid, give them a key to a safe deposit box instead of your actual passwords, then keep a copy of the passwords in the safe deposit box.
excitingthingstodo.blogspot.com
It's usually a good idea to keep your passwords in a convenient application/file on your computer, but you should keep a hard copy backup somewhere safe, like your bank's safety deposit box. This would help in your scenario, as well as help the original owner out a lot in case they lose their password file for whatever reason.
Did you know that "FTW" ("for the win") is a direct translation of "Sieg Heil"?
I mean the guy is everywhere with the survivors... on the island, in the desert, etc. etc. If anyone can arrange electronic access for my Survivor TV show, it'll be Jeff.
TDz.
Put it all on a flash drive and pay $50 a year for a safe deposit box. You can arrange with the bank for access to the box in the event of your death via their paperwork and/or your will.
keep an updated password list with your will in a safe and or in a safety deposit box.
In lieu of keeping a hard and fast associative list (linking account name to account password) you could keep a list of your accounts on one list and supply a list of "commonly used passwords" and the executors can trial and error their way into your various accounts.
Most of us only use 3-5 different passwords for everything, so the "commonly used passwords" thing would be an easy way around password changes/rotations and staleness of the information.
Of course, if you create a new commonly used password, that list should be updated. So long as your executors can reach atleast your email, they should be able to gain access to anything else.
He passed away in August, bout 16 days after my birthday. A few months back when he was still within his wits, he sent me a text file called "Bob's favorite things.txt". In it was a list of sites with his user name and associated passwords with the instructions, "Please archive and terminate these after I'm gone. Notify any friends on this list of my passing." It wasn't the happiest email I ever received from him but I understood. Most were just social networking site stuffs, a few email addresses he kept, an FTP site to some of his attempts at digital photography and so on.
Thankfully it was a small list and when he finally passed away I got on his laptop a few days later and followed his requests. Sent out emails to his contacts notifying them of what happened and that I will keep the accounts open for one month to await a response and provided a link to the obituary so that way they wouldn't have to search to confirm.
Not sure if this answers your question but I guess when all else seems to complicated, just mail a text file to someone you trust.
Obviously, if you change your passwords, you have to change what's in the safety deposit box, so there is some upkeep there.
psmylie's dictionary: Godzillion (noun) Any number large enough to destroy Tokyo
I'm relatively young, so I haven't put a lot of thought into this, but my best friend knows all the personal account names and passwords I use for everything. He would be able to get into any of my accounts with a few guesses. I don't have a comprehensive list of everything, but the main stuff would get worked out.
And before you security nuts go crazy about telling other people your passwords, keep in mind this is a person I trust above anyone else...even my own close relatives. If I can't trust him, then I must live a truely miserable life of denial full of people who dislike me. I also don't tell him any of the admin passwords at work, as A) other people have acces to those, and B) They aren't my passwords to give out, even though I know he would do no harm (hell he'd probably manage the network better than half our admins...)
Oh, I also know pretty much all his passwords too...so...yeah, he better not try anything :-)
As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable Slashdot 2.0.
gmail is not gong anywhere. Set up an email account just for this purpose. set its password to something very obscure that only you and a loved one would know. when you set or change a password, send an email to that account, subject is the site, text is the username/password. You do not even need to ever log in and clean it up. Leave instructions with your will that they are to check that email account and hint what the password is (Dear significant other, check this email account, the password is what you said the first time you saw me naked (thatlookslikeapenisonlysmaller). Problem solved.
I've notified all of my Myspace friends that if they don't hear from me for a 48 hour period, it is likely that I am dead and they should just assume that is the case.
Write everything important in a TrueCrypt file system, email it to those who you would want to have it. Then pay for a safe deposit box, in the box put the password(and keyfiles as you see fit). The executor of your estate will be able to gain access to the box and if you add them as a signer it would be trivial, just don't let them have the key until you are dead.
That's an interesting question, and a difficult one.
I'd suggest putting instructions in a letter, including necessary passwords and so on, and protect it with a password that should be easy to guess for someone close to you.
Or leave a file with the passwords on your computer or on a usb key, and put the password to access it in your will. Sure that's rather low security theoretically, but if you make it clear in your will that the password releases only contact information, who would bother trying to access that?
I'm going to have the executor of my will put posts up on websites that I frequent with a link to a streaming video of my funeral. That way no one will give my executor that whole "pic's or it isn't real" response.
-Ours is the wisdom of Solomon, the magic of Merlyn, the fall of Icaris.
Sames as other "you dead" stuff.
A sealed letter with the lawyer / safety deposit box deal.
I have heard of so called dooms day setups where a chron like timmer is running and if you do not "touch it" .. it will send out a "I'm dead" notice to all the important online stuff .. like your disney world account ..
Just give the mess to your excutor to deal with ..maybe just some large unsub email list..
being dead and all, i cant really see myself giving a damn.
.. or would anyone else doubt the supposed claim of a person's death. I know there's been several cases where someone online has supposedly posted their death, just to create drama and attention, only for it to be later revealed they're alive and well? Certainly on networking sites, at least.
the password to all my accounts and encrypted partitions is
first%20post
I use an algorithm to transform the URL into a password (it's easy to do in my head, but hard to crack). My will has a disclosure of the algorithm. As for which sites, they're all in a bookmarks folder called "Important Sites" in my browser. And anybody who can't put those two items together isn't really executor material.
