Slashdot Mirror
Ask Slashdot: How Do You Securely Store Private Information For Posterity?
An anonymous reader writes "In the event of my untimely demise, my wife and family will need access to all of my private data (email, phone, laptop password, SSN, etc) and financial accounts and passwords (banks, 401(k), mortgage, insurance, etc). What's the best way to securely store all that data knowing the data is somewhat volatile (e.g. password changes) and also that someone else who is not technically savvy will need to access the most up to date version of it? Suggestions include a printed copy in a safe deposit box, an encrypted file, a secure server in the cloud, or maybe a commercial product."
you're dead
I like the encrypted file in the cloud idea, it also wouldn't hurt to have a USB stick + paper copy in a safe place.
Anything network accessible should be encrypted, but you don't want your password to expire with you - so the safely located copies should be plainly readable.
Safety deposit box is probably the only reasonable solution. A file stored in the cloud or on a hard drive is likely to get deleted or the service will die before you do. Any documents/passwords/items your family needs should be stored in a safety deposit box. If the data changes frequently and your family absolutely needs access to it, which is unlikely, then keep them written down in a safe at home and make sure your family has the combination.
Not even a year ago, almost the same thing.
http://ask.slashdot.org/story/11/11/01/1414234/ask-slashdot-how-to-securely-share-passwords
Wuala - http://wuala.com/
Like Dropbox, but with actual security - i.e, client side encryption. You can also share information with groups of others etc.
LastPass - http://lastpass.com/
Solves all password problems, and all you have to make sure is that the master password is accessible after your death. Like, in your will.
it's in my head
Encryption is when you want to keep people out. In the scenario you've outlined, you need to let people in, but only certain people. That screams physical security. Your online passwords and all that crap can all be bypassed by a court order, which would be issued to the executor of your estate, authorizing the holder(s) of your assets to grant access to them. You don't need to keep a record of your passwords anywhere... once you're dead, they can just reset them. The rest might have value to you, but it is unlikely to have value to anyone else. Nobody's going to care about your licensed copy of Microsoft Office, or need to decrypt your secret collection of porn, music, and videos.
This is not a technical problem. This is a legal problem. This is the wrong forum to answer those kind of questions. You need to make a list of what assets you want (it's called a will) to pass on, and then simply make sure those assets are accessible. Call the companies up that maintain your online stuff and ask them. You don't have to worry about banks, mortgages, or physical assets: That's the executor of estate's job to sort out. Your Will provides all the legal power necessary.
#fuckbeta #iamslashdot #dicemustdie
Set up a public/secret key pair and leave the secret key in a secure location. Every time you need to make an update to your private data, simply make an update note, encrypt the note with the public key, and store the encrypted note in a location that your heirs can access.
This is not one of those things you should disclose publicly to others.
there is also stuff that a Wills, trusts attorney needs to put in a legal document to cover your financial accounts.
Is it a good idea to leave your financial account password at a known place? A wife will get the husband's money anyway in several months after death.
But withdrawing money from husband's account after his death may look highly suspicious, especially if one is acquainted with real murder statistics.
The time of death is routinely recorded, and the time of money withdrawal too. An investigator will just have to look at the timing. It is simple to notice.
Let me expand that a bit.
If your family absolutely needs the information MAKE SURE IT IS IN A PHYSICAL FORMAT and stored in a secure location.
Electronic formats are not reliable enough for critical information. Particularly if your family members are not sufficiently tech savvy.
http://en.wikipedia.org/wiki/Steganography
I would encode all my valuable information in porn movies and there would be thousands of copys around the world.
If in Europe, you might prefer paper tape, but I doubt it.
PS Anyone got an open source program to print card images onto A4 paper? (readable by Lottery hardware)
Sent from my ASR33 using ASCII
Solutions like trucrypt are too fiddly, http://keepass.info/ is pretty good and portable - you can keep a copy of the app in Dropbox or google drive etc. you can also manage different sets of passwords in different files for work vs home etc.
Manage your online passwords with LastPass and generate an OTP to put in a safe deposit box and give the key to your attorney.
Cut out the safe deposit box for one less level of trust-noone and lower cost. Add safe deposit boxes in a chain to drive everybody crazy and increase the difficulty of compromise.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Set beneficiaries on your financial accounts (401k's, etc). I can envision all sorts of problems arising if the accounts are logged into and assets transfered out after your death.
For your laptop password, and the like, why not just keep a thumbdrive in a safe deposit box?
It might be worth mentioning that Banks will provide access to your Safe Deposit Box to law enforcement in various circumstances. I'm confident you can dig up news articles of consumer complaints that police accessed private SDBs with little (if any) proper process or authority. I've also come to understand that banks are required to turn over SDBs to the state in the event that the account holder dies so that the contained property can be included Probate into the estate for valuation and taxation purposes. If your credentials are in there it widens the scope of what can be seized for probate or snooped upon.
In the event of my untimely demise, my wife and family will need access to all of my private data (email, phone, laptop password, SSN, etc) and financial accounts and passwords (banks, 401(k), mortgage, insurance, etc).
I solved this problem by putting my wife on the account - either a beneficiary or as joint tenant. - no need for passwords or knowing secret codes or whatever.
This isn't a technology problem, this is really a legal problem - a very basic one.
Fujitsu ScanSnap 1500(M)
1Password (or equivalent)
Scan important documents and shred or hide the originals if necessary. Store all passwords in 1Password and give the master unlock key to couple of your friends.
Encrypt, zip and put it on cloud storage. Setup a calendar repeating event (or a chron script) that checks if you're alive every 6 months. Point that to a file called IF_DEAD_PLEASE_READ_ME.TXT for instructions.
You could do this in 1 afternoon.
Easy, just write them on post-its and attach it to your monitor at work. It's the most secure location there is.
