Hacker News new | past | comments | ask | show | jobs | submit login
Show HN: Passbox – Give access to your data only after you're dead (passbox.co)
110 points by mrdazm on Oct 24, 2019 | hide | past | favorite | 134 comments



The "How does Passbox work?" isn't clear to me. Is it encrypted at rest? Who has the password (or passwords), and is it just one secret key to unlock everything? Do my Trusted friends have to remember how to access Passbox, and a Passbox password? Am I notified if they do? How many of them do I need to select, and what if they die before I do, or move out of my life, or otherwise cease to be Trusted?

This all feels like it's trying to apply the web-SAAS model to a domain where it really doesn't fit.

I'd rather have a simple system where I could take any data, easily encrypt it on the client-side, and put it somewhere that's going to stay around for a long time (S3? thumb drive?). Then I give my lawyer the password and instructions on how to use it, on a sheet of paper. At any point, I can upload new data, replacing the old data. Digital security isn't as important because it's always encrypted before it leaves my desk. I don't need to maintain Trusted Friends because the only person with the password is my lawyer, who keeps it with my will.

Dealing with my possessions after my death is a solved problem. It's possible to simplify parts of it, but we shouldn't try to replace it entirely with another model that discards the good parts of what we have.


Here's a similar service with a straightforward description (I have no connection, I think I saw this on HN): https://www.deadmansswitch.net/

Personally, I know a handful of people I would trust to execute a non-legally-binding will who are also competent enough to combine a key and some encrypted data if they have both.


That's mine, by the way, so I'm available to answer questions if anyone wants.

I'm actually planning to rewrite it and move it to a new stack soon. It also accepts cryptocurrencies if you are so inclined (you have to email me to arrange that, but I'll add a payment processor with the rewrite).

I plan to add some more features with the rewrite, mainly file hosting for a monthly fee (many people have requested it).


If you don't already have it the ability to specify multiple check-in email addresses would probably be good. Too many ways to lose access to email accounts for that to cause distribution of "if you're reading this then I'm probably dead" messages.


Ah, good idea, thanks!


I'm not a native speaker, so maybe there is some nuance I am missing... Why not a "dead person's switch'? Is legacy control a male only thing? Nevertheless, great service indeed!



Ah! Thank you, I learned something new!


What I really want is 2FA login.


Oh that's definitely coming.


That's awesome


This is more or less what my lawyer suggested when I set up my will with her.

Apparently very few people have ever asked her about this.

I don’t think it has yet become part of the checklist for arranging one’s affairs.


At one point I was considering a Shamir's Secret Sharing based idea with the thought of especially targeting lawyers as a key part of "digital estate planning". The trouble happened that the more I talked off hand with various lawyers about the idea, the more it sounded what I really needed to make was a political lobby first (and that's not something I'd enjoy).

We have a lot of estate laws for arranging physical goods. We have almost no digital asset rights that survive our passing. Most of our accounts are explicitly locked to our lifetimes in Terms of Services agreements (generally, they are between me and only me and the service).

There's likely going to be some big political battles over the next decade or two as folks with big Steam collections or Movies Anywhere accounts or Dropbox file stores pass on and try to pass those digital "assets" to surviving family members.

So my "simple" idea of "I want to build a tool for lawyers to securely write down and file people's passwords in their wills/trusts" became a giant rabbit hole of "securing the will/trust may not be the hard part, making sure those passwords are useful to survivors is a very hard problem that currently everyone is kicking the can on".


In most cases, like Steam and Dropbox, those services don't seem to check or particularly care that you are the original account owner. They do two factor authentication, security questions, etc, but that's just trying to make sure you haven't been hacked, and preparing for it would be part of giving someone secure passwords in your will.


The point is that lax enforcement doesn't matter to lawyers when questioning the legal basis for something. If you are going to start encouraging every lawyer to start contemplating adding passwords to wills and trusts, they start to ask a lot of questions if that is something that can even legally be put in a will or entrusted to an estate.

We don't have good legal protections for that at all. Consider that some Terms of Service agreements, sharing a password at all, no matter the reason, is itself a breach of Terms of Service. That most services may not enforce such ToS clauses today doesn't imply that they won't start enforcing them tomorrow.

(Multi-factor is another land mine mess in digital asset rights. We barely understand how biometric locks should affect things like privacy laws, let alone has anyone really started talking about how you deal with a dead relative's thumbprint or "face ID" in their absence. Passwords are at least physically transferable, a lot of MFA, especially biometrics, is not.)


Did a lawyer actually tell you they wouldn't give a password to an heir?


They told me that they wouldn't pay for a service to securely provide passwords to heirs without the legal issues addressed first. There's a difference between "my client intended to include this bit of secret information to their heir and what the heir chooses to do with it is their responsibility" and "I'm going to encourage my client to work with me to sign up and pay for this service in order to entrust their passwords to future heirs" in terms of good old fashioned CYA [Cover Your Rear].