This was actually part of a business idea of mine about 8 years ago. A type of death notification service. The idea was that you'd periodically give the service an updated list of people you'd like contacted if you die, along with any special messages / instructions (within reason). The company would know where you live (city and state at a minimum), and would do a daily check of the obituaries / death notices / etc. If you came up potentially dead, the company would attempt to contact you. Assuming you're dead, the messages would be sent out as requested. This is a great idea for people who have many online or non-local contacts, secret second families, etc.
Use a password vault, leave the password to the password vault in your will.
Next.
The Kruger Dunning explains most post on
I don't plan on leaving any survivors. I plan on taking everyone out in one fell swoop.
Im more concerned with the leaving my survivors with enough access to settle my accounts; I'm somewhat anal about this having seen relative's spouses go through weeks/months of discovering files and accounts and lots of pain when really they should just focus on their loss.
I keep track of my family finances (my wife really doesn't care so long as the bills are paid and I can tell her how much she can spend every month) in MS Money and various spreadsheets. They're all backed up and my wife knows where they are.
I have a spreadsheet that itemizes all accounts whether they are bank accounts, loan/mortgage accounts, credit cards, reward plan, frequent flier, utilities, bills etc. including:
account #, payment frequency, the login** for online access, and whether or not statements/news/notices are mailed, or emailed and to which of my accounts they are sent, and if a password reset/identity check security question is asked, what it is; ** my wife knows the passwords I rotate between for my online accounts, as well as the answers to the various securty questions; there's also a copy of this password list left with my parents should we both befall tragedy) This account list gets printed out every few months or when it changes and stored at the front of the filing cabinet for easy reference.
All of these files are backed up weekly, and every 6 months or so all of them are burned to DVD (along with all of our other personal docs, digital photos etc) and sent to one of our parents.
Neither of us have a will yet, but when we do, it will contain instructions on how to retreive these files and how all accounts should be settled (before the kids get their cut that is)
No, reelly I don't!
Incidentally, related questions have been the topic of previous "Ask Slashdot" stories:
What Does Your Dead Man's Switch Do
Your Digital Inheritance
What Happens To Your Data When You Die
I think the take-home message from most of those discussions is that you need to make preparations. Just like with everything else in your life, you should ideally keep things organized enough so that your survivors can deal with it, both in terms of wrapping up your estate, and keeping the things that matter. So this means keeping a list of passwords and encryption keys somewhere (e.g. in a safe deposit box), and even instructions about what to do with various accounts. Your data should also be organized so that your family can make copies of things like photos and find nostalgic things that you've written.
Another point to consider is the things that you don't want your survivors seeing. If you have any secrets you want to take to your grave, be sure to encrypt them. And for the sake of your children's sanity, hide your porn! (Or label it so they can avoid it!)
(1) Include your BIOS/OS login password is included in your will.
(2) write an email announcing your untimely demise in an email, and save the draft. (include all of your online buddies that you would want to know as a BCC)
(3) inform next-of-kin of this draft and you desire to have it sent.
I have used the 'net for many years (my first ICQ account started with a 2, and my /. account was 5 digits {but I forgot the password on that one}) and of all the 'social' sites that I visit I am most active on Slashdot. I doubt any of you would even notice if I just stopped posting one day.
I had a lot of Usenet contacts and IRC contacts over those years, the only ones that still 'matter' I have email addresses for.
"The price good men pay for indifference to public affairs is to be ruled by evil men." ~Plato (427-347 BC)
Sometimes is ok to just let the account expire.
If its someone important, they will find out your dead from loved ones or other connections. If its some random person you met on the internet, do they realy need to know? While social networking is all the buz, is that the best place to tell someone about a persons death?
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
so who cares?
Seriously, why do people care about things after they are dead. I mean the whole world might be a dream and when you die everything stops. Who gives a damn what happens after you are dead? You are not going to be there or then, so why care??
To your will (you do have a will, don't you?) attach a printed list of user id/passwords for websites, email accounts, etc. Update semi-annually. Also useful is a financial disclosure listing all of your bank accounts, utility accounts, mortgage information, credit cards, etc. Add a note with the location of your KeePass database (or equivalent), and the master password for it. File all of this (in paper and electronic form) in a very safe but accessible location - a home safe, a lawyer's office, a bank's trust office. DO NOT PUT IT IN YOUR SAFE DEPOSIT BOX. If you are deceased the bank is not supposed to grant access to anyone until your estate is in probate, which will be tough if your will's in the box.
The reason you need the lists in paper form is that you cannot be sure of the technical skill or emotional state of those who will be dealing with the aftermath of your death.
-- "Never underestimate the power of human stupidity." - R.A.H.
I recently read about justincaseidie.com, which offers a simple digital notification service. From their website:
Before we start the flames about Orson Scott Card -- in one of the Ender's Shadow books, one of the characters (not going to say which, for the obvious spoilers), was revealed to have a system where that if they didn't do something every day, it would e-mail a message.
This seems like a rather trivial thing -- you can store it PGP encrypted, and keep it updated as information changes, but only gets sent out when you don't do some specified task. Of course, if you ever go on vacation where you don't have internet access, it might trigger, so it may be that you need an alternate way to 'stall' it (eg, be able to a week or a month, or specify a set period in advance that you don't have to check in) ... you most likely wouldn't want to set it to a month by default, or there wouldn't be enough time for someone to notify people of the funeral.