Looking for a computer support specialist for your small business? Check out
Use something like SplashID for storing all your info, it has mobile and desktop apps, back the desktop to Dropbox or some other service you are comfortable with.
Leave your SplashID password (and either Dropbox, phone or computer login info) in a safety deposit box, safe or other trusted source.
If you die, your wife will go through the appropriate channels with the lawyers, etc to get access to your money. You don't need to give her the account password. It will take time, but you want the process of declaring you dead and transferring you assets to be hard.
If you don't trust her with the bank account password, why are you going to trust her with access to a safe-deposit box or safe containing the password?
If you have personal information on your laptop that you do not want you wife to know now, why do you want her to know it after you are dead?
Amazon has nice, tiny, leather-bound notebooks that make what you are doing seem at least ceremonial. I went through all my files and keychains and wrote everything down with a nice fountain pen and handed it off to my adult son for his fire safe. It's a good feeling.
He is also instructed to delete all my MILF pron.
...it's that your valuable information should be transcribed onto a special medallion, which is then quartered with each quarter piece buried in a deadly dungeon in a far flung corner of the land. That's what passed for "Cloud" storage in my day. (yes yes I know.)
My route:
important documents and long term secrets (including pw to encrypted disk and instructions) in safety deposit box;
more volatile secured data on the encrypted disk -virtual disk- along with frequently needed secrets;
strong password securing disk;
backup the disk regularly.
I think the information your should be looking at storing are what blood type, what you taste like, what other foods go well with you. Posterity is a word best used for people who care about the future of others. This doesn't exist at this time.
I put everything on megaupload
It's very common for people to die without leaving this information behind, and there are methods in place to handle it. There is some security risk in having to modify the "private data stash" every time you change a password, account information, etc. Instead, it might be better to list the accounts, etc., and leave instructions on how to access them after your death or incapacitation, without the passwords. Since proof will be required for this type of access, your "private data stash" won't have to be so secret and you can eliminate a security risk.
Allowing access only to your heirs, and only when you're dead is impossible unless you've got *lots* of money. After 9/11 and the destruction of Swiss banking secrecyt, it's probably impossible.
But you don't have that much money.
So, since as others have mentioned, law enforcement can get your stuff if they really, really want it, all you can reasonably hope for is to make your documents tamper obvious
Thus...
So, if someone tries to steam open the envelope and then reseal it, you'll notice since they won't be able to exactly line up the two halves of the envelope and thus your signature will be misaligned.
(This is a variation on the old displaced strand of hair trick.)
"I don't know, therefore Aliens" Wafflebox1
Preferably in at least two locations. You can keep a convenience "master" copy in digital, encrypted format to update the physical copies.
Give the family the combination, and rest secure that even if they lose it the safe can still be cracked easily and relatively inexpensively if necessary. The same cannot be said for a well encrypted file.
Seriously.
I've used RoboForm [ http://www.roboform.com/ ] for many years. It lets me choose my encryption algorithm (Blowfish, AES, 3DES, etc). I can save links, notes, contacts or personal data. It can fill in web forms for me using artificial intelligence, auto log me in to programs or webpages, it can store my stuff encrypted in the cloud or keep it in a folder, if using the cloud can sync all my computers and my cell phone (all that functionality is on my phone too), has anti-keylogger protection, auto generate passwords, supports finger print readers, and has a nice interface with full search. I highly recommend it and in no way, shape, or form am I connected with that company in any way. I'm just a regular user who has turned on many friends to it. The downside... it's not free and has a yearly cost but it's rather inexpensive (around $10).
I suggest keepass http://keepass.info/. Just be sure somebody knows the password. I usually keep multiple copies, like on my phone or usb. Just be sure where it's kept is accessible. Ohh yea, you will have to trust someone with some sort of password.
If you don't trust anybody your screwed and they will have to fight for all that info through the courts.
As others have written, put as much as possible onto paper, and put this in a safe-deposit box at the same bank you have your standard accounts at. Best is if your wife is used to accessing it - perhaps she also has some things that she needs to store there? Alternative to the safe-deposit box is a safe or at least a secure lockbox somewhere in your house.
For stuff that is online, or in electronic form, ignore the folks who say that a lawyer will be able to arrange access. What an expensive PITA! Use a password safe - keep all of your important passwords in it. One of the pieces of paper in the safe-deposit box should (1) state what online things may be important, (2) explain where to find the password safe and (3) list the master password. Never, ever change the password without immediately updating this paper.
Enjoy life! This is not a dress rehearsal.
I've used KeePass for a while now, and it works perfectly. Since I love & trust my wife--and live in a community property State--we just both keep all our PWs co-mingled. It's really very handy.
http://keepass.info/
In the event of my untimely demise,
Untimely? As opposed to timely? I am pretty sure when I die, it will be untimely from my point of view whenever it happens.
HA! I just wasted some of your bandwidth with a frivolous sig!
write it on paper and store it in a fire-proof safe in your house
Get someone you trust who is tech-savvy and hand him a list of where everything can be found. No passwords, keep those on a piece of paper in a safe, or a locked box somewhere in your house (fireproof would be good).
Your grieving non-geek relatives will not only not bother hacking your passwords, their primary problem will be that they won't even know where to look for stuff. I know I listed all my savings accounts and such because should something happen to me, those left would simply never think about some of the non-obvious ones.
Assorted stuff I do sometimes: Lemuria.org
Didn't notice if this was mentioned or not, but there are some commercial solutions like deathswitch.com
They fire off emails to you on a schedule. If you fail to respond, then they suspect maybe you are pushing up daisies... other fail-safes kick in (they check with a designated friend, etc.). If you are, indeed gone, then they spew whatever you want to whomever you designate. You can even program in a follow up or two for later. A year after you are dead, a nice parting practical joke, eh?
