Slashdot Mirror
Ask Slashdot: How To Bequeath Sensitive Information?
New submitter UrsaMajor987 (3604759) writes I recently retired after a long career in IT. I am not ready to kick the bucket quite yet, but having seen the difficulty created by people dying without a will and documenting what they have and where it is, I am busy doing just that. At the end of it all, I will have documentation on financial accounts, passwords, etc., which I will want to share with a few people who are pretty far away. I can always print a copy and have it delivered to them, but is there any way to share this sort of information electronically? There are lots of things to secure transmission of data, but once it arrives on the recipients' desktop, you run the risk of their system being compromised and exposing the data. Does anyone have any suggestions? Is paper still the most secure way to go?
Find a young child to give all your memories to. Hopefully he doesn't run away after learning the horrible secrets of the IT world.
Isn't that what lawyers are for?
Physics is like sex. Sure, it may give some practical results, but that's not why we do it
Yes but with the problems of archived CD/DVDs falling to pieces/ not being readable after 10 years this is not the best idea.
You could send them an encrypted file (#1) now with all the info you wish to share with them. Along with a password for a file that will arrive when you die. Then set up a service like deathswitch.com and have another encrypted file sent to them (#2). The password they already possess unlocks #2 and that contains the password(s) for #1.
you can do what my grandfather did
wrote up the entire list on paper form and electronic on a flash drive. He laced them in a safety deposit box and shared the key with his executor who in turn had a copy of his will.
When he did pass away it was a pretty smooth process getting all of the information needed to close accounts, collect on policies, etc. The only thing that had a hiccup was property in a state with different probate laws but that too worked itself out.
.. worked for me.
Put the passwords, etc on a piece of paper. Put that paper in a large envelope. Give that envelope to a firm that does document escrow (many law firms will do this) with instructions on who should be given a copy after your death. Let your friends and relatives know who has your escrowed docs. They provide proof of your death, and everyone gets a copy.
Why exactly are we reinventing the wheel here? This is old hat stuff. You don't need to trust anyone not to open their present early. Firms that do document escrow have better theft prevention techniques than anything you're likely to cobble together.
If you want to go super fancy, use USB keys encrypted with a pre-shared password instead of paper. Then you don't really have to trust the escrow folks.
I keep an encrypted online database of my passwords. Sort of. I use a 'modular' password. One word is different, the other is always the same. So in my will I have the same word (and it's l33t combinations) written down, along with the address of the database. So anyone dealing after my death will know ALL my codes. My wife of 30+ years also keeps a copy of it, and knows the super secret codes.
I started this after being in a coma, and my wife having to deal with my PDA bleeping about meetings to her until the battery died. Which made her cry even more.
Even though the "ask a lawyer, not Slashdot" answer gets trotted out all the time, I think it's appropriate here. Lawyers do this sort of thing for a living. Probably cheaper in the long run to ask one.
I am not a crackpot.
You still control it, yet it is remote and will be properly searched when you die. You can put a usb key in or some paper documents with the relevant information.
Pick a nice, long, secure passphrase. Use it to secure a GPG keypair. Back up this keypair in multiple locations, and with multiple people who know "This is the key that encrypts all of my digital stuff. My family will need it when I die.".
Use that keypair to encrypt all of your important passwords and data. Back up the encrypted files in multiple locations. Make sure your family knows where these locations are, and why thy and the files they contain are important.
Download a copy of http://passguardian.com/ . Load the saved copy (preferably in an offline PC) in a browser, and use it to convert your passphrase into several N of M parts. ie: Create 10 parts, and require at least 6 to reconstruct the passphrase.
Use something like http://goqr.me/ (or any other generator) to create QR codes for the 10 secret shares. Laser print the text share, QR code and some instructions onto a business card sized piece of paper, and have them laminated.
You now have 10 waterproof, hard to damage cards, any 6 of which will unlock your digital data. Distribute them to trusted parties and locations with instructions to use the shares once they hear and confirm your death. These parties don't have to be literate enough to merge and decrypt the data themselves, they just need to know that it is possible with their share. On your death, they will arrange to bring the shares and data together, and even if they have to hire a nerd to help them, they will unlock what they need.
You state that you have a long career in IT, and at the same time you ask how to electronically hand over information generated within IT. Among those things, you even claim that you have passwords, meaning that they have been stored insecurly. This has "IT Janitor" written all over it, or possibly a concocted story.
Take pictures of all the documents and send them via snapchat. Isn't this the kind of application it was made for (restrictred permission viewing)? It's, like, toooootally secure.