Which is a big part of why it needs to be a political lobby or working group: lawyers don't think anything about the ad hoc cases ("give this password to my heirs") because it is isn't their responsibility at that point other than storage and it isn't distinct from the rest of wills/trust documents. Then there is the problem that it isn't yet common enough for them to abstract it into a "class" and/or yet think to ask every client of theirs for passwords for continuity of digital estates/digital asset planning. As soon as they do start to consider the repercussions of the latter is when they do start to get antsy about their responsibilities (is it legal for every service, the answer to which is currently "no" [the discussion above], and then increasingly complicated follow ups such as can you "split an account among multiple heirs" and "what's the retail value if it needs to be auctioned" and so on and so forth). Lawyers at that point want the comfort of laws to back them up in any such responsibilities, at which time it looks necessary to start a political lobby to build digital assets rights into laws.


Thanks for checking it out! Apologies for not striking the right balance of brevity while also being informative for you. I'm trying to improve there.

All the sensitive data is encrypted at rest using a key/passphrase determined by the user. Passbox doesn't store it and can't assist if it's lost/forgot.

That key would need to be shared with your trusted users and they would need to create their own Passbox accounts. Only folks you assign to your account (via email) can request access to view your data. No one else.

On the standard plan you can assign as many trusted contacts as you'd like. This is potentially useful for segmenting who gets what collections of data.

Both you and the requested user are notified of access requests to your account and also of any approved requests. A group without assignees is shared with all the trusted users you've linked to your account if they're approved access.

Any trusted user you assign can be easily removed or replaced.

---

Again thanks for your perspective! This is one way I'm thinking about tackling it and appreciate other ideas.


Have you thought about secret sharing cryptographic schemes? Nobody gets access to your data until most everyone that has a share of the key agrees that something bad has happened to you.


I have - before this post even. It's been mentioned a few times in this post too. It's something to think about but not a current priority.

Thanks for the suggestion!

Oh, it's called Shamir's Secret Sharing by the way


I’ve given a lot of thought to this problem lately after becoming a parent. However, I just can’t picture trusting this to a third party. Ideally I’d store my master password to my password manager and give instructions on what accounts exist and what to do with them. By storing this on someone else’s server I’m at risk of that data being leaked which is effectively the ‘keys to the kingdom’. You can talk about encryption all you want but without knowing what’s actually happening with that extremely sensitive data behind the scenes I cannot trust your product. Perhaps a Bitwarden style model where the source is provided could be a solution? Because Bitwarden is open source, self-host able, and audited I can have some degree of comfort that my data is actually encrypted client side and stored safely.

Speaking of the problem space, what non-tech techniques do people use for this scenario? The best I’ve been able to come up with is storing the information in two safes and leaving instructions on how to open the safe in a will or with trusted persons. Other thoughts?


Although I haven't personally set this up, my plan has been to at some point:

* Put important documents and passwords in an encrypted archive or true/veracrypt container.

* Distribute the archive to relevant parties via physical media (e.g. USB stick), possibly put a public version online on somewhat reliable free hosting.

* Store the password to the archive (without any indication as to the purpose of the password) on a service such as the one in the article or an alternative, e.g. Dead Man's Switch

Because of the physical distribution of the archive, it makes it hard to change the secrets in the archive - but other than that it seems solid enough...

[1] https://www.deadmansswitch.net/


I created https://www.deadmantracker.com and am implementing the reverse of this but your solution is a good alternative that I might support too.

The way I saw it working was: * Encrypt docs into a compressed archive

* Upload encrypted docs to service

* Distribute password for unencryption using something not build into the service (tell them via Signal, or Protonmail, or a piece of paper, or word of mouth)

* Link for encrypted archive only becomes available once the dead mans switch is triggered

In the same way a password could be uploaded and only released when the switch is triggered. A service just can't hold both parts.


Interesting idea. I suppose it’s relatively low risk that the secret would be stolen and then connected with the encrypted archive. Thanks!


I bet someone makes a product with this someday https://en.wikipedia.org/wiki/Shamir%27s_Secret_Sharing.

You could in theory have a digital safe that you yourself can open with one key, and a quorum set of 2 keys that require both. You distribute 1/2 combination keys to your kids and keep one yourself. When you die your 1/2 key is passed to the kids who can now open the data. The keys themselves are useless without the other keys so anyone in the chain of custody of the key until it reaches your kids wouldn't be able to open the data. No one would have to have your singular key.


I've wrote https://bs.parity.io/#/ exactly for this; it also tries to avoid the most obvious opsec mistakes, like trusting your printer too much =)

BananaSplit is of very experimental quality, it hasn't been battle-tested and independently reviewed yet. But at least it's there, it's FOSS, and I encourage you inspecting the code, contributing to it, or re-hosting the HTML.