For those of a more entrepreneurial bent, you could set up a server and offer this to people for a nominal fee. Of course, one network outage so no one could get in for a day or two, and the thing triggers, so make sure you're hosted at a site with a good record of uptime and offers SLAs. Maybe offer an alternate reporting method (eg, call a phone number, send a text message, etc.)
Build it, and they will come^Hplain.
It's true, some accounts you would probably just let die with you. But there are other things which are more important. I don't think I would have /. notified if I died, because I'm not important enough around here for anyone to care, but, you know, maybe if I was involved in an online gaming clan/guild, I might want them notified when I passed. Perhaps if I was the maintainer for an open source software program, it might be good to notify the users and/or upstream maintainers (e.g. if a Debian package maintainer died, it'd be nice for the Debian project to know so they can pick another maintainer). Maybe I maintain a server which is going to go down, the users of which should maybe be notified so that they can get off whatever stuff they need to.
Maybe an online friend entrusted me with an encrypted truecrypt file of stuff they wanted me to hold as 'off-site backup' for them, maybe my next of kin or estate executor should know about that, so they can notify the person who gave me the copy, so that they can either find someone else to hold backups for them, or if necessary, retrieve the backup from your next-of-kin/executor.
I don't plan on leaving any survivors. I plan on taking everyone out in one fell swoop.
[Insert joke here about tripping over one's shoelaces]
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
1. How do you intend to let the executors of your estate or family members know which online sites/people you'd like them to notify of your demise?
In your will.
2. How are you going to give access to the passwords, etc. needed to access those sites in a way that doesn't cause a security concern while you're still alive?
By leaving your will with your lawyer.
My former boss was killed by a drunk driver ( http://purdueexponent.org/?module=article&story_id=4009 )
how we solved this was he had a piece of paper with his passwords on it in his wallet. (he also had them somewhere else, not sure anymore).
what's weird is I still remember that Super-Bowl Sunday, and the fact that someone else just got killed not even a mile away from where it happened to him yesterday (same road: http://jconline.com/article/20081125/NEWS/811250336&referrer=FRONTPAGECAROUSEL )
Kill yourself in such a spectacular fashion that it will make the rounds on the net. Then anyone you would have wanted to inform about your demise would see the video, say "Oh, that's so you," and thus be informed.
Kwisatz Haderach
Sell the spice to CHOAM
This Mahdi took Shaddam's Throne
as you posted anonymously to avoid anyone hacking your accounts!
How much is your data worth? Back it up now.
When I played WoW, I had a lot of "friends" online. When I stopped, none of them really cared. When I came back, none of them really remembered me. When I stopped again, none of them really cared.
Sooner or later you will realize that most online "friends" aren't really that close.
I was given the job of recovering data on a PC whose owner had passed away. I booted up his machine which logged into AOL automatically where I was IM'd by a friend of his. Let's just say what I found on this guy's machine made me not want to touch he keyboard too long nor talk to his friends. I just told him that he passed away suddenly and I was asked by his brother to find any pics or data needed for his estate or as I like to call it, the truth. Thankfully nothing illegal was on the drive but I'm sure the deceased rather not have someone finding out what he was into in life.
....... Thus ends my attempt at wit or whatever
When I die, there will be no survivors left. The walking undead don't count and have no need for my data, they will have already eaten my brain.
The Vault-Tec Corporation will be providing them all with Pip-Boy 3000s. We were talking about surviving nuclear war, right?
You gotta find first gear in your giant robot car
Just put in my will: Please update my facebook status....question being, what would it say...? "Joe is wormfood, see ya soon".
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
I thought about this a couple of years ago when I had a health scare, this is what I came up with.
USB stick (or whatever it will be in x years) in a safe at home.
I have a paper will, with the usual stuff, plus an email address, and what to write in the subject and body.
The person that receives my will is instructed to email this address upon my death.
I have a rule on my mail account that matches the specified text in the email.
This email then triggers a whole load of actions:
Unsubscribes from mailing lists.
*Emails a personal message to people on my contact list.
*Sends an email with the relevant passwords to the relevant people.
*Sends an email with my finances, spreadsheets, important information to the sender.
*Sends an encrypted key to specified person which can access my harddisk.
*sends a list of things to shred!
This pretty much covers everything I need, including getting the relevant passwords to the right people, and auto emailing a personalised message to my contacts.
Signature v3.0, now with 42% less memory usage.
www.BeforeYouAreGone.com is a site for discussing the issues related to dealing with online "property" after your (or someone else's) passing. Not intended to provide all-in-one solutions, but provide awareness about this growing issue.
Old people have easy to guess passwords. /.ers deal with are their parents. /.ers will often already know their parents' passwords.
Typically, the old people
What makes you think you'll be any different when you're old? Those whippersnappers will have some newfangled gadget you won't understand, and they'll be using it on YOUR lawn.
In the case of unexpected death - who cares?
99.9% of people don't have anything important.
For the few that do, they have lawyers that can wrangle online accounts.
Encrypted data should be dealt with in the same way as always - keep a method to decrypt it, whether you're dead or not doesn't matter. Dead guys generally have thumbprints and retinas, but you might want to stick with the encrypted text file with the master password stored in your will, tattooed somewhere only the mortician will find, etc.
