Helping people with computers... one answer at a time.
With all the digital data we take great care to secure, we need to consider who might need access to it and how if we're not around to unlock it.
This is actually a question I heard on an episode of Security Now with Steve Gibson and "the other Leo", Leo Laporte. They speak frequently about tools and techniques to keep data secure, and the question was - in that light - how to make sure that data is actually available to those we might leave behind on our death.
It struck a chord because I regularly hear the other side of the scenario. I frequently hear from those left behind, frantically attempting to access important, sentimental, or highly critical data that a recently deceased friend or family member has locked up extremely tight.
Think about it; what happens to your encrypted data, your online accounts, your pictures, or your "digital-whatever" if for some reason you're not around to access it?
What if you're the family money manager and suddenly your spouse needs access or information and has none?
It's not particularly pleasant to think about but with all the security measures we put into place these days to keep bad people out, it's worth also having a plan for letting the good people in, should the need arise.
•
Leaving Behind an An Inaccessible Mess
I heard from the wife of a member of the military killed overseas who wanted access to her husband's email account to retrieve critical information as well as to get a glimpse into the last days of his life. The service he used was a free email account with no effective customer support. There was nothing I could do to help.
I heard from the children of an elderly grandparent who needed to access his password-protected computer to retrieve the only copies of some very important family pictures. Fortunately, there are ways to break into Windows machines if you have physical access. Had this been another type of system I'm not sure we'd have been as fortunate.
I hear about scenarios like this on a very regular basis - those are just a couple of examples. Sometimes I can help (breaking into Windows, for example) but usually I cannot (online accounts without customer support are often gone forever).
There are also scenarios I worry about for myself. As you can imagine, I have a large amount of data that is very securely encrypted, and do a lot of things online that require secure access. If something were to happen to me, what would my wife do?
This type of disaster planning is at direct odds with conventional security wisdom. On one hand we say "never share your password with anyone", but on the other hand, that's almost exactly what you must do in case something were to happen.
It's not an easy scenario to solve, and not all solutions work for everyone.
But solve it you must. I think it's critical for those of us who would leave behind a confusing, encrypted, password protected digital mess to take steps to ensure that the right people, or the right person, would be able to have access and make sense of it all.
•
Who Do You Trust?
As with so many things, it boils down to a matter of trust. Who do you trust? And are you absolutely positive that, having trusted them today you will still trust them a year from now? 5 years from now? 20 years from now? How many friendships, relationships and even marriages last that long?
No, you don't have to commit to 20 years of trust - depending on how you set things up, a quick password change or two can instantly protect you from a relationship where trust has been lost. Hopefully, you'll have detected that change in trust early enough.
If you choose a professional, will they still be around? Will they still have your trust?
Steve and (other) Leo discussed a scenario where you give each of two people half your password, so that they have to agree that there's cause before using it. That's a possibility, assuming you can trust that they will agree when you would want them to.
Regardless of who you trust, you'll have to keep that question "do I still trust them this much?" in the back of your mind. Whenever the answer changes, then you'll perhaps have to go through the effort of protecting yourself from the previous "trustee" and find someone else.
It's not easy, but it is important.
•
Keeping it Simple - One Approach
Once you have someone you trust, what is it, exactly, that you give them? On one hand you don't want to give them every single password to every account or encrypted thing you might have. Not only is that another opportunity for your passwords to accidentally be revealed to others, but you also have to keep your friend updated every time you change one. Chances are you won't, and as a result, if they're ever needed, the passwords your friend would have are out of date.
You certainly don't want to use a single password everywhere. Yes, it would make it easier to hand it to your trusted friend, and even easier to update him when you change it. But it would also make it easier for a hacker or other bad guy to instantly have access to everything should that password ever leak out.
Here's what I do, presented merely as one example for your consideration. I think it solves most of the troublesome problems.
-
TrueCrypt: All of my key data is on a TrueCrypt mountable volume. That includes everything sensitive and everything that would be required to carry on in my absence. It's a volume that I use every day, so by definition that data is always up to date as well.
