Ask Slashdot: How Do You Securely Store Private Information For Posterity? 257
An anonymous reader writes "In the event of my untimely demise, my wife and family will need access to all of my private data (email, phone, laptop password, SSN, etc) and financial accounts and passwords (banks, 401(k), mortgage, insurance, etc). What's the best way to securely store all that data knowing the data is somewhat volatile (e.g. password changes) and also that someone else who is not technically savvy will need to access the most up to date version of it? Suggestions include a printed copy in a safe deposit box, an encrypted file, a secure server in the cloud, or maybe a commercial product."
All of the above (Score:2)
I like the encrypted file in the cloud idea, it also wouldn't hurt to have a USB stick + paper copy in a safe place.
Anything network accessible should be encrypted, but you don't want your password to expire with you - so the safely located copies should be plainly readable.
Re: (Score:3, Insightful)
The "cloud" (both free or commercial) is very far to being a suitable solution for long term, secure store for private data. See the megaupload cease or even the stories of AWS outrage.
Anything network attached or even IT related is not suitable for what you are looking for. Probably the best solution is paper copies in a safe box with off site back up copies in safe-deposit box.
Re: (Score:2)
The "cloud" (both free or commercial) is very far to being a suitable solution for long term, secure store for private data.
Clarification: My "cloud" reference was to services like Dropbox, Google Drive, etc. where your data is not only available from on the service, but also mirrored to all of your (and potentially your friends, colleagues, frenemies, etc.) devices.
Trusting a single entity with anything is foolish [wikipedia.org].
Re: (Score:3)
Answer in the question (Score:4, Insightful)
Safety deposit box is probably the only reasonable solution. A file stored in the cloud or on a hard drive is likely to get deleted or the service will die before you do. Any documents/passwords/items your family needs should be stored in a safety deposit box. If the data changes frequently and your family absolutely needs access to it, which is unlikely, then keep them written down in a safe at home and make sure your family has the combination.
Mod parent up. (Score:5, Insightful)
Let me expand that a bit.
If your family absolutely needs the information MAKE SURE IT IS IN A PHYSICAL FORMAT and stored in a secure location.
Electronic formats are not reliable enough for critical information. Particularly if your family members are not sufficiently tech savvy.
Re:Mod parent up. (Score:5, Informative)
Yep, most of the stuff (banks, 401(k), mortgage, insurance, etc) listed in the summary would be best suited to paper. And safety deposit boxes are the way to go.
For the stuff like email and online banking, might I suggest setting up a main email account with a stable password that is as strong as you can make it? I.e. twenty characters, alphanumeric, no words in the dictionary?
You don't need to use this account for your regular email, you just use it to reset your other passwords when needed. So you've got "yournameherebackupaccount@____.com" on every online form for password recovery, and the backup accounts password is written down someplace secure, and too strong to need resetting. Pretty sure you can even set up a "forgot my password" option for your regular email provider (I recall doing something like that with gmail in any case).
Once you become metabolically challenged, your family just needs to access the one account, using the password saved in your deposit box, and reset the passwords on everything else for their own access. Since the password is saved in a deposit box, your bank becomes the gatekeeper for it, and they're pretty good at that job.
Re:Mod parent up. (Score:4, Insightful)
All of these are important suggestions, but you need to make sure that the ownership paperwork on the safe deposit box includes your spouse or "personal representative." Otherwise they don't have direct access to it. They would have to either have a power of attorney that grants them access to it or get a court order allowing access to it, either in probate or a guardianship/conservatorship situation. Because people forget to allow such access but shove their will in there, it is not completely uncommon for a probate proceeding to be opened without the will being able to be provided, the safety deposit box probated, then once the contents of box are found to contain the will, the will is then entered into the probate and the rest of the property taken care of. As you can tell, that is a longer and more expensive proposition.
Re: (Score:2, Informative)
I just wanted to clear something up in that AC's post: a power of attorney won't work if you are dead and if the spouses is not allowed access to the box on the paperwork with the bank, that just leaves the probate procedure of your state before they will even let you take a look inside.
Re:Mod parent up. (Score:4, Informative)
The magic words you're looking for on accounts are "with rights of survivorship," which will give the named individuals direct access even after one dies. It's something you can just ask for on a joint account (if they don't give you the choice directly). I have my savings & investment accounts (and my deposit box) set up this way -- the last thing I want is for my partner to have no access to funds immediately after my passing.