David Whatley
Absolutely none of this information is un-obtainable by your survivors, anyway. Passwords can be reset, most companies have policies and procedures to grant next-of-kin to access / take ownership of your assets after your death - they will typically have to provide a death certificate and a written request, and SOMETIMES it'll require a court order, but all of that stuff... people will get access to if they need it.
Now that we're clear on that, and understand that your heirs will have access to the stuff they need, we can think about how to make it *easy* for them in their time of bereavement.
1) Update your will. Don't have one? Go create one, even a basic one at something like LegalZoom, or your local $30 an hour law school grad. Just make sure it's legally binding in your state. Review it at least once a year, or "on major life changes" - buy a house, have a baby, get a divorce, start a corporation, etc. etc. etc.
2) Compile a list of all financial accounts you have: holding institution, account numbers, login ids, passwords, pins, current balance / liability / holdings;
3) Compile a list of all major / important services you use - account names and passwords for... email providers, facebook, etc. etc. - anything you consider "important" for your survivors to have access to.
Create at least 2 printouts of 1, 2, and 3 above. One goes in a safe deposit box at your bank. Update your will to mention safe deposit box and the fact that these documents are stored there. The other goes in a locked fireproof safe / box in your home. Make sure you and your spouse both have keys, and put a third key in your safe deposit box. If you have someone else (friend, family member, lawyer, etc.) who you can absolutely, without-fail trust, consider asking them to store a third copy of these documents for you.
Now, as far as tech solutions to managing some of this:
1Password is my choice for electronic management of account info - encrypted, available on all devices via dropbox sync;
Quicken is how I manage my day-to-day financial accounts - all my holdings are detailed there, and I also sync that file via dropbox;
LegalZoom is what I used to whip up a quick Will for myself, basically saying "all my shit goes to my wife." I haven't yet reviewed it with a lawyer, because we're newly married and don't have kids or any major assets - renters right now. But I expect in the next year or two, I'll sit down and make a phone call to a local lawyer to actually set up a real will that will cover my situation in a more custom fashion.
My wife knows my 1Password master password and I know hers, though we each have our own password store on our own computers. I trust her, she trusts me... your mileage may vary on that score - don't share it, just write it down and safe deposit it if you don't trust your lady.
They're also written down in the packet of information in the safe deposit box.
All the quicken account info is also written down and stored in safe deposit, along with the will, and two keys:
-- to the small lockable fireproof/waterproof box (SentrySafe brand, fwiw - cost about $50, iirc) which sits on top of...
-- the small lockable metal filing cabinet next to my desk.
I keep "important stuff" (passports, a handful of "can't lose these original photos", marriage certificate, car titles, birth certificates, insurance info, important medical records etc. etc.) in the fireproof box, and "less-important but still confidential" stuff (last year of account statements for each account, last 10 years of tax returns, paycheck stubs, service contracts, etc. etc.) in the cabinet, both of which sit in our locked and security-system'ed apartment.
We review things once every six months (generally around tax time, when we're going through a lot of this crap anyway, and again towards the end of the year when we get benefit open enrollment at work, as again, it's a useful prompt to say, "did we need to change our insurance or health care plans or blah blah blah?"), and I'm
My way is getting the info into an /. article.
After that, the editors will take care that it is periodically available again as if it was a new article.
Why can't
a few flash cards with the copies of necessary documents in them strategically placed in a bank deposit box or a safe place at home and a copy in another location.
You can't handle the truth.
... why not actually, you know, involve your wife in your family's finances while you are still alive?!?
Don't get me wrong, I believe that a healthy relationship includes privacy. I wouldn't share my personal email password with my spouse, etc.
However, your 401k and mortgage? That stuff involves marital property... why doesn't she already know where the accounts are and how to access them? Of course this is Slashdot, so I could make a ton of jokes about male and female relationships (do you really have a wife?). Regardless, it just strikes me as bizarre that someone's spouse would have no idea how to check the family's mortgage and retirement accounts. Even if you could ensure that she had the usernames and passwords after your death, do you really want her having to figure it all out from square one under those circumstances?
Of course, you also have to provide for the scenario of you and your wife dying at the same time (e.g. car accident). This is why you should have a will drafted, and an executor who knows where the accounts are. Usernames and passwords are pretty moot in that case anyway, the executor will need a death certificate to start the legal process.
Firstly, as others have pointed out, it is a physical security problem - which may be further divided into two more parts: location and durability.
It's hard to beat a lawyer's office for location - a bank safety deposit box is good, but much more open to the government and other powers-that-be. If there's even the slightest hint you may have any government beefs at all, I'd go with a well-established law firm.
For durability, humans haven't invented an information-storing medium more durable and accurate than the vinyl record - not since we chiseled shit on stone, anyway. ...so - a custom cut LP in a lawyers office is the ideal solution for non-digital storage. This also has the added benefit of having your loved ones hear your voice after the end. It doesn't have to be just an endless droning recitation of passwords. [n.b.: important accounts should have two passwords - one that is never, ever used and so immune to keyloggers, etc. during your life. this will avoid the problem of recording something that may be out of date when you tap.]
But SECONDLY, if a digital solution is required, *digital* durability and longevity is the main issue.
I would propose that there is no more digitally secure medium anywhere on any network that is more durable, more immune to alteration, and less dependent on any one provider (or group of providers) than the Bitcoin blockchain.
The blockchain exists on on hundreds of thousands of computers around the world, and it is on every one of them with *exactly* the same information. I don't believe there is anything on the internet that could be seen as more durable or more 'immortal' than the bitcoin blockchain. It is possible to insert a short message into any bitcoin transaction - there's an app for that. A short list of passwords and how to use them could be encrypted, broken up into the requisite number of transactions, and placed into the blockchain - with the password and decryption instructions passed on through a lawyer, or given to all of your heirs and assignees through your most trusted relative/loved one.