Or just use a sealed security envelope with a hard copy of passwords in a safe deposit box. Or that fancy spy flash paper that burns a few seconds after you remove it from it's case.
If it's of galactic importance, just stick it on Orion's belt.
I keep a large document of all my passwords to anything stored online. Hey, I couldn't remember them all anyway. That document is open-document-text password-encrypted. I haven't examined the security rating of that encryption, but the file is readily secured and readily decryptable by just about anyone who knows the password. My password changes, but always fits a certain encoding scheme that is a well-known standard. So I can tell someone, "Matthew 5" is my master password, and they could figure out the exact greek-to-english spelling necessary to be my password.
Basically, you have to trust someone with your passwords. its not like my dad is going to search my files. But if I were to pass suddenly, he would know how to access my passwords
And over there we have the labyrinth guards. One always lies, one always tells the truth, and one stabs people who ask t
I can't even think how long the list of possible 'failure points' to your system.
you go missing- airplane crash- fall under a road paver- into a wood chipper- vat of acid- really unlucky gun shot while you were holding out your hands begging for your life...
You have to be freaking kidding if that is your i'm dead- you are covered methodology.
it'd be like having your life insurance policy in your wallet at all times.
every day http://en.wikipedia.org/wiki/Special:Random
Please, stop drinking and driving!
Sure, the first guy was your boss, but what did the second person do to deserve your drunken rage?
I have the same setup Jason Wynn had in the movie adaptation of Spawn. Except, instead of releasing a deadly virus when my heart stops, it releases my usernames and passwords.
One of our competitors trademarked the term "hypothesis". From now on, we will call them "boneheaded ideas".
I'm sorry about your loss.
While a good suggestion in the cases where you know ahead of time that you'll soon be dead soon, it doesn't work.
It can be adapted easily to unforeseen death, though: hide a slip of paper with the instructions on them inside your computer, and put in your will a request that someone takes apart your computer and follows the instructions. Include instructions for doing so ;)
I was hired by a woman who ran a very small business out of her basement. Her son ran two servers for her, containing about 20 web sites, DNS, and email for the domains, among other things.
The son died suddenly, and took the passwords to the servers with him. She had no way to update anything on the servers, and no way to even log into them. After a few months she was getting desperate, and a friend of a friend connected us.
I managed to get into the servers after an hours work or so (the son used a previous girlfriend's name as the password, not a tough guess) and get her fixed up.
After I did that job, I wrote a huge list of all of my user ID's and passwords, and put them in my safe deposit box. You never know...
Is someone astroturfing for YouveBeenLeftBehind.com ?
Is /. trying to tell us something?
Having to work for a living is the root of all evil.
How about a nice video that Adrian Chen did for his own death:
http://vimeo.com/1417352
or else!
Get a tattoo of the encryption key to a document with all your passwords and instructions on informing your e-friends of your demise. Tattoo the encryption key somewhere on your body that nobody is likely to see while you are alive (or at least not often. Your big toe would work, or the inside of your butt crack).
Send everyone the document and tell them the encryption key can be found on your dead body, tattooed on the inside of your lip, on your heart, or wherever you decided.
or else!
Actually, the question should be: Does anyone really care you're dead? Answer that one first. It might save a lot of work on your initial question.
I assisted some ill and dying people manage finances in the past and am amazed at how many accounts people can have. So I went through 12 months of my statements and found I had over 40. About a dozen are associated with work because that it seems that every benefit and way of saving has its own account. Another dozen are for house-related stuff like utilities and insurances. And a bunch for investing. Congress has a very piecemeal tax system and you can get little bit here and there. If I had young children there'd be yet another pile of educational savings, care credits, etc. My estate is going be one big cesspool when I croak.
SOAP_BOX_ON- I think this mainly due to the way Congress buys votes. A little new benefit for this election, another for the next election, and they start adding up. I'd really prefer a simplified tax system with single tax-advantaged account for all encouraged financial activity. Several presidents have suggested this, but its too big of a change. -SOAP_BOX_OFF
Sign a power of attorney to give a person you trust access to your sites. This would of course require documenting those sites in a location that would be found by that person, presumably a will. Then this person you ave selected has the legal authority to be YOU. So choose wisely.
With respect to passwords, you can document them if you like, but I would presume that sites like Flickr would have a method of contact where by you could present the power of attorney and gain access your account.
Encrypt your passwords with a GPG secret key. Keep a copy of that key on your hard drive with a complex password that you can remember.
Make a copy of that secret key with a simpler password that all your friends will remember. Split it up into pieces. Put each piece on some fairly durable media and give that piece to a trusted friend, along with the password.
After that, whenever all of your trusted friends decide it's time to unlock your secrets, they can put their pieces together and recover your key. Since you're dead or incapacitated, they can then get to your computer and decrypt your password file.
I suppose that using a parity tool (e.g., "par2create"), you could even create some redundancy in those pieces and establish a quorum number. Your key could then be recovered if say, 5 of your 6 friends agree.
A wrapper could be written to handle the details of this.
My mate and my roommate each have instructions on how to find the piece of paper with the password and the decryption hint for my encrypted drive (the hint is "find a linux geek to help you"). On the drive is a will-like thing that I update whenever I'm feeling morbid or depressive.
