|
#cybersecurity zealots often shame humans for writing down their passwords, but as someone who just had to excavate the digital remains of a loved one who died suddenly: *please* write down your credentials somewhere a trusted human can find them, especially your phone passcode and any primary passwords (like for email accounts, password manager, etc.) the humans who care about you will need that access for many reasons; a "badass" threat model will only add helplessness to their grief 99 comments
@Donatella that, at a minimum, yes. safety deposit boxes can also work. but I still believe the most compassionate thing is to make them accessible elsewhere, like in one's home. when there's an unforeseen crisis, not everyone may know who the lawyer is and may need immediate access into accounts (eg for bloodwork results from other providers, to cancel appointments and other financial burdens, etc.) if you want to still be sneaky, hide your critical passwords (and backup MFA codes!) behind a photo frame or in a random book or whatever, but *tell* whomever you trust most where that place is, or at least write it down in the place they're most likely to look if you pass unexpectedly. ask the same of your loved ones, too. no one deserves the pain of navigating customer support trees and the other kafkaesque hells of accessing accounts when they're already submerged in grief. loving is leet.  @shortridge And it can’t wait until you’re dead. You can become temporarily or permanently disabled and need a delegate to handle things for you. @wendynather precisely. we live in a stochastic reality and must prepare for that, even if it creates some existential dread in the meantime. that's why I don't recommend just putting it in your will, too; put it somewhere in your residence. (and like, if someone is breaking in for the purpose of accessing your devices, they can just wait until you're home and break your kneecaps anyway if you haven't written it down. for the vast majority of ppl, it's such a silly threat model) @sassdawe @wendynather this does look really useful, thank you for sharing it. listing out subscriptions is useful for anyone, too. another thing I had to do was scrutinize credit card statements over the past ~12-14 months to enumerate services and subscriptions. thankfully, this person purchased a lot of subscriptions through the App Store, which made it much easier to cancel. most of the others had creds stored in their iOS Password Manager, so it was easier than it might have been. @shortridge @wendynather I did this for my wife about a year ago and it's a really nice peace of mind thing. In our case it's a laminated page with a few of the most important login creds, plus the login to a password manager for all the rest. It's kept in a lock box with other important docs, hidden in the house. It's actually come in handy a couple times without any tragedies happening! @shortridge another key takeaway for me from excavating the digital remains of a loved one who died suddenly: usable security or bust. in my case, the iOS Password Manager saved the day because it stored their creds by default as they used their devices. ...but they found the 2FA app so confusing that they offloaded it and never saved the password to it. SMS 2FA may be more insecure, but it confused them less and meant my access to their phone = access to 2FA. Security isn't the only thing that matters. @shortridge now that iPhone keychain can also act as a 2FA device I bet that’ll get easier. Not easy.  @shortridge Ugh. My tax account uses SMS 2FA. Will have to tell my spouse to hang onto my phone for a while until everything is sorted. She has the password to my password manager. But soon Apple will require touch or Face ID to change some security settings. Can't wait to see how this shakes out. @dan613 there was a very real moment when I told the deceased person's spouse that we might have to wait on cremating them to use their thumbprint. thankfully, we guessed their device passcode correctly (it wasn't written down anywhere). it's uncomfortable to think about this "use case" when designing or implementing, but sudden incapacitation can happen to anyone so imo should be taken more seriously.  @dan613 @shortridge pretty sure you can have 2 faces, something "alternate appearance", cant check right now, @cy @shortridge Yes, for wearing glasses or a mask. Not sure if there has to be some overlap in the faces or if they can be completely different. @dan613 @shortridge anyway, since face/touch is only a convenience option for the phone password, just write Up that password and put it somewhere safe next to the others :) @shortridge Went through this a year ago and had similar experiences. If I hadn't been a very knowledgeable tech person I would not have been able to get it done, and that's a bad situation for all those who are not.  @shortridge NIST dropped the verbot on writing down passwords. Writing down is a good idea. A better idea is to use a password manager, which would also document all the accounts you have. The password manager also generates high entropy passwords. You can give your loved one an uptodate copy. Have it password protected, but then there is only one password to have on paper. I use Keepass @shortridge I would prefer webauthn/passkey with yubikey. You'll need a backup token anyway, so just tell your person how to use it. (actually get them yubikeys for their own accounts, too) @cy you are vastly overestimating the usability of yubikeys for non technical people, especially the elderly. many elderly people no longer even have fingerprints, too @shortridge it is "plug into USB, press button when prompted", how is this more complicated than typing a code from an SMS? And you don't need fingerprint for it @cy @shortridge This is so far from the truth for non-tech savvy people. For me it's ok if my mum