Ain't that stuff handy?
I'm the CTO for Yet Another Cloud Service, but this one may be of interest to the tin-foil-hat crowd (of which I consider myself a member). The service is Cloudfeet (www.cloudfeet.com) and one of its genesis use cases is exactly this. I'm a patent attorney, and my business partner is an estate planning lawyer.
There are a few services out there (www.mywebwill.com, www.legacylocker.com) that purport to be suitable for this application, but there are several problems with them. Principally, they're not hooked into the legal estate/probate mechanisms of any particular state, so you have little assurance that what you want to happen after you die, actually will happen.
Another problem is the tin-foil-hat part: if you don't have the encryption keys to your data, then you don't have any control over the data, or any reason for confidence in its security.
Cloudfeet uses client-side encryption, but with a (patent-pending) twist: you keep your RSA key, but the private key is encrypted using a key that Cloudfeet holds. Cloudfeet will send that key to you if you're able to complete the two-factor authentication process. Thereafter, it's a fairly straightforward implementation: you decrypt your private RSA key, then use that to decrypt individual document keys, then use those to decrypt documents.
Since Cloudfeet doesn't have your (encrypted) RSA key, we can't snoop on your documents or deliver them to the FBI in response to a National Security Letter. However, since your private key is encrypted using a key that Cloudfeet has, you don't have to be especially careful with it (although, of course, you should treat any encryption key carefully). For an attacker (or LEO) to read your documents, they have to get both your encrypted private key (over which you have exclusive control) and the key-encryption key (which Cloudfeet maintains).
Getting back to the main topic, digital asset estate planning, our system is designed to fit into ordinary probate proceedings. The canonical case for that is:
* Your estate planning lawyer sets up an account for you, with two-factor authentication & all.
* Your encrypted RSA key is printed as a QR code, which is affixed to your will and other important docs.
* You can store whatever digital information you want to preserve (e.g., passwords) in your Cloudfeet account.
* When you die, your executor can obtain your encrypted RSA key from your will, and Cloudfeet will provide the encryption key in response to your executor's request, supported by the court order appointing him to administer your estate.
* With the encrypted RSA key and the encryption key, he can access your saved passwords and carry out the instructions in your will.
More info at www.cloudfeet.com, or contact info@cloudfeet.com.
Be careful. Once you join the choir invisible anything in your name will be subject to potential access restrictions.
That includes a safe deposit box that is in your name.
http://www.finweb.com/banking-credit/accessing-deceased-s-safe-deposit-box.html
Bank accounts will potentially have restrictions as well. Be sure these have appropriate beneficiaries set up so your heirs have access without the long delays and legal folderall associated with probate.
Because electronic media is more sensitive to heat and humidity than paper, media safes are constructed differently and insulated more heavily than those designed to protect paper.
Media safes are rated using the same hourly classes as those designed for paper except they are tested to maintain a temperature of 125 degrees F or less compared to a fire resistant safe which is tested to maintain a temperature of 350 degrees F or less.
There is a lot to be said for doing what people expect: keeping paper copies of your essential records in a safety deposit box which your next of kin can access without a hassle.
You digital records should quite safe in their Mormon vault in Utah and the limestone cavern in the Appalachians.
That doesn't mean you family will remember how to link to them --- or even be able to link to them --- when they are most needed.
Carving them into clay tablets in some Ancient language. Multiple Ancient languages would be prudent for redundancy.
Seriously ... what are you trying to protect? Who are you trying to protect it from? And how much is it worth for them to crack it?
... except for Bill Gates (who has plenty of advisors for this) ... you're not special. None of us are.
... make sure everyone knows which firm you chose. ... it's harder for someone new to find it all, even given the few years it will take to clean up your estate.
More likely, you're trying to make sure the important information is available to a competent executor, and if it's not immediately available, it's in a form the executor can get it indirectly. You can assume the availability of friendly experts (including lawyers and application users), even if for a price.
If you're worried about someone digging up your treasure and walking away with it, don't
Here are the steps I follow:
1) Have a competent legal firm draw up estate documents and leave custody of the documents with them
2) Have a copy of the documents in the hands of the executor and family members. You can seal them, but make sure you have an executor who knows how to open and close accounts, pay bills, understand stock dividends, selling houses and cars, can talk to lawyers, and can get expert help when he/she needs it.
3) Get a program like WillMaker to help you document your assets and wishes (even if you use a lawyer to draw up the real documents).
4) As a matter of hygiene, don't be switching your money between custodians and accounts very often
And do all of the above every few years as circumstances change.
Stability and predictability are your friends.
There's a plain looking red notebook in my desk drawer. The first five pages are blank. I've written down username/passwords and account numbers for everything. I've told her it's there and I keep it updated. I don't pretend the information is at risk from a meth-induced burglar. The FBI is not coming knocking. I have not discovered a secret to the universe. My method is simple and immediately available to my wife or daughter if it's needed.
"In the event of my untimely demise, my wife and family will need access to all of my private data (email, phone, laptop password, SSN, etc) and financial accounts and passwords (banks, 401(k), mortgage, insurance, etc). What's the best way to securely store all that data knowing the data is somewhat volatile (e.g. password changes) and also that someone else who is not technically savvy will need to access the most up to date version of it? Suggestions include a printed copy in a safe deposit box, an encrypted file, a secure server in the cloud, or maybe a commercial product."
Your wife and family will NOT need access to all your private data after your demise. You're mistaken. Anything your wife should have access to after you die she should have access to BEFORE you die. If you are keeping something from her, the first and biggest question is "WHY?!?" If you have an e-mail account, for instance, that you are deliberately keeping her from knowing about, that you use to arrange trysts with other ladies, etc., either stop it, or have the balls to tell her what she deserves to know before you contract a fatal case of KILLED BY ANGRY HUSBAND of the woman you're fooling around with. The last thing she's going to want, amidst funeral arrangements, fighting with your insurance company over whether or not your death could have fallen under the "we don't cover that" clause of your agreement, is to find out you were carrying on affairs behind her back, or telling all your friends about how she cries during sex...