If you have substantial assets, you need a trust (Score:4, Insightful)
A family trust can pass assets to your surviving spouse or other beneficiaries without having to go through probate. (it can provide some tax advantages, too). Put your bank account and other assets, including title to your house, in the name of the trust, and then the trust document controls what happens to them when you die.
Re:If you have substantial assets, you need a trus (Score:4, Informative)
I don't have mod points, so I'll just repeat for emphasis.
Set up a Family Trust and make sure all of your assets are in it. Besides avoiding the hassle of probate, you can gain some tax advantages potentially, and (this last part may not be unique to Trusts) easily lay out your wishes for who will take care of your minor children should you and your spouse die together.
Re: (Score:2)
SecureSafe is a nice place to store passwords. Just make sure your spose gets access to the single user/pass so she can access the rest of your goodies. (Maybe write the password in the will or something like that?)
http://www.securesafe.com/en/ [securesafe.com]
Signs of imminent demise. (Score:3)
Re: (Score:2, Insightful)
Re: (Score:2)
This. Don't expect your family to know how to get into your digital copy, and don't expect it to last as long as good, old-fashioned paper. A safety deposit box is great for long-term documents, and a small fire-proof safe at home is good enough for keeping frequently-changed things like passwords. Note that you should not keep REALLY important documents in a home safe, especially a small one, as a thief can simply pick it up, walk out, and drill the lock at his convenience.
Re: (Score:3)
I've never seen a concealed fire safe.
I guess it worked then.
Re:Answer in the question (Score:5, Informative)
Safety deposit box is probably the only reasonable solution.
Access can be an issue. Ensure that your spouse (or someone else you trust) is listed with the bank for the safe deposit box (not just the associated bank accounts). If not, no one - and I mean NO ONE - will have access to the box contents without either a court order or until after probate of your will and new ownership of the box is established. And no, Power of Attorney won't work as that expires when you die.
It should be obvious from the above that your Will should not be stored in a safe deposit box - especially one registered in only your name, or you and your spouse (if you die together, no access to your Wills). A better place for your Will is a home safe, your lawyer or accountant.
IANAL, but did have to work through all this when my wife died in 2006....
Easy, look at what was already posted here. (Score:5, Informative)
Not even a year ago, almost the same thing.
http://ask.slashdot.org/story/11/11/01/1414234/ask-slashdot-how-to-securely-share-passwords [slashdot.org]
Re:Easy, look at what was already posted here. (Score:4, Funny)
Not even a year ago, almost the same thing.
http://ask.slashdot.org/story/11/11/01/1414234/ask-slashdot-how-to-securely-share-passwords [slashdot.org]
The first post in this thread:
why care? (Score:1)
by Anonymous Coward on Saturday July 07, @01:29PM (#40576481)
you're dead
The first post in the 1 year old thread:
Dont worry about it (Score:5, Insightful)
by Anonymous Coward on Tuesday November 01 2011, @01:03PM (#37909302)
You'll be dead.
Anyone sees a pattern? :-)
Wuala + Dropbox (Score:3)
Wuala - http://wuala.com/ [wuala.com]
Like Dropbox, but with actual security - i.e, client side encryption. You can also share information with groups of others etc.
LastPass - http://lastpass.com/ [lastpass.com]
Solves all password problems, and all you have to make sure is that the master password is accessible after your death. Like, in your will.
Re:Wuala + Dropbox (Score:5, Insightful)
Re: (Score:2)
No, LastPass wasn't hacked (and just like Wuala your passwords are client sided encrypted and thus cannot be copied off LastPass' servers).
As to cloud vendors disappearing, sure, but they only need to stay up for a few weeks at the most after your own demise - after that the family has had plenty of time to make backups if needed.
Re:Wuala + Dropbox (Score:4, Informative)
No, it wasn't hacked, and that won't change just because you keep repeating it. If you don't select a bad password on purpose (LastPass rates it) you have nothing to fear from brute force tools. Rainbow tables don't help with services that understand salting - and LastPass most definitely know their stuff as compared to a lot of other services.
No LastPass accounts were compromised from the incident that _maybe_ happened. I fail to understand why you seem to purposely want to misrepresent the facts. Your two links have not supported your statements, at all.