The piece of paper is buried near a small town that's quite a ways from here, so I'm not worried about them going on an expedition prematurely (and I trust them :P).
There was a session at Defcon this year about using a "Death Envelope" to pass this information on. Their technique involved using a wax seal and a signet ring to make the envelope tamper evident. I guess giving someone passwords wouldn't be as bad if you knew that you could tell if they had gotten into them prematurely.
I'll be dead.
And if there's life after death, I can haunt the people I want to know I'm dead.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
> 2. How are you going to give access to the passwords, etc. needed to access those sites in a way that doesn't cause a security concern while you're still alive?
Write all Usernames and Passwords down on a sheet of paper and leave it on your desk. Then jump from a bridge or something. That way, you won't still be alive when there are any security concerns. You may want to think of a more elegant way of including passwords and stuff in a more classical suicide note first.
Set up a website with your living status - alive / dead. Set up a time-out, and once you don't update it for a while, people can assume you're dead.. At such event, you can email have automatic emails, flickr messages and what not..
I was recently faced with a variation on this theme. My sister passed away a few months ago. I was quite happy that she had maintained the same password for everything she had from age 8 onward. Digital security be damned. Tell all your friends all your access info... ...or write instructions in a will.
I've recently been here. It wasn't what you would normally expect either.
My step son died on February 10, 2008. He was 13. You can read about what happened here. It was natural, but totally unexpected. One minute, he's fine. The next, he's dead. It wasn't something with blame.
http://freeinternetpress.com/story.php?sid=15307
The school was great about notifying the student body, and all of his immediate friends were already told by us. I wanted to let his online friends know what happened. He played a few games online (ok, several), and had friends there. This was the hard part. His accounts were "hacked", because he had used simple passwords. I wanted to teach him everything I could, and part of that is network security. Use good passwords. Combinations of letters, numbers, and characters that make nonsensical words, but have meaning to him. He listened.
Some of the games, I was able to get in through cookies they had left behind that stored his passwords in plain text. Bad security, but helpful. Some at least gave me the userid's. I made a list of the sites he visited that were games, and all the usernames and passwords I could find. I got into most of them, but the one that he played the most I never managed to get into. I wrote to the administrator of the site, told them the situation, and asked for them for help notifying his online friends. I never received a response. They probably thought I was actually up to something bad.
For myself, I have a trusted friend who knows my passwords, and even the PIN's for my ATM cards. If the worst should happen, they can notify everyone I know via email (log in, send to all, big deal). That friend even has the passwords for my servers, so they can update my web sites to let people know what happened to me. My cell phone logs have everyone I talk to in the real world.
Myself, I don't expect a lot after I die. 3 people will show up to the funeral, if it doesn't impose on their schedule. My previously mentioned friend will pull my $200 life savings out of the bank, and share it with my friends. I've already asked my friends to drink heavily and be happy at my funeral. That is unless I'm in an alcohol involved car accident or something. Then it's just tasteless, unless they really want to. :)
Sadly enough, I've already given away the rest of my life, so I have nothing else worth having. Someone will want my car, but that's the last of my prized possessions.
Serious? Seriousness is well above my pay grade.
I put my will, all my cell phone numbers, and my email addresses/passwords and power of attorney, along with a copy of my keys in a sealed enevelope. My little brother has it on his shelf. I update it, one month before my brithday every year.
I'm posting anonymous for rather obvious reasons here. I can't remember all the sites where I have accounts much less what the user ID, password and associated e-mail address is. I might have been able to do it 10 years ago but there weren't nearly as many sites and, well, I was 10 years younger.
I currently have an index card box with alphabetical dividers. For every site there's an index card with my user ID, password and associated e-mail address. I need it on pretty much a weekly basis so I keep it nearby but out of sight.
When we go away for an extended period of time that box gets locked in the safe but overall it is kept out and used.
Honestly I think someone would much rather go for the entertainment center and computer itself if they're going to break in rather than the little odd box of index cards tucked into a desk drawer. So I'm not overly paranoid about it.
Making a note of this in our will and having it readily available means that whomever has the sad duty of notifying the various forums that I'm no longer among the living will have an easy time of it by just going through the box. Any potential monetary fraud isn't my concern any more because, well, I'm dead.
Remember that the person who might be doing this for you might not be really computer literate. A password protected file, etc. would be extremely confusing.
Now, this only works for me because I live in a house without roommates, children, snoopy friends, etc. If you're dealing with any or all of those then the USB drive with information is a good idea. But only if you keep it current and it isn't just as accessible as the box would be. Can you really see yourself going to the bank, getting the drive, updating the information, and going back to the bank every time you join a new site and/or change a password? You have to think of what's practical.
Wow. I'm a lot more wordy when I'm not 'me'.
C'mon, don't keep us guessing at the domain you chose :-)
Kind of a shame that pushingdaisies is taken, now, isn't it?
Is it just my observation, or are there way too many stupid people in the world?
Dear anonymous coward,
We regret to inform you, that VeNoM0619 has perished... in the real world. He has advised us in his will to inform his online accomplices of his early demise. Also, that 4 strength, 4 stam leather belt, is his, and will not be given away.
Hope this has brought nothing but sadness and unnecessary bad news to your once bright and cheery day,
Anonymous Family Member
Disclaimer: I am not god.
We may not be created equal
But we can be treated equal.
...of my speech, which starts, "I am not the real Dread Pirate Roberts...