Again, if you're married and have no secrets from each other, (that is, you're relationship is healthy and doesn't have that form of malignant cancer called "hiding things",) she should already have all that information. As for financial accounts, she should have HER OWN LOGIN for that stuff. If you're married, and your financial institution doesn't support that, find a new one that doesn't have it's head up its ass. For legal reasons, they HAVE to be able to know WHICH holder of an account logged in and made changes, etc. May I recommend USAA, which grants members who are married individual Member Numbers, each with its own login credentials, even when both members have access to joint accounts. If you're concerned about going that route, in the event of divorce, you have bigger problems. Also, I got divorced, and USAA (not that I'm a shill for them, they're just the only bank I'll deal with anymore, all my other dealings are with Credit Unions...) was very good about removing HER access from MY accounts. (I opened them...) so she can't access my information, etc. anymore, even knowing as she does my full legal name, my date and place of birth, my social security number, etc. (I was in the military, she HAD to know... they require "sponsor's SSN" for EVERYTHING.)
So just to recap, she should have her own logins for anything involving money, real estate, etc. For devices, keep a master list in a safe somewhere, or just do what everyone else does, use the same one password for everything. Sure it's shitty security, and begging to be hurt, but if you're that worried about it.. realistically, every device you have can be reset from without, by the appropriate person. Your phone, for instance. She takes a notorized copy of your death-certificate, and marriage certificate, and the phone to the phone company's nearest corporate store, and tells them "My husband died. Here's proof. Here's proof he was my husband. Unlock this phone." I'm pretty sure they'll do it. They'll have to call the regional manager, but they'll do it.
As for your laptop, there are procedures for voiding the BIOS passwords, I remember an old Toshiba laptop of mine had the bizarre instruction to use a bridge, (or paperclip) to connect pin 17 and 5 of the 20 pin LPT1 port, or whatever it was, I may have the pin numbers wrong, but it was essentially like that. (This was back when laptops had printer ports!) Hold the power button for 12 seconds... I was shocked to see that it worke
Once you kick that bucket any accounts in your name only will be frozen until probate is resolved. Attempts to access these accounts are criminal acts.
Safe deposit boxes in your name only ditto. You must have court assignment as executor to get into the box. It takes time to get that and if you don't have a will the court may appoint an executor.
To avoid this you want to set up joint accounts and beneficiaries on the accounts so that these accounts will automatically be transferred to the people you want them to go to without the probate wait.
You do want to have a list of account numbers somewhere - ideally that would be in the hands of a trusted person who is named in your will as executor.
Also you might want to get rid of any email delivery of account balances info you have. That mail delivery of information post demise can provide valuable information as the the existence and status of the account to your survivors.
Also you want real estate papers somewhere accessible for possible sale of property by the executor.
First, leave with an attorney (but verify that the information can be protected by attorney-client privilege).
Second, store in an unencrypted flash RAID array. Bust up the array per secret sharing mentioned above. Non-tech family has the lawyer; techies can get further details via the flash RAID.
The biggest thing I fear is that as I age I will lose the mental capability to manage my finances well enough to insure that my family will be able to continue without hardship.
My father was a brilliant man as an adult, a top scientist, but the last couple of years he definitely had dementia - and it showed in his accounts that I ended up dealing with as executor.
It didn't end up causing any problems for his family because we were able to pool resources to get through the couple of years it took to straighten things out. But it could have.
So I would worry at least as much about what will happen if you go into a long slow decline as what will happen if you were to just drop dead.
That problem was solved a while back by the Swiss company SecureSafe. You can store passwords and files there, and it (a) delivers a recovery mechanism in case you blank out on the password and (b) a data inheritance mechanism where someone can get access to your data by means of a separate mechanism - with a timer.
The idea is that 3rd party access by a party you designated should be because something happened to you, so the first thing that happens when someone starts the 3rd party process is a timeout period (which you set yourself) is that the company will fire off a warning to all contact methods it has on file for you, so you can stop this access.
If they don't hear from you and the time expires, access will be granted.
I think it's a good system, and it is hosted in Switzerland under conditions compliant with their banking law.
Insert
Simple as that.
It's a bit inconvenient, but those suckers last for centuries.
Vote monkeys into Congress. They are cheaper and more trustworthy.
People have been dealing with inheriting important things (money, property, etc.) for thousands of years without the need for computers. They have ways of handling those things without needing the deceased's passwords. The rest of it (emails, online accounts, etc.) is just not that important.
My wife and I have a 10MB TrueCrypt vault containing a text file with a list of all our online service passwords.
It has grown over time to be a list of all kinds of access keys, secret stuff and routing information. It's shared in a commercial cloud drive, which allows us to get it from anywhere, but only decrypt via TrueCrypt + a nice long key. This is a convenience thing, but would solve OP's legacy question by keeping the encryption key on paper with your will, and instructions on where to find the vault. Unlike storing actual accounts/passwords with the will, your vault will be up to date.
We used to do this on paper but password resets and account sprawl kept the data evolving till a softcopy was easier to keep up to date. I worried a little about fire, or losing the notebook.
I'm going home to my parents on holiday and I want to put my full disk encryption password at their house. The data isn't super-valuable if I'm dead, but if I suffer some specific memory loss I want to be able to access my computer. I've been thinking about this, but the only thing I can come up with is to put the full password somewhere safe in their house (I'm also doing off-site backups with a different password). If the password is used exclusively for gaining access to the computers when I'm physically in front of them, it's a form of 2-factor authentication, because it requires both the password (something you know or "something someone else has") and the device (something you have).