LastPass + Wuala is still the best, and most secure, way to solve the question asked.
Re: (Score:2)
Wuala - http://wuala.com/ [wuala.com]
Very interesting. But one thing bothers me: I can't find an external audit or some other assurance that they actually do what they claim to do and that their crypto is any good. There's allegedly a paper out describing the crypto, but I can't find it.
Is there any 3rd party verification of their claims?
Re: (Score:2)
Agreed, that is something that they're rightfully getting bugged about over and over. So far I think the only thing they've said is that auditing would be a solution: https://forum.wuala.com/viewtopic.php?f=11&t=1207#p4894 [wuala.com]
Fraunhofer's comments on cloud storage (includes Wuala):
http://wualablog.blogspot.se/2012/05/fraunhofer-study-on-cloud-storage.html [blogspot.se]
My trust comes from the things that are documented and that they're ... European. You'll find them (incl. the Cryptree paper) here: http://wualablog.blogsp [blogspot.se]
Re: (Score:2)
Thanks. Those are some excellent links and what I've checked looks solid. While I don't see a crypto analysis of Cryptree, it was published in a couple peer-reviewed papers, and from what I read (I'm not a cryptographer, just someone with an interest in crypto) it looks good. And they pass the usual snake-oil tests (no "custom crypto algorithms", etc.). Also the ETH has a really good reputation over here in Europe.
I think I'll give them a spin.
encryption? (Score:5, Informative)
Encryption is when you want to keep people out. In the scenario you've outlined, you need to let people in, but only certain people. That screams physical security. Your online passwords and all that crap can all be bypassed by a court order, which would be issued to the executor of your estate, authorizing the holder(s) of your assets to grant access to them. You don't need to keep a record of your passwords anywhere... once you're dead, they can just reset them. The rest might have value to you, but it is unlikely to have value to anyone else. Nobody's going to care about your licensed copy of Microsoft Office, or need to decrypt your secret collection of porn, music, and videos.
This is not a technical problem. This is a legal problem. This is the wrong forum to answer those kind of questions. You need to make a list of what assets you want (it's called a will) to pass on, and then simply make sure those assets are accessible. Call the companies up that maintain your online stuff and ask them. You don't have to worry about banks, mortgages, or physical assets: That's the executor of estate's job to sort out. Your Will provides all the legal power necessary.
Re: (Score:2)
My understanding is that it's nowhere near as easy as that. If the court order is from a different country the hosting company will probably ignore it.
Re: (Score:2)
Encryption is when you want to keep people out. In the scenario you've outlined, you need to let people in, but only certain people. That screams physical security.
While I agree on physical security for other reasons, your reasoning regarding crypto is dead wrong.
For example, there are a couple interesting key-sharing systems where you could encrypt everything, break the key up in 5 parts, and distribute them to family members that hate each other plus one to your lawyer, so that 3 of the 4 family parts plus the lawyer part need to come together to regenerate the whole key.
There are few problems that you can not apply crypto to. Practicality is the main issue - very l
Re:encryption? (Score:5, Insightful)
And its not just legal documents you want access to. It's a friend's email address, or a recipe for her favourite cake. Even if you can get a court order to do this, would you?
This is a digital problem with a complex human coating. I want to hear the solution to the question asked, as asked. I don't have the answer.
Re:encryption? (Score:5, Interesting)
It's not supposed to be easy. If it were easy, there'd be a healthy criminal underground taking advantage of it. The legal system isn't designed to be easily co-opted; It takes time, showing up in person, and proving your identity... and that's just to get your foot in the door. You look at court orders and lawyers as a problem, but they aren't -- they're the solution.
But go ahead and put your faith in technological solutions that require no human interaction and grant full access to everything you own, love, and are. I'm sure nothing bad will happen.
Re: (Score:3)
Sorry to hear about your loss, it must be hard to talk about this stuff with it all being so recent. I just wanted say thank you for adding your experience and insight to this conversation, especially if it was hard for you.
there is also stuff that a Wills, trusts attorney (Score:2)
there is also stuff that a Wills, trusts attorney needs to put in a legal document to cover your financial accounts.
financial accounts' passwords (Score:2)
But withdrawing money from husband's account after his death may look highly suspicious, especially if one is acquainted with real murder statistics.