This is the way to do it -- I've added one more step. My safety deposit box also includes a master password and a 1TB encrypted USB backup drive. Since the professional who wrote my will also advised leaving a copy in the box and registering that this is where the "official" notarized original is located, my executor will, by local laws, just have to provide proof of death and the copy of the will indicating they are the executor to access my box. Having the key (which they likely would) would help too.
(As an example, put the disc in a DVD or Blu-ray case behind another one with a movie on it.)
It's funny, I do the exact opposite, I hide selected movies behind CD's labeled "Finance Data."
TODO create witty sig.
First of all, I assume you are serious and not trolling (as some others who replied have asserted).
My son died in April of 2013. He lived with cancer for four years and then took four months to die. During that time, he ignored my pleas to create an estate plan with an attorney. I am still trying to unravel his estate. Divorced and without a will, his son (my grandson) is his sole heir. My grandson is 6 years old. After my son died, it was too late to create a trust for my grandson. Instead, I had to go to court (several hundreds of dollars in court fees, legal fees, and even appraisal fees) to be appointed the guardian of my grandson's inherited estate. (His mother is the guardian of his person.) I will then have to return to court every two years to report on the status of the guardianship. In the meantime, NO ONE had authority to pay my son's final bills. It took seven months after my son died before I had legal authority to collect his credit union accounts, IRA, Roth IRA, and multiple 401(k) accounts, by which time several bills had already been sent to collection. All the legitimate bills have now been paid, and all known assets have been collected (the last, just a week ago). In July, I will transfer the balance of my son's estate into my grandson's guardianship. That will not end the hassle as I will have to report the status to the court for the next 12 years.
I am thus on a campaign that every adult needs an estate plan. Even if you have no heirs, even if your estate is small, you need to provide binding instructions on how to handle your assets after you die.
Before my son started actually dying of cancer, my wife and I started a complete overhaul of our own estate plans. With the exception of our IRAs and Roth IRAs, all our assets are in trusts. We each are the other's beneficiary of the IRAs and Roth IRAs, with the trusts the contingent beneficiary. The trusts require two trustees, currently my wife and me. If one of us dies or becomes incapacitated, the replacement trustee is already identified in the trusts. When we are both dead, the replacement trustee must appoint another trustee to have two. CONTINUITY IS VERY IMPORTANT. Our credit unions, bank, and mutual fund group all have copies of the relevant portion of the trust documents to ensure they accept this continuity.
Now for the original question: In California, where my wife and I live, a bank safe deposit box is NOT sealed if one of us dies. The box remains available to the other persons who are listed at the bank -- with their signatures -- as having access to it, which includes our daughter and will eventually include our replacement trustee. The complete original documents for our estate plan are in the safe deposit box. Right now, I can see a ring binder with a copy. The replacement trustee has a copy. A list of all our accounts is in the safe deposit box. An inventory of our mutual funds (IRAs and Roth IRAs) is in the safe deposit box.
In a sealed envelope in the safe deposit box are a floppy disc, a compact disc, and a printout of my OpenPGP public and private keys and my OpenPGP passphrase (the latter otherwise exists only in my brain). (I chose three media since I have no way to predict what formats might become obsolete before I die.) That envelope also contains a list of all my important Internet passwords, which are encrypted on my PC.
I have an unencrypted list on my PC titled "Where Is It?" that describes where everything should be found: checkbooks, bank statements, insurance policies, durable powers of attorney for health care, mutual fund statements, deed to our house, etc. When I update this list, I E-mail a copy to our daughter; another copy is in the ring binder with our estate plan. Also in the ring binder is the paperwork for our purchase of burial plots.
Even better - tell your lawyer. They have whole teams of people dedicated to solving this problem. Let them do the job that they're experts at and stop worrying about it.
There are lots of things to secure transmission of data, but once it arrives on the recipients' desktop, you run the risk of their system being compromised and exposing the data.
Yup. And when you give them money they may spend it on hookers and blow - or even donations to the Heritage Foundation or Greenpeace. You'll be dead. Once you've passed on the data and what it represents, its truly not your problem and no longer your concern.
If it bothers you that much have your lawyers set up a trust instead. Again, let experts be experts.
You're special forces then? That's great! I just love your olympics!
The paper copy that is notarized and filed away at the bank includes the reference "Refer to folder X in file drawer Y of my home office file for a current list of online file names, site names and logins." I can easily keep this list current without having to keep re-issuing the official will.