This isn't the same problem as the original poster has, but I consider the storage to be the simple part: put it on your computer, and use full disk encryption for the computer (I only encrypt /home and swap, but usually it's easier and more secure to encrypt everything). Use a password manager for web/online passwords (I use SuperGenPass, which isn't a password manager, it's a password generator, but it works similarly). You can store the master password on the computer, but you should probably keep it separately. Then you're left with the hard part; giving someone access to your encryption password and master password. I opt for the simple "put it in a safe place, make sure it isn't used for multiple purposes". User Nightshade posted a link above to http://en.wikipedia.org/wiki/Secret_sharing , which could give a more secure password storage, requiring more than one person to conspire to get your password. I think this would be too much of a headache for my family or myself after a memory loss.
Any information which is useful will be copied over (ie, remembered) or most likely rediscovered. Any information which isn't useful is clutter.
Any guest worker system is indistinguishable from indentured servitude.
I've also come to understand that banks are required to turn over SDBs to the state in the event that the account holder dies so that the contained property can be included Probate into the estate for valuation and taxation purposes.
Accessing the deceased's safe deposit box isn't as straight forward as you have imagined. According to several articles on the web (which aligns with my personal experience) - my notes are in brackets:
In order to gain access to a deceased safe deposit box, a person will need to present a death certificate along with an executor's testament. [ This means *after* probate. ] The forms are required to prove legal rights to the box. [ Determined *during* probate. ] Also, be prepared to provide a copy of the rental agreement [ if bank policy ] and photo identification.
In some states, if the spouse of the deceased is alive, he or she may go to the banking facility where the box is located and get unrestricted access, provided they are able to present a death certificate. A marriage certificate may also be required.
The easiest way to ensure access to a safe deposit box after death is to have more than one person registered for the box.
It must have been something you assimilated. . . .
I wrap it in bacon, shove it up your ass, and shit on your family members.
i have a red thumb drive in my desk drawer that has written on it, IN CASE OF DEATH. It has a flat text file I update every 3 months that has all the information they need. plus it has photos of safety deposit keys so they can be replicated if not found. Plus a copy of my will in two forms. regular and as images showing my signature.
Wife knows where it is, once a year a copy is made and placed in the fire safe. Daughter knows as well. No releasing the info here is not a problem. none of you know where I live let alone what province or country. and none of you can get past the security system or the combination on the drawer (It's not 12345) Nor would you know what desk I am talking about, and if it actually has drawers or a secret compartment that if opened wrong fires a 10 gauge sawed off shotgun at your groin.
Oh watch out for the spike traps and snake pit.
Do not look at laser with remaining good eye.
Carve it into granite.
" As for financial accounts, she should have HER OWN LOGIN for that stuff."
So I need to sue Chase bank for not allowing multiple accounts to access the same financial accounts.
Sounds like you dont know about that witch you talk about. Most banks have one login, and sucks to be you if you want two.
Same as my scotttrade account.
Do not look at laser with remaining good eye.
(This is a variation on the old displaced strand of hair trick.)
Why I am I reminded of an old Bugs Bunny cartoon?
The hair trick works because the strand is damn near invisible.
The envelope you describe screams "Secrets In Here!" so loud that it can be heard from six blocks away.
Your safety deposit box will be sealed by the bank when they learn of your death. Your family will not be able to access it until after the probate process completes, which can take months. The only way to avoid this is to have your relatives empty your SDB *before* the bank learns of your demise. And be aware: they scan the local death notices every day.
In my experience, a Safety deposit box is a bad idea, at least if that's the only place you've stored things. Depending on the laws where you're located, as soon as a bank is notified of a death, the Safety deposit box is sealed. The box can be searched, if a will if found, it is sent to the court (not given to the family). Any other items can only be released via probate court order, which could take weeks or months. You may be able to work around limitations by having other names on the box, but the last thing you want to do in the aftermath of such an event is to dance around some banks procedures. Safety deposit boxes have significant legal encumbrances, give your loved ones a less difficult means to access your data.
Dropbox and Keepass. My wife already has access to both
For documents I use a File server which I have taught her to use. The file server is running mirrored disks and Carbonite. Documents of a sensitive nature are placed in a TrueCrypt vault which is also backed up via Carbonite. The only caveat I've found is that I have to restart TrueCrypt daily (via a scheduled batch script) in order for Carbonite to see that the TrueCrypt volume has changed and needs to be backed up again.
Like most geeks, you do not know how to approach a problem that involves others. Your death is not your problem, it is your family's problem. Give it to them to figure out. Your problem is about their deaths. What are you going to do if your wife dies, besides grieve? Hard to face and hard to solve, eh?
Of course the counterpoint to this question is how to keep my wife from seeing all my p0rn when I die? I'd just hate to delete it myself too soon.... lol
My capcha "imminent"
I have a USB thumb drive, with an encrypted file on it.
There is a readme file also, in the readme is a list of 8 personal questions. Only my wife could answer all of them.
The answers to those questions is the passphrase to the encrypted file.
In hexadecimal. Wife won't get it, but someone important will after your death.
I kid! Sort of...
With the first link, the chain is forged.
Have the information engraved onto stainless steel plates, which you then store in a safety deposit box. Permanent storage medium, fire-proof, tamper-proof, and stored in a secure location. If someone wanted to destroy them, they'd have to go to quite a bit of trouble to do so.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Here's the approach we find useful. Nothing, absolutely nothing, is backed up at work. Anything that is on the employer's systems belongs to that employer(s). Getting out of the buildings with anything other than the clothes on your back and the ID in your wallet might be difficult. We've all heard the horror stories about step-away-from-the-keyboard-we'll-ship-you-your-stuff.
First, I trust my spouse completely; if you cannot or do not trust your spouse, you must use some other means, probably the safe deposit box and a separate, corporate executor for your will and estate, plus a hammer-down for anything truly interesting.