This is all presuming that I can be killed! silly people always jumping to the conclusion that everyone is mortal..
... seems to work fine ...
A good friend of mine who died much too early last year had left all important passwords and stuff in a little book. Luckily, his next of kin let two of his friends on his computer to download unfinished work of his next book and other files that were of any value ... with the passwords in the book, they were able to access most of the stuff they needed, except for one crypted volume I guess will be safe forever (his relatives most likely erased all the drives afterwards)
Of course, whoever you expect to take care of that kind of unfinished business will need to know where to look ...
While social networking is all the buz, is that the best place to tell someone about a persons death?
Everyone is all about presentation when someone dies. While it's polite not to inject humor or sarcasm, ultimately is there really a _good_ way to find out someone is dead? I'm sure if the relationship is important the person finding out would attempt to verify via other means anyways.
And my captcha for this comment is, "cheerily."
When I die, I plan to have a bot that pretends to be me maintain communications with all the "internet randoms" I know. If the bot gives odd responses to their comments, they'll probably just assume I'm drunk.
sudo eat my shorts
that you should nuke the site from orbit, it's the only way to be sure.
Be careful how much trust you put in a fireproof safe. We used to store our backup tapes in one, until we discovered that fireproof only meant "won't get hot enough for spontaneous combustion of paper". In other words, the plastic casing on our tapes would have melted.
For the (more) paranoid, look up "Shamirs Secret Sharing Scheme." (apt-get install ssss)
It allows you to split up a "secret" into a number of "shadows." Then, only when X people get together, they can recover the secret. I've always meant to implement this where you can use ssss to split up a private key, then you can keep an-to-date list of certain passwords and email it out to them periodically. The burden isn't on them everytime you want to change a password, the private key will open the new file.
I'd like to pretty this up as a web app so people can handle this stuff automatically. The super-paranoid version is you can have 1 of the "shadows" only get released on a deadmans switch...
I have gone out of my way to make sure they will never have access to my accounts.
There are any number of options.
Low security
(1) Write down all of your passwords/accounts and seal them in an envelope with instructions on what to do with them. You can put this in a safe, a safety deposit box, or even leave it with your attorney/trusted friend/trustee/named executor.
Higher Security
(2) Encrypt your data. Put it in a secure location, like a safety deposit box. Give the password/cipher-key to the trusted person you want to take care of things, along with instructions on how to retrieve the information and what to do with it. When you die, they get the key to your safety deposit box, either from you, or your attorney/trustee.
Estate planning doesn't have to be difficult or complex. While I don't recommend it, you can create a simple revocable trust in a couple of paragraphs yourself that takes care of 99% of what you want to do.
Consult an attorney to find out what your options are - you don't have to spend a fortune.
A preposition is a terrible thing to end a sentence with.
Just take the recent example on Justin.tv as a template. It's the perfect way to let all of your (non-existent) friends know that you're a loser whose only value in life is posting stupid slashdot articles; and they're informed of your death in real-time.
Well, I was reluctant to try this, and I should have gone with my instincts. I've just come back from the grave, having tried the "post anonymously" checkbox posthumously, as you suggested. Still doesn't work.
Any other bright ideas? ;)
Our market surveys have shown that over 98% of internet users plan on dying some day. With the advent of rfid and local burst wireless technology, the time to move into the online death notification market is now. We project that by the year 2010, www.eAaaargh.com will have over 45% market penetration in the over 100 million seat worldwide electronic death notice industry. By logging in to www.eAaaargh.com, user's will be able to select several IMs, twitter accounts, and cell phone text recipients to receive notifications. When the bracelet worn by the host detects a lack of pulse, a wireless or G3 transmitter will send notification to a web service on www.eAaaargh.com which will then forward the text "Aaaargh!" to all recipients on the notification list. Our initial test market research shows that people are willing to spend up to 7.99 USD monthly for such a service, particularly in California where they can't afford housing anyway. With just 800,000 USD in startup capitol, we project that we could reach break even by mid Q3 2009.
Yes they do need to know.
Our guild lost a kid to leukemia and while never having met him in person, it was a nice gesture to inform us (his online friends) of his fate. Getting closure makes it a bit easier for those left behind.
Tattoo a username/password under your tongue that grants access to everything you want your trusted survivor to see. Inform them of the tattoo prior to your death.
Um, I know I for one know people online that I would consider friends. When you talk to someone on a daily basis for 8 years, you don't HAVE to meet them face to face to know you can trust them somewhat.
Course it helps when you do meet them face to face. Done that a few times with people I've met online. Not one has ended up creepy either.
Point is, if you grew up being "online" all the time and spent a lot of time on the 'Net, y ou probably have some friends you've never met that would like to know if you're gone. Possibly to attend the funeral, or just so they know what happened to you.
only the screenshots from sign-up pages are alphabetically organized and in a 3-ring binder. not on the monitor. that is customarily reserved, of course, for root.
if this is supposed to be a new economy, how come they still want my old fashioned money?
I don't need to worry about data access for my survivors.... ....because I have had good success in the furtherment of my plan to ensure that I will have no survivors.... ...none at all.....not even you....muhahahahahah!
for those Virtual People who you have Never actually met..... and you want them to know that you are dead....that's Google's job.
Tools / Password manager / Manage Stored Passwords / Show Passwords. Sorted. I trust my family not to screw with me.