builds passwords from the first letters of long sentences like I explained to her 10 years ago, she can cope with that, I won't explain new ways of managing pwds to her every 2 years because that only makes her insecure and then she just takes insecure pwds @cy @shortridge bro, I have worked in tech for 30 years and Yubikeys are still largely unusable to me. Because in order to use them you need to A) know where they are, B) have a device with the right port and software, C) have everything configured, and D) have *physical access* to the relevant port, while also seeing the relevant screen. As a disabled person with severe ADHD, chronic pain, and other health problems, coordinating all those variable for every logging is fucking impossible. @shortridge Also, if you're a geek, setting up a mini "corporation" with a password manager that allows takeovers is also an option. FWIW, the Bitwarden approach seems quite elegant (although thankfully I've never had to use it in a real situation). Definitely not a good approach for a non-techy person, though. @tyler the non-techy vs. techy approach is so important. because if you're a techy person and have an unexpected health crisis or pass, the non-techy people who care about you will struggle to navigate everything, compounding their sense of helplessness. and, in my case, I deeply regret setting up an important account for them (photo storage) with app 2FA vs. SMS 2FA. It clearly confused them, so they offloaded the app and it means I still don't have access yet (but working on it).  @tyler @shortridge this is great until the non techy person you leave behind can't figure out how to use or maintain the bitwarden server. @shortridge Yes! And if you're SUPER SUPER paranoid about someone stumbling across the keys, break it up like the Dragon Balls or Coke secret recipe. Give part of the password or some of them to one person, others to another. Just make sure to let them know WHO to work with. Definitely more risky for your loved ones, so consider that, but at least choose this over not doing at all. @shortridge yes, *tell*. In our case, the person didn't, so whatever was on those machines is gone forever.  @shortridge The right options really depend on your life circumstances, threat model, who you'll be leaving behind, etc. But regardless everyone should think about this and make a plan that works for their circumstances. @dalias @shortridge that is the one thing where GitHub is ahead compared to many services: there you can leave a 'who should inherit my account should I die' contact behind. @shortridge I have a digital assets section in the wills I do for my clients just for this reason.  @shortridge It's bad enough getting financial institutions to take any notice of a power of attorney when the person involved is still alive.  @shortridge also have a will. Put it on your will. They might forget. Put it in the document  @shortridge @shortridge first, sorry for your loss. I’m one of those cybersecurity zealots (?) and this is a use cases where I can agree. I think the real trick is putting in a spot where its accessible but otherwise safely tucked away. As morbid as this might sound everyone should have a “in case of death” folder/safe/lockbox/thing. Even before cybersecurity or smartphones or the internet were things, I’ve heard stories of so many households falling into disarray without one… @avoidthehack it's true, a "in case of death / emergencies" file or box is so useful. and usually it's not that difficult to obscure it within a residence. no one wants to think about their demise or incapacitation, but it's worth preparing the basics our trusted humans might need in that situation... and organizing it in a way that assumes those humans will not be thinking clearly, either. @shortridge I agree. I’ve got what my family calls a digital Fort Knox so I should probably get on organizing my own in case (well, when) I bite the dust. In any case, I hope you’re doing at least ok. @avoidthehack @shortridge Obv it's NOT morbid, and maybe a step toward reframing our inevitable mortality is to call it "UPON death," not "in case of," as though death were something that might or might not happen to us. @callisto you’re not wrong. It’s wildly uncomfortable to think about your own mortality… even though it’s inevitable.  @shortridge I have seen in my immediate surroundings what a pain that is. Have configured Emergency Access in Bitwarden, so my wife (after 1 day) or my sister (after 7 days) can get access to my full vault in case something happens to me. Not a fun topic to discuss, but peace of mind now. Can only recommend. @shortridge As someone who hosts a bunch of stuff for my family, I have a document on what they need to know if something terrible happens to me. Armed with that, one of our geek friends should be able to help them recover everything.  @shortridge Print mine monthly and place in the fire safe for my wife  @shortridge I cannot second this advice strongly enough Write down all your passwords (or at least all the important ones like mail, banking, etc.) and store them in a fireproof container with your will, passport, and other important legal documents You might not be around to be thanked, but someone will be extremely appreciative  @shortridge Wise. ⬆️ Have done so. Opened a word-processor document, typed them in, printed it out, killed the doc without saving, put it in sealed envelope, gave to spouse. (That way spouse won't have to struggle with my appalling chicken-scratching.) Don't forget your phone PIN so people can do 2FA as necessary.  @timbray @shortridge an example to explain this is logging into a TV streaming service without the primary acct holders phone. Not easy at all. @timbray @shortridge Perhaps along with some basic instructions about how things are linked together, especially for non-technical. For those of us that use our own domains for email (or maintain it for others), the list of infrastructure is longer. Convert SSH keys to QR codes. Printed, and then mailed to trusted individuals to be used to get into everything when I pass. I should probably take more time to document what they are to be used for, but at least there is a way to get in to everything if that need arises.  @lordbowlich Yeah thats part of why I treat some of my password manager vaults like the most secret of secret. @timbray @shortridge For Apple people, you can add a legacy contact, no need to share password files. https://support.apple.com/en-us/102631 @shortridge and like data backups, do a test run once in a while. I use a password manager, and I need to remind my non tech spouse to practice with it so they can access things without being even more overwhelmed should catastrophe strike I have an "in case of emergency" thumb drive with access to the core keys that are needed to access anything else driven through my password management, as well as instructions on how to make use of it.  @shortridge @timbray I asked my parents to keep a hardbound notebook labeled “PASSWORDS” in a desk drawer containing a few master #passwords that are either direct or serve to unlock a #PasswordManager. I tell them that those should rarely change; otherwise, the book gets filled with sometimes-scribbled-out, sometimes-not entries, and only they know which is correct. @shortridge Thank you so much for this. Seeing this is such a balm as someone who is currently also enduring this process. @shortridge any online thing of value should have it's access information saved on paper or a usb stick in the same place you put your birth cert social card and the title to your car/house. Fire safe, safety deposit box/etc. @shortridge @Meyerweb My wife knows how to access my stuff. Maybe I should expand the circle to a trusted (grown and mature) child.  @shortridge did that a while back, and I update it. Literally called “John done got hisself daid” @shortridge I lost my yubikey once. I was the legit owner of the accounts I needed to regain access to, and it was a freaking annoying weeks long back and forth with customer service. I can only imagine how stressful it must be while grieving. On that note: I’m sorry for your loss.  @shortridge Somewhere we lost the distinction between "writing the password on a post-it on a monitor in a shared office" and "writing the password in a logbook kept in a safe place", and that's tragic.  @shortridge Another advantage of a password manager: You only need to leave behind one password for them, which unlocks the rest. @shortridge so much this, folks. I went through this when my (all-digital, no bills or statements via the postal service) father passed… and his phone was stolen which made all the 2FA even harder. @shortridge When my Dad was dying, he gave me the master password to his password manager. I was able to log in, download the information as a plain text file. @shortridge @shortridge hopefully I don’t need it any time soon, but on iOS there is the Legacy contact feature which would give my survivors access to my iOS Data… https://support.apple.com/en-us/102631  Yep, I used to be one of the people who snootily mocked those paper "password journal" books Then I realized how sensible and practical a local paper home record of one's passwords are I have one myself  @clive @shortridge Yep, a small index card with your main desktop/laptop login credentials and the way to log into the password safe thereon is a great thing to keep in a fireproof box for your spouse or children. 100% requires no api to access and can't be easily hacked/stolen by someone outside the house @shortridge And it gets even more complicated if you use hardware based keys and it’s lost or destroyed (thinking car accident). So we have a safety deposit box with the keys to the 1Password account and a backup Yubikey. Plus some instructions on where to find the documentation of the IT infrastructure and online services so that someone versed in these things can help wind stuff down. I often think about that. What if something happens to me and people that will take care of things that I left, will only have more trouble? I wonder... Thanks for sharing this 🙏 @shortridge @briankrebs Yes, with a caveat. I've often endorsed writing down important passwords. (My spouse has a copy of mine; I know where there's are stored.) But—and for some people, this is significant—if you live with someone untrustworthy, including an intimate (and possibly abusive) partner, it could be a very dangerous thing to do.  @shortridge I'm sorry you had to do that. #Apple and #Google have procedures in place to make provisions for this beforehand. My wife and I have done it.  @shortridge thank you for raising this issue. I had to deal with this when I became my father’s caregiver through dementia. By this time he was divorced and socially isolated, and even with a ton of his information, there were all sorts of things I couldn’t make heads or tails of. The only people who need to exercise super-security are journalists who work in conflict zones. The rest of us are not going to have identity thieves ransacking our homes. They'll do it on the web, from people who sign up for 'special offers' on youtube.  @shortridge @shortridge Sorry to hear you have to deal with this on top of grieving the loss of a loved one 😞 Hope you can take time to start processing at some point. Take care! @shortridge  @shortridge i think what make security less secure just in case is a bad idea which works against basic idea of security, all or nothing if put it simple.
i am evil selfish ass, and all my secrets will die with me, i am completely ok with it, and data intended for others should not be locked in the first place. |
Gregory's Server
@shortridge
If possible leave them with your lawyer