-
Readme.txt: In the root of that volume is a "readme.txt" file that describes what's on the volume, including what's important, and what might not be. It's a plain text file, guaranteed to be readable on any system at any time. There's also a document (typically somewhat out of date but better than nothing) with additional disaster instructions and requests.
-
PassPhrase: That encrypted volume is protected with a lengthy passphrase. Easy for me to memorize, and virtually impossible to guess.
-
Backup: The encrypted volume is periodically uploaded to a secure location on the internet. This is in case something happens to my home or my computers in addition to myself, or even as a backup for my own use should my computers become inaccessible.
-
Trust: I've printed the passphrase out on paper, and included additional basic information such as the secure location of the backup copy of the encrypted volume on the internet. I've placed it in a sealed envelope in a secure location in my home that my wife knows about, and also given sealed envelopes to two extremely well trusted friends - one local, and one out of the area. In the time of a disaster, any one of the three would gain total access with that information.
-
Revocation: In the unlikely event that I lose trust in any one of the three, I change the passphrase on my encrypted volume, and make sure that all backup copies are replaced with that new one. All I need do then is update the printed instructions with the new passphrase and hand it to my (new) trusted friends.
On the surface it seems a bit much, but realize: many of these steps are steps you should be taking already. You are protecting your sensitive data, right? You're backing up, right? Perhaps you are even using off-site backups if that makes sense for your situation?
What I've described above boils down to a little documentation, and a couple of simple additions to what I was already doing to ensure that things would be accessible after my death. The same holds true for you. You should already be making sure that your data, your passwords and your identity are somehow secure. Chances are building in a secure recovery mechanism for disaster recovery isn't going to be all that difficult.
Trusting the right person should be the part requiring the most thought. The rest is, essentially, just paperwork.
Article C3495 - September 8, 2008
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
IMHO, like Leo says, every solution ultimately depends on trusting someone. A friend's wife walked out on him and filed for divorce. But before moving out on my clueless friend, she cleaned out their joint bank account to the extent that my friend had to depend on his family for even day-to-day support. And she was "the" loved one. Who can you "really" trust in today's world?
Banks or established Law Firms are neutral safe places. The account and safe deposit box can have a nomination facility whereby the nominated person has to produce a death certificate or a living trust assignment to access the account/box without a lengthy legal proceedings.
Posted by: Cynic at September 10, 2008 4:00 AMThree words: "Safe Deposit Box".
Keep an envelope containing a list of your major passwords (no need to disclose them ALL, only the ones your loved ones are likely to need!) in your Safe Deposit Box. Safe Deposit Boxes ONLY become accessible to someone else after you're dead, so by definition there is no risk of premature access by anyone else.
Yes, of course, there are problems. There always are! First, there is a yearly rental fee, typically around $30.00 or so; this isn't much but it may be a nuisance. Then, you need to update the secured information regularly, which usually means a special trip to the bank (another nuisance); and for your loved ones, there will almost certainly be a significant delay before access to the Box can be obtained. Still, it's a good sight better than no plan at all, and for many (perhaps even most) purposes it may well suffice.
Hope this helps!
Posted by: Glenn P. at September 13, 2008 9:17 PMReading your current newsletter I came accross REXFORDS solution to "WHEN I DIE".
Posted by: David Burlakoff at September 16, 2008 7:47 AMHis methods are the same that I use with my trusted heirs, with 1 additional step. Every week I send an encrypted e-mail that includes any NEW or updated accounts with the passwords for them, that I have started so that they are ALWAYS up to date on what & where my accounts are.
What about including the passwords in your will?
15-Sep-2011
Posted by: Joseph at September 14, 2011 7:52 PM
There is a web site called Deathswitch.com where you can arrange for an email message to be sent if you do not respond to prompts. There is a free version and a paid version. I have used this, and tested it sending info to my other email adress, and it does work. Because of my health I currently have it set to one year.
Posted by: Susan Harper at September 18, 2011 1:26 PM