I keep an encrypted volume on my (and spouse's) machine, backed up weekly, from my machine to spouse's, using TrueCrypt. One of the files in that encrypted volume is my passwords -- (nearly) all of them. The ones that I do not back up are the accounts where I work, since they'd freeze the accounts and information anyway (or delete them, which is their problem). The encrypted volume keeps "casual" eyes out (e.g. children, TSA, other strangers).
I regularly take a copy of that encrypted volume on a removable media to our safe deposit box, which spouse also can access, and has a key to. That prevents the safe deposit box from being frozen while the courts unwind at great cost to the estate.
I dump a hardcopy of the passwords, and ALL vital documents, and put it in a firesafe in the house. Depending on which needs to be where, the original is in the firesafe (e.g. wills, etc.) or the safe deposit box (deeds to property, etc.) The passwords get stuffed in an opaque envelope, sealed and signed across the flap. At least annually, a copy gets dropped in the safe deposit box.
A further copy of the wills, important documents, and annual copy of passwords (hardcopy) gets sent to executor, in a double-wrapped (inner & outer envelope), sealed, certified, tracked envelope. Inner envelope has info for the executor. Outer just is a plain "postal" or "delivery service" envelope.
In the event of a house fire, the fire safe supposedly survives; the safe deposit box does. Should a common disaster hit spouse and me, there's the executor, plus legal access, for more or less "current" updates. In the event of an untimely death, the current backups and the firesafe are "current". In the event of a major evacuation for a natural disaster, it's grab-the-laptop-and-go. We can do drive recovery later if needed. In the event of a complete disaster, the executor has everything they need.
Nothing truly of value is that large: videos, etc, need stored else-how. Inventory and family photos in digital form need treated similarly to password files. pr0n and politically unacceptable documentation is your own damned problem.
If I had information that I could not share with spouse, but needed to survive, and perhaps be released in some manner, I would probably choose a hammer-down method, whereby, if I fail to send a signal for a certain period of time, the holder of that info follows certain instructions. Sort of a time-logic-bomb like some stupid sysadmins have left when they got fired (probably deservedly, for such stupid behavior; if they'd been that worthwhile, they need not have feared).
And, ask anyone that has survived a really good disaster: it's people, pets, and anything else, in that order. If you get out with your people and children, and save the pets, you're golden. Anything after that might be really regrettable, but you will / have survived to do something about it. And, yes, we have a (few) irreplaceable physical objects (one guitar, in particular), but if we've got the people, the kids, and the pets (souls and beings that they are), everything, EVERYTHING else, is replaceable.
YMWV; IANAL; and all the usual caveats. (Your Mileage Will Vary)
PrivateNotCoward
Bank safety deposit box and nothing you have is private when your married buddy lol. This is data the wife should already have on hand and the only true safe way is a banks safety deposit boxes.
Jack of all trades,master of none
1. Plain-text hard copy of all your passwords, account numbers/locations etc. (in my case, my passwords change monthly, so rather than try to update the copy every 30 days, I would just detail the simple algorithm I use to create them, along with the password in use as of time of printing.)
2. Place said hard-copy in a safety deposit box. Preferably a main branch, and not a mall or store-front mini-bank. (Which are more likely to close or relocate over the course of a decade or so.) The bank will give you a card where you can list the people you authorize to have access to the box if need arises, your executor or attorney can gain access if they provide a death certificate, this list is for people you might trust to replace the document with an updated copy.
3. Inform your executor, family lawyer and perhaps accountant that this box exists.
4. Relax.
This method has been in use for easily 200 years, as far as I know, nobody has really improved on it.
I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj
My parents made up a red binder which contained copies of wills, health care proxies, powers of attorney, contact lists, passwords, etc.. everything that we would need if something happened to them. It was locked in a fireproof safe in their house and only they, my sister, and I had keys which we kept on our car key chains. If something happened, we were to get that binder and bring it to the hospital.
My father collapsed several years ago and was rushed to the hospital due to an undiagnosed tumor. We got the binder to the hospital and everyone was clear on his wishes for terminal end of life care. Crappy situation, but everyone knew what to do. My recovered sufficiently and was able to take hospice at home and passed away with dignity and peace in his bed.
1. Write a living will and in the appendix add all the information you want. Make couple of copies. Store one in a Bank Vault with joint name with your wife etc. :)=
2. Keep one copy in some other place in a fire proof safe deposit box.
3. Scan the copy and put it on a B-ray DVD. Put that also in the safe-deposit box.
4. Give a set of copies to your lawyer(if you trust him/her).
5. Make sure you consolidate all accounts as much as possible.
6. Ask your spouse to the same thing (1-5) on her behalf.
7. Trust if you are honest, GOD will take care of every thing!
... I use LastPass for everything. I keep the Lastpass password / encryption key on paper in a secure location where it can be recovered by my SO.
I would suggest using a Rolodex or similar card file, either rotary or box type. I personally like rotary files because it is harder for the cards to get out of order. I find these convenient as you can just replace a card when the information needs updated and securely shred the old card. Store the card file somewhere safe, either in a fireproof safe or a secure deposit box and lodge a note of the location with your solicitor. When writing on the cards use fade-proof ink such as Registrar's ink which is designed to be archival.
"You can lead a horse to water but a pencil must be lead!" - Stan Laurel
The safest way, is in the cloud, I would recommend megavideo.com, the easiest format to understand is video. right?
Our estate planner had us create a family "love letter" which lists things like account numbers, userids/passwords, insurance information, burial wishes, important contacts, etc. There was a lot more information than we would have thought of on our own.
That, along with our wills (including POA, Medical POA, medical directives, etc.) are kept in a safe place at home with copies in a safe deposit box.