The time of death is routinely recorded, and the time of money withdrawal too. An investigator will just have to look at the timing. It is simple to notice.
Re: (Score:2)
Is it a good idea to leave your financial account password at a known place? A wife will get the husband's money anyway in several months after death.
I don't want my wife to need to get a court order and wait for several months to have access to my accounts upon my death.
But withdrawing money from husband's account after his death may look highly suspicious, especially if one is acquainted with real murder statistics.
What kind of paranoid reality do you live in? My mother moved funds around almost immediately after my father's accidental death (after all, she still had mortgages to pay, funeral arrangements, etc), but there was no murder investigation.
The time of death is routinely recorded, and the time of money withdrawal too. An investigator will just have to look at the timing. It is simple to notice.
If a wife killed her husband to get his money, wouldn't she be more careful than to empty his accounts moments after his death?
Re: (Score:2)
Why do you assume they only have one account? They might have some joint account(s) and some separate ones.
Re: (Score:2)
If a wife killed her husband to get his money, wouldn't she be more careful than to empty his accounts moments after his death?
You'd think so, wouldn't you?
In reality people are either stupid or desperate and do stupid things.
Also, how does your wife access money now? Can't she continue to do so the same way?
Of are you one of those people that gives their wife $100 a month to spend.
Since my wife earns nearly as much money as I do there's no need to give her an allowance, but if she's paying a bill, she just writes a check out of our joint checking account... or if she needs cash, she says "Hey sweetie, I'm taking that $20 from your wallet". But I have several retirement accounts and a life insurance policy that she is aware of but doesn't access regularly (well, at all). I'd like her to have my account information at her fingertips in the event that I'm not around -- and she does, th
Re: (Score:2)
You're full of shit. Just sayin'.
Re: (Score:2)
really? Why not?
How about multiple accounts, one can be shared.
Re: (Score:2)
Re: (Score:2)
Multiple accounts, people have multiple bank accounts. Consolidating all bank accounts into one after getting married, is that something people should do and why?
Re: (Score:2)
Multiple accounts, people have multiple bank accounts. Consolidating all bank accounts into one after getting married, is that something people should do and why?
Joint accounts nullify ownership issues if one of you die; the deceased is simply removed from the account by the survivor. With separate accounts, the money in the deceased's account is unavailable until after probate of the Will when the new account owner is established. Power of attorney won't work as that expires when you die. This also applies to joint vs. individual ownership of most anything.
Joint accounts also make for more transparency and trust.
I have heard a recommendation that, for liabil
Punched Cards (Score:4, Funny)
If in Europe, you might prefer paper tape, but I doubt it.
PS Anyone got an open source program to print card images onto A4 paper? (readable by Lottery hardware)
Re: (Score:2)
but if they are desperate, the technology can be built from scratch.
It should be easy to do with just a regular scanner and some image processing software. There's probably even an iphone app for it already that just uses the camera...
Re: (Score:2)
You don't need equipment. Old hackers can do it by eye.
LastPass + OTP (Score:2)
Manage your online passwords with LastPass [lastpass.com] and generate an OTP to put in a safe deposit box and give the key to your attorney.
Cut out the safe deposit box for one less level of trust-noone and lower cost. Add safe deposit boxes in a chain to drive everybody crazy and increase the difficulty of compromise.
Unneeded/wanted for some if not most (Score:2)
Set beneficiaries on your financial accounts (401k's, etc). I can envision all sorts of problems arising if the accounts are logged into and assets transfered out after your death.
For your laptop password, and the like, why not just keep a thumbdrive in a safe deposit box?
Re: Safe Deposit Boxes (Score:3, Informative)
Re: (Score:2)
I've also come to understand that banks are required to turn over SDBs to the state in the event that the account holder dies so that the contained property can be included Probate into the estate for valuation and taxation purposes.
Accessing the deceased's safe deposit box isn't as straight forward as you have imagined. According to several articles on the web (which aligns with my personal experience) - my notes are in brackets:
In order to gain access to a deceased safe deposit box, a person will need to present a death certificate along with an executor's testament. [ This means *after* probate. ] The forms are required to prove legal rights to the box. [ Determined *during* probate. ] Also, be prepared to provide a copy of the rental agreement [ if bank policy ] and photo identification.