Matt Yoder spoke at DEF CON 16 on this very problem, his talk was called "The Death Envelope: A Medieval Solution to a 21st Century Problem" His speech isn't on-line yet, but his presentation materials are here:
https://www.defcon.org/images/defcon-16/dc16-presentations/defcon-16-yoder.pdf
Here is what the talk was all about:
While many aftercare solutions and recommendations cover "average American" needs, none have tackled, full-on, the needs of the rapidly growing high tech segment of the population. As the amount of passwords and other secret "brainspace-only" information grows for many, many, individuals, it becomes obvious that a solution is needed for the dispensation of this information in the event of one's death or extreme disablement. It turns out that this solution may be the humble paper envelope.
This talk begins to examine an approach to handle this problem, offering many suggestions, from the extremely reliable low-tech end, through hybrid and high tech solutions to the problem. It covers, as well, recommendations for what to include in one's envelope, and how to ensure its safety, security, and integrity. It also discusses why a wax stamp, sealed by a signet ring, no less, may still offer the best envelope tamper detection that exists.
Just keeping any of that info in an envelope and leave it with your will at your solicitors?
I keep a black folder in my firesafe, it lists all my accounts (social, financial, other), passwords. I like the person that said they had a work folder, I think I'll have to make one of those, "What to do if I'm hit by a buss" lol.
Also, from personal experience, if you are the administrator or executor of estate, you can get access to any site, they generally take a fax copy of the death certificate and admin papers. There is also social hacking.
this is my sig, there are many like it, but this one is mine.
I se that piningforthefjords is one of the keywords for this article.
PINING for the FJORDS? What kind of talk is that?
You will find, once you brush your ego aside, that the amount of data associated with your life that's really important to anyone else after your death, might not even fill a small journal written longhand.
Leaving a password in my will is not going to work. I'd have to remember to change the will each tie I canged my password and I have many passwords.
The only practical thing is a paper list of people with contact information for each of them.
Quite frankly few of those people I correspond with via email on list servers would notice if I were gone. I'd only need to maintain a paper list with a couple dozen names on it from those few word would spread fast enough to those who need to know.
After he deletes and/or buries (hence the name) all your porn, he gives your loved ones the keys/authentication pairs/etc..
I am in college. A friend of mine died. Our primary means of contact was facebook. Her account became deactivated. I was not made aware of her death until months after by a mutual friend. You seem to be under the impression that internet social sites are superficial at best. I was greatly saddened by her passing. I wish I had known. By the time I found out it was innapropriate to give my regards. How would you resolve my issue?
In between my twice hourly Twitters, I Twitter "Still breathing" just to let all my friends know I'm okay. If I'm ever silent for twenty minutes I expect them to swarm my apartment and get all the good electronics before my body starts stinking up the place.
I plan to integrate my soul into the Cloud before my body ceases.
You pose a great question, and something I have started to think about. My ISP would let me pay a sum in advance and that could let my on-line presence persist for years.
I will say, though, that I have been more concerned about how to load up some mega iPod so I could watch favorite movies as I decay and listen to certain favorite songs in an endless loop.
Gericaching: http://www.lanalt.org/blog/index.php?entry=entry081126-035220
This is a silly question. Silly because it's been solved for centuries. You have two options.
First, assuming everyhting is accessible with your administrator login, simply put that tiny document of credentials in eskrow, along wiht your last will and testiment -- your lawyer keeps it, and reveals it upon yoru death. Simple.
Second, the dead-man switch. Every day, or week, push a button that says "Don't e-mail my credentials to my family.". If you don't push that button three weeks in a row, an e-mail is sent to your family with the credentials, and instructions.
There, done -- with century-old techniques. Many centuries actually.
Subby, if you die, it really isn't your problem anymore. Don't worry about it.
Its called a Lawyer, ask one.
- Michael T. Babcock (Yes, I blog)
I would do a setup where if I hadn't logon in every month or so, sends out an email to all my contacts and give whoever had local access all my passwords
This is not exactly on-topic. Please forgive me in advance.
My sister died two years ago, leaving behind a 12" aluminum Mac PowerBook running 10.4 Tiger.
When she died, one of the first things I did was to secure the computer. Fortunately, it was set to auto-log her in on startup, so we have access to her files, her contacts, her email, everything. We've made backups, and we really don't need the machine any more.
Except for one thing.
I tried to upgrade her system software. The computer requested her password, her account being the administrator. I made futile guesses. Then the computer gave me the password hint she left behind for herself. It made a reference significant to our family.
But hundreds more guesses proved fruitless. What did the hint mean? What more would we have learned about her if we knew the password?
This Slashdot discussion came years too late for my sister. She left behind everything except her ultimately unnecessary password. It no longer has a function except for its meaning (if any) to us. Her enigmatic password hint has become her dying words: our family's "Rosebud" saga.
None of us have the technical skill to know if it's even possible to crack the password file, let alone to do the cracking. Fearing ridicule, or accusations of ulterior motive, I post this anonymously, but if it means an answer I'll personally show up with the computer anywhere, to both prove my tale and protect what has become a family heirloom.
We believe that knowing the answer to her ultimate question would give us some more solace in her wake, perhaps tell a story for the ages. Hope demands that I must ask Slashdot for the technical advice that might solve an existential question:
Can we find out what her password was, and if so, how?