A family trust can pass assets to your surviving spouse or other beneficiaries without having to go through probate. (it can provide some tax advantages, too). Put your bank account and other assets, including title to your house, in the name of the trust, and then the trust document controls what happens to them when you die.
How about you don't keep this secret life you apparently have? Just include your family in your life. It's kind of the point of having a family isn't it?
Let your wife know your passwords. Duh.
I'm supposed to trust my most important personal information to an internet-based company who's home page cannot gracefully fail when I have JavaScript turned off? Really?
I don't have mod points, so I'll just repeat for emphasis.
Set up a Family Trust and make sure all of your assets are in it. Besides avoiding the hassle of probate, you can gain some tax advantages potentially, and (this last part may not be unique to Trusts) easily lay out your wishes for who will take care of your minor children should you and your spouse die together.
Ceci n'est pas un sig.
One thing that everyone seems to be forgetting is that a mere list of passwords does not necessarily provide access. You must write clear instructions on how to use those passwords to get to the information needed. The instructions should explain:
Now, have your potential survivors read these instructions and make sure they can understand them. This whole exercise will give you practice in technical writing, which is a skill most people could use more practice at.
Distribute that set of instructions far and wide. As the instructions do not contain any actual passwords you don't have to worry about those people being subpoenaed for the passwords.
Finally, make appropriate arrangements with your bank and lawyer so that:
The most important part is for her to be involved in these everyday transactions now. When her husband dies, one of the main points of stress for the new widow soon after is trying to handle all of the bills and find important records. When my grandfather died, my grandmother had a really hard time filing life insurance and other claims and paying the hospital bills, because my grandfather had always handled all of that, and knew where all of the documents were.
Seriously, man, can't you tell the guy posting that "all or nothing—it's the only way!" drivel is about 17 years old?
BTW, "total commitment" GP guy: another great way to prove your implicit and total trust with your mate is to play Russian roulette with her. You load three bullets in the revolver, blindfold yourself, have her promise to remove the rounds, then she gives it a spin and hands you the handgun. Putting the gun to your head and pulling the trigger proves that you love and trust her 100%. Of course, everyone knows that relationships need to be nurtured to stay alive, so you will probably have to conduct this exercise at least daily.
I mean, total trust is the only way to make your relationship "real", right? Best of luck in your superior relationship!
There is no such thing.
I was thinking of something at would automatically trigger something like an email, or launching a program.. So did a Google search and there is an email version of a deadman switch that will automatically trigger some emails.. But whether or not you would trust this with that kind of data is the question.. There is that, and the fact that you have to be constantly thinking about dieing and maintaining your deadman switch so that your information is not prematurely sent out.. Personally, I would rather my hard drive was reformatted.. the financial basics, bank account and insurance, will, etc should be taken care of separately.. Don't see any reason for online persona of a dead person to be maintained or transfered to anyone else.
waiting for ad.doubleclick.net
As implied by other posters, take the time to get your bank account ownerships/titles in order. At my bank online banking is tied to me, the individual. As soon as the bank gets wind of a customer's demise the first thing they do is revoke online banking access and restrict the safe deposit box. Unless it's a joint account or one with right of survivorship they are SOL until an executor can be appointed and the account retitled. Only then will the executor will have access to the online account using their own credentials.
"(...) my private data (email, phone, laptop password, SSN, etc) and financial accounts and passwords (banks, 401(k), mortgage, insurance, etc) (...)" Can you live without these things ? Forget about them and feel free !
Recipes for USA bankrupt - http://tinypaste.com/0d66f dd = dollar deluge (printed in the infinity)
One of the ones you have to break to get access to.
Whole family put date/site/user/password in there. Don't forget date, otherwise they'll end up maxing out login attempts as they go through the 1500 different password for your corporate VPN (you know, for the intranet's, "This user has died" form). Although, as long as they took the time to sort them, they should be able to guess fairly easily (Password1487, Password1488, Password1489).
For physical security, I recommend buying the most sickly kiddie cute one available and sticking a lump of lead in the bottom. Even the most desperate thief doesn't want your 2 year old's collection of coppers.
My bank in Switzerland (ZKB) offers a SecureSafe (www.securesafe.com) online safe deposit box as part of my e-banking service where I can store important digital items, photos and my passwords. There's also a data inherit feature where I can organise who gets what, when and how. All I need to do is decide what I want, assign the documents/photos/passwords to whoever I want in the online safe and then the process is automated for me. I can also change this at anytime if I've added new stuff or things are no longer relevant etc.
If things are already in digital storage... get them into a secure encrypted storage facility and get something like WWPass.com security.
I had a relative pass away and someone drilled the bank safe deposit box before we could get to it... lost a lot of things...
Scan and store via encrypted process.
I have an encrypted file stored on a home computer (NetBSD) that is remotely accessible via SSH. My wife knows the password to a login on that machine, and the password to the encrypted file. She has memorized those. But she doesn't have the technical skill required to log in to the machine or to decrypt the file - but my best friend does. So my wife knows that if I die, she should contact my best friend and have him access the file for her. (He doesn't know about this setup.) The encrypted file is backed up via nightly rsync to a Windows machine, and from there to Carbonite.
When I want to save a new password or account details, I just SSH in, decrypt the file, edit it, and re-encrypt it.
Advantages: easy to update, easy to access after I'm dead, low risk of exposure, low risk of loss of the data.
Disadvantages: fails if my best friend dies before me, or kills me. Fails if the machine it's hosted on goes down shortly before I die.
Yup, paper, not laser because that fades. Use ink.
Eh? I don't believe that toner has fading issues. However, ink will bleed and can turn your documents into a greyscale watercolor if your pages get wet. That's not going to happen with laser printer toner, because the toner is melted & fused to the paper.
As always, ensure you are using the correct paper for the job: archival quality acid-free paper that is rated for your type of printer, be it laser, inkjet, etc.