In some states, if the spouse of the deceased is alive, he or she may go to the banking facility where the box is located and get unrestricted access, provided they are able to present a death certificate. A marriage certificate may also be required.
The easiest way to ensure access to a safe deposit box after death is to have more than one person registered for the box.
Few things (Score:2, Informative)
Fujitsu ScanSnap 1500(M)
1Password (or equivalent)
Scan important documents and shred or hide the originals if necessary. Store all passwords in 1Password and give the master unlock key to couple of your friends.
Encrypt, zip and put it on cloud storage. Setup a calendar repeating event (or a chron script) that checks if you're alive every 6 months. Point that to a file called IF_DEAD_PLEASE_READ_ME.TXT for instructions.
You could do this in 1 afternoon.
Re: (Score:2)
The typical process is for the living person to create a cron job to periodically send his friends an "I'm alive!" email. Presumably the dead person's family would turn off his PC soon after he dies so if ever the friends don't receive the expected email, they should validate is mortality status.
Re: (Score:2)
It is was, I'm dead!
Re: (Score:2)
Aside from the funny part, this is actually not bad.
When I'm not on holiday or otherwise far away with no Internet, I don't think there's ever a, say, 48 hour period in which my mailserver would not register an access to my IMAP account. So with a bit of fiddling so I can tell it to stop checking for the next 2 weeks because I'm away, this would work fairly reliably.
Now if only someone had this already coded up... (I'm sure someone has, waiting for the links to be posted...)
Re: (Score:2)
Make sure you distinguish between manual email access and automatic access. My cell phone checks for email regularly, and if I were to die while my phone were plugged in, such a script would never be triggered (unless my area had an extended power outage long enough to allow the phone's battery to completely drain).
I live alone, and I have considered setting up a web site that displayed the last time I did anything the computer could track. That way, family could check the web site to see how recently
Re: (Score:2)
Make sure you distinguish between manual email access and automatic access.
Not in my case. When I'm away I either turn my phone off or disable data roaming (when I'm in a foreign country). And if I die in a car or airplane crash, the phone will either be destroyed as well or sooner or later run out of battery.
But you idea is good. What it needs is integration into smartphones. Basically, the phone would be your "ping" and it would trigger on something like unlock - really easy logic. If you unlocked your phone, you're not dead. And few of us don't do that for more than a day or tw
post its (Score:4, Funny)
Easy, just write them on post-its and attach it to your monitor at work. It's the most secure location there is.
Why? (Score:2)
If you die, your wife will go through the appropriate channels with the lawyers, etc to get access to your money. You don't need to give her the account password. It will take time, but you want the process of declaring you dead and transferring you assets to be hard.
If you don't trust her with the bank account password, why are you going to trust her with access to a safe-deposit box or safe containing the password?
If you have personal information on your laptop that you do not want you wife to know now,
Re: (Score:2)
His wife won't exactly be happy to find out he's banging his secretary. And if she finds out after he's dead there'll be jack shit the old crow can do about it.
Re: (Score:2)
If RPGs have taught me anything... (Score:5, Funny)
Re: (Score:2)
...it's that your valuable information should be transcribed onto a special medallion, which is then quartered with each quarter piece buried in a deadly dungeon in a far flung corner of the land.
That didn't work out so well for Tom Riddle.
Re: (Score:2)
Esay (Score:2, Funny)
Save Public Information, not Secret. (Score:2)
Envelope with your signature on the flap (Score:4, Interesting)
Allowing access only to your heirs, and only when you're dead is impossible unless you've got *lots* of money. After 9/11 and the destruction of Swiss banking secrecyt, it's probably impossible.
But you don't have that much money.
So, since as others have mentioned, law enforcement can get your stuff if they really, really want it, all you can reasonably hope for is to make your documents tamper obvious
Thus...
So, if someone tries to steam open the envelope and then reseal it, you'll notice since they won't be able to exactly line up the two halves of the envelope and thus your signature will be misaligned.
(This is a variation on the old displaced strand of hair trick.)
Re: (Score:2)
Re: (Score:2)
You think there's such a thing as effortless security?
Rocky's Hideout (Score:2)
(This is a variation on the old displaced strand of hair trick.)