That posts to all the relevant forums, and then give instructions to have that executed after me.
I'm even considering to upload my entire movie and music collection somewhere with it, too, to give the RIAA and MPAA another dead guy to sue.
I'd suggest that some healthcare charity such as a cancer fund should host it and ask for a one-off donation to set up the arrangement. There are phishy and scammy and general security issues as well as various ways in which nominees could interact to think about - but generally this would be a useful and workable scheme.
If you do not trust your benificaries when you are alive, they should not be your benificaries when you are dead.
I could only come up with two solutions, but since one of them involves a lawyer, i'll go with the other one. Go to your bank and rent a safe box. in said box put a piece of paper with the user/password information of all web services you want your relatives to see (leave fetish sex sites aside). Once you are dead and they go to the bank to close your accounts, they will be informed of the existance of the box and will be given access to it. Piece of cake!
When my Karma level reaches 0 I feel in piece with the Universe
http://www.mydeathspace.com/ says "MyDeathSpace.com is an archival site, containing news articles, online obituaries, and other publicly available information. We have given you the opportunity to pay your respects and tributes to the recently deceased MySpace.com members via our comment system. Please be respectful." That may work for providing public notice. Lots of good suggestions already for the main question, how to inform executors or family of the passwords that they need without compromising security right now.
Although I was given "The Da Vinci Code" this was only after someone else had given me "The Va Dinci Cod" which makes it very difficult to take the former seriously!
...kill him and outsource his job.
A lot of what I am seeing in these replies is "tech" related. USB keys, secret codes, special software, etc. What do you do when the people around you are not as tech savvy as yourself?
I look at my situation. I have a few tech friends but none of whom I would trust with that kind of information. My wife, although not a dumbass, is not a super tech person and wouldn't have a clue how to "decrypt" files or anything like that.
For me, it's simply a matter of including information in my will about how to disconnect my websites, log on to social network sites and inform people, and where and how to access my data.
I'm not going to go out and rent a safety deposit box for the sole purpose of holding my passwords. My opinion, that's retarded. Who pays that kind of money out every month for something like that? If you do, I suspect it's paranoia. You need to be able to trust someone and in my case, I trust my wife.
No matter how fast computers get, you'll always be waiting - Matt Klem
Regularly email your encrypted password list to friends who would know how to decode it given the password. Then split up the password using Shamir's Secret Sharing Scheme (http://point-at-infinity.org/ssss/) into 10 shares requiring 5 to decode. Send these shares to 10 people you trust. 5 of them need to get together to determine your password.
... and your e-mail gets caught in the receipient's spam filters and never gets delivered.
Furthermore, you've tested it when the firewall prevents it from going out, but you haven't tested it "for real".
KISS. Just put the master password in the will.
That could be dangerous, because when the Will is probated, it becomes public record. All you need is one sleazy second cousin deciding to rack up charges at all your online merchant accounts before your representative has tracked down and notified all of your creditors of your death.
no one cares
Alcohol...
You should use my new social networking site
www.corpsebook.com
complete with muted music, sombre colours
and of course hookers and booze
I keep a wireless link between a heart monitor in my chest via RFID and a cell phone I had implanted in my chest years ago. This links over cellular networks to my computer which has a DOD 5220-22M grade wipe setup on my laptop's hard drive upon my heart stopping.
I dont want people to know ANYTHING! HA!
According to an expert I met at a con a few months back from my understanding a USB storage device must be power cycled every 1-3 years in order to retain it's memory. Apparently modern day flash memory degrades over time and if it doesn't get powered up yuo can start to have serious holes in your data.
Libertas in infinitum
They stopped printing either the date/time of funerals, or the address of the deceased because people would be robbed. It was like obituaries were publishing to the community when a house would be vacant and able to be jacked.
This same sort of publicizing someone's death on the Net could potentially lead to identity fraud.
Libertas in infinitum
So that explains all the canonical postings on slashdot!
-- Braden's law of data: All data spends some of its lifetime in an excel spreadsheet.
There are several companies that offer a service in this area. My favorite is virtualdeathllc.com. In the spirit of full disclosure, it's my favorite because I own it :-)
It's even more better than that. When you die simply add the Facebook group, "I'm Dead Now" to your profile. This automatically writes a tasteful and timely message to your Facebook wall, with obituary picture, and sends all of your personal information, including encrypted passwords, to each person in your address book, with viral instructions to forward to 10 additional people. This Facebook group also hosts chat rooms and threaded discussion groups, not unlike Slashdot, in which members can discuss the ins and outs of being dead, posthumous acknowledgements for any pre-publication papers you are sure will be regarded highly by your peers (even among those who hated your earlier works), and shopping ideas for those on the "other side". One current thread worth reading for those new to being dead is: "who's going to clean up your mess after you are gone, and how much should you tip them?" It's a great source of information for everyone is who is no longer quite all there.
There is a mechanism called a deathswitch that was invented precisely for this purpose. It's a computer program that automatically checks on you every, say, 2 weeks, and asks you to log in with a secure password. That's how you prove you're still alive. When you stop logging in, it assumes (after several more attempts) that you have passed away, and it sends out your pre-scripted emails/files/videos/etc.
Worry about strangers knowing when you die? Holy fuck Batman, someone loves stress don't they?
PS: After I'm dead, "fuck everyone"