Why I am I reminded of an old Bugs Bunny cartoon?
The hair trick works because the strand is damn near invisible.
The envelope you describe screams "Secrets In Here!" so loud that it can be heard from six blocks away.
Re: (Score:2)
the resources of an entire government, ... sign it with an exact copy of your signature, which could be reproduced using a digital image of the signature on the envelope prior to unsealing.
I don't think I am the one being paranoid.
Safe-deposit box + Password Safe (Score:2)
As others have written, put as much as possible onto paper, and put this in a safe-deposit box at the same bank you have your standard accounts at. Best is if your wife is used to accessing it - perhaps she also has some things that she needs to store there? Alternative to the safe-deposit box is a safe or at least a secure lockbox somewhere in your house.
For stuff that is online, or in electronic form, ignore the folks who say that a lawyer will be able to arrange access. What an expensive PITA! Use a pass
Wait, what? (Score:2)
Untimely? As opposed to timely? I am pretty sure when I die, it will be untimely from my point of view whenever it happens.
secondary (Score:2)
Get someone you trust who is tech-savvy and hand him a list of where everything can be found. No passwords, keep those on a piece of paper in a safe, or a locked box somewhere in your house (fireproof would be good).
Your grieving non-geek relatives will not only not bother hacking your passwords, their primary problem will be that they won't even know where to look for stuff. I know I listed all my savings accounts and such because should something happen to me, those left would simply never think about som
Commercial Solution: Death Switch (Score:2)
Didn't notice if this was mentioned or not, but there are some commercial solutions like deathswitch.com
They fire off emails to you on a schedule. If you fail to respond, then they suspect maybe you are pushing up daisies... other fail-safes kick in (they check with a designated friend, etc.). If you are, indeed gone, then they spew whatever you want to whomever you designate. You can even program in a follow up or two for later. A year after you are dead, a nice parting practical joke, eh?
Re: (Score:2)
The problem with a commercial offer is that quite likely the company will die before its subscribers do.
Slashdot (Score:4, Funny)
My way is getting the info into an /. article.
After that, the editors will take care that it is periodically available again as if it was a new article.
Here's a crazy thought... (Score:2)
... why not actually, you know, involve your wife in your family's finances while you are still alive?!?
Don't get me wrong, I believe that a healthy relationship includes privacy. I wouldn't share my personal email password with my spouse, etc.
However, your 401k and mortgage? That stuff involves marital property... why doesn't she already know where the accounts are and how to access them? Of course this is Slashdot, so I could make a ton of jokes about male and female relationships (do you really hav
Re: (Score:2)
Safe Deposit Box (Score:2)
Be careful. Once you join the choir invisible anything in your name will be subject to potential access restrictions.
That includes a safe deposit box that is in your name.
http://www.finweb.com/banking-credit/accessing-deceased-s-safe-deposit-box.html [finweb.com]
Bank accounts will potentially have restrictions as well. Be sure these have appropriate beneficiaries set up so your heirs have access without the long delays and legal folderall associated with probate.
Keep it simple. (Score:2)
Because electronic media is more sensitive to heat and humidity than paper, media safes are constructed differently and insulated more heavily than those designed to protect paper.
Media safes are rated using the same hourly classes as those designed for paper except they are tested to maintain a temperature of 125 degrees F or less compared to a fire resistant safe which is tested to maintain a temperature of 350 degrees F or less.
There is a lot to be said for doing what people expect: keeping paper copies of your essential records in a safety deposit box which your next of kin can access without a hassle.
You digital records should quite safe in their Mormon vault in Utah and the limestone cavern in the Appalachians.
That doesn't mean you family will remember how to link to them --- or even be able to link to them --- when they are most needed.
Paper and pen. Keep it simple. (Score:3)
Lots of bad advice here (Score:2)
Once you kick that bucket any accounts in your name only will be frozen until probate is resolved. Attempts to access these accounts are criminal acts.
Safe deposit boxes in your name only ditto. You must have court assignment as executor to get into the box. It takes time to get that and if you don't have a will the court may appoint an executor.
To avoid this you want to set up joint accounts and beneficiaries on the accounts so that these accounts will automatically be transferred to the people you want th
Cognitive Decline (Score:2)
The biggest thing I fear is that as I age I will lose the mental capability to manage my finances well enough to insure that my family will be able to continue without hardship.
My father was a brilliant man as an adult, a top scientist, but the last couple of years he definitely had dementia - and it showed in his accounts that I ended up dealing with as executor.
It didn't end up causing any problems for his family because we were able to pool resources to get through the couple of years it took to straight
Simple answer: Swiss SecureSafe (Score:2)
That problem was solved a while back by the Swiss company SecureSafe [securesafe.com]. You can store passwords and files there, and it (a) delivers a recovery mechanism in case you blank out on the password and (b) a data inheritance mechanism where someone can get access to your data by means of a separate mechanism - with a timer.
The idea is that 3rd party access by a party you designated should be because something happened to you, so the first thing that happens when someone starts the 3rd party process is a timeout pe
Stone tablets in a safety deposit box (Score:2)
It's a bit inconvenient, but those suckers last for centuries.
Share an encrypted vault, keep the key (Score:2)
My wife and I have a 10MB TrueCrypt vault containing a text file with a list of all our online service passwords.
It has grown over time to be a list of all kinds of access keys, secret stuff and routing information. It's shared in a commercial cloud drive, which allows us to get it from anywhere, but only decrypt via TrueCrypt + a nice long key. This is a convenience thing, but would solve OP's legacy question by keeping the encryption key on paper with your will, and instructions on where to find the vault
Same problem here (Score:2)
I'm going home to my parents on holiday and I want to put my full disk encryption password at their house. The data isn't super-valuable if I'm dead, but if I suffer some specific memory loss I want to be able to access my computer. I've been thinking about this, but the only thing I can come up with is to put the full password somewhere safe in their house (I'm also doing off-site backups with a different password). If the password is used exclusively for gaining access to the computers when I'm physically
Re: (Score:2)
Sorry, I forgot something: While full disk encryption gives excellent security, there is the chance that your box gets "pwned" by a virus or a targeted attack. I keep the really sensitive stuff in files encrypted with GnuPG. You have to be really careful when using GnuPG to not leave any temporary plaintext files around. I recommend using a Truecrypt volume instead if you don't have 100 % control over what temporary files the editor creates.
Re: (Score:2)
Oh dear 2 self-replies is too much, but I must clarify something: when doing encryption of single files, you need to worry about temporary files *even if they are deleted when you're done*. If the files are written to permanent storage it will be possible to recover them, even though they are deleted from the filesystem.
don't (Score:2)
In my Desk (Score:2)
i have a red thumb drive in my desk drawer that has written on it, IN CASE OF DEATH. It has a flat text file I update every 3 months that has all the information they need. plus it has photos of safety deposit keys so they can be replicated if not found. Plus a copy of my will in two forms. regular and as images showing my signature.
Wife knows where it is, once a year a copy is made and placed in the fire safe. Daughter knows as well. No releasing the info here is not a problem. none of you kn
Re: (Score:2)
My biggest fear when I die is that my wife won't be taken care of.
Re: (Score:2, Funny)
Re:why care? (Score:5, Funny)
Hm, can you name for me all the famous nihilists who did something other than be raving, depressed nihilists?
Does it matter?
Re: (Score:2)
Nihilism is not about not caring what will happen after you are dead, that's just egoism, I am not implying that egoism is bad btw, just providing the proper nomenclature.
Re: (Score:3)
Egoism [wikipedia.org] is an accepted term.
Re: (Score:2)
Ditto. That + a dropbox share between wife and I does the trick. Moreso useful for while I'm alive and she or I needs to handle something in one of the various accounts we have laying around.
Re: (Score:2)
It's a technology problem for all the places that will let you have multiple account holders/users but only one user for the account management system. That sort of password sharing is a hassle even when you're both alive and in the same room, let alone when someone dies.
Re: (Score:2)
" As for financial accounts, she should have HER OWN LOGIN for that stuff."
So I need to sue Chase bank for not allowing multiple accounts to access the same financial accounts.
Sounds like you dont know about that witch you talk about. Most banks have one login, and sucks to be you if you want two.
Same as my scotttrade account.
Re: (Score:3)
I'm guessing you have never been married or you would realize how simplistic this notion is.
Just as an aside: Do you record all of your conversations you have with friends where you may have complained about your wife (or even just asked a close friend for guidance on how to deal with some