According to the post below they exist now. I'm hoping for recommendations!

https://news.ycombinator.com/item?id=21345210


You can play around with Shamir's secret sharing here: http://passguardian.com/


I hope you’re kidding about the two safes thing. Either hire an attorney for this purpose or accept that your family will have little to no recourse for challenging claims from individuals, businesses and family members who claim rightful ownership of parts of your estate. You can buy all the safes you want but they won’t hold up in court.

Even if you want your spouse to be your executor you need an attorney to receive your power of attorney immediately so that they can make him/her the executor. Without an attorney and notarized documents, if someone shows up with a piece of paper that says they get everything and it has your signature then their claim is just as valid as your spouse’s.


I think we’re discussing separate things.

The idea behind the safes is to store instructions for accessing a password database so loved ones would have access to the various online accounts. Think utility bills, banking, email, etc.

If the system for providing a third party (spouse, children, etc) access to online accounts is broken then surely you can see all the ways that ones life could be turned upside down.

I’m well aware that I also need an attorney and necessary legal documents for establishing power of attorney and executor of the estate. Would an attorney be an appropriate person to share the information about unlocking my online life with? I know they’re bound by various ethical and legal frameworks but it still doesn’t stop people from doing crazy things.


I like 1Passwords auth for this. There's a long key you need once (this stays in a lockbox), and a master password you need every sign in (safety deposit box with no information about what it is).


>I hope you’re kidding about the two safes thing. Either hire an attorney for this purpose or accept that your family will have little to no recourse for challenging claims

Silicon Valley: who needs accountants or lawyers?

Also Silicon Valley: how many safes do I need to ensure my spouse can access my KeePass database?


I feel like a bank's safe deposit box system coupled with an estate planning service is the traditional approach to this.


I store my information in a safe and happen to be extremely close friends with a few locksmiths.


Interesting! This was kind of my software engineering II project back in college a decade ago. I wrote it in PHP. You configured all sorts of different actions that would occur if you failed to check in every once in a while (there were lots of ways to kick the deadman switch down the road. A simple phone app, you could text message a number with anything, you could send an email..)

The idea was that you could configure "I loved you and never told you!" emails to out, cancel your electricity / gas, ask people to return your videotapes, send your top secret dossier to journalists, and give access to sekret treasure maps if you get eaten by a bear while on a hike.

I never had the moxy to make it public, but I always liked the idea. I wish you the best of luck!


Thank you so much!!

The version you built (dead man's switch + triggered workflows) is what I envision for a phase 2 if this goes anywhere. :)


A few comments:

- I think the pricing structure is way too high. $60/year is quite a bit for what you are offering. At that price, I would rather rent a safety deposit box with a bank and just tell my friends and family about it. That way, I can store passwords as well as physical valuables there.

- This seems a lot less useful than Lastpass's Emergency Access feature. Once i'm trusting a third party with my secrets, I might as well keep it to just one third party. Again, if the service was cheap enough, then maybe I wouldn't care, but $60/year is a lot.

- It also seems like a hassle to update my passwords in passbox every time I change them. I'm going to forget. I need it to sync automatically.


Are you sure you want to keep valuables in a safe deposit box? https://www.nytimes.com/2019/07/19/business/safe-deposit-box...


Thanks for your reply!

I’m not tied to pricing at all and had to start somewhere. There’s been pretty good discussion on it throughout this post. I’ll consider everything while also taking into account this being the HN crowd. I personally don’t think an actual safety deposit box compares both in terms of ease of updating its contents for digital-related items (which you also mention about Passbox in your last point) and for modifying access to it - physical key distribution and revocation.

How is it less useful than emergency access (assuming it’s not just the price which is a work in progress)? Also, I’ve built it to allow for you to segment who can get what so there’s the idea that you can have multiple trusted parties getting access to varying groups of data (or all of them equally).

I’m with you in the updating aspect. Currently one could update with csv exports but it’s not the most ideal scenario. I’ve got thoughts on this but nothing ready for public discussion as yet.

Thank you again for checking it out and commenting!


It is actually really hard to rent a safe-deposit box nowadays, because banks just don't offer them.


Get rid of $5.99 / mo, charge a flat $99 lifetime.

Monthly doesn't make sense at all for this kind of service. I have no plan on dying anytime soon.


Monthly can actually make perfect sense for this kind of service as a signal that the user's still alive. But yeah, $6/month is way too high.


I agree this is too high, but a better question is, will this service even be solvent in 50+ years? I don't even expect my Gmail account to last to my death. Maybe at that point, maintenance and support engineers will be entirely automated.


Are you presuming a scenario where the company would go dark with no notice?


While I agree that your pricing makes more sense to the customer, consider that $99 is only 17 months.

Someone who signs up with this service and sort of forgets about it or thinks about it like life insurance (just another small monthly bill), could be a paying customer for 20 years and ultimately be worth $1,200 to the company.

Couple that with the monthly fee model is much easier to pari with a "3 months free" offer, and the current pricing may be optimal for the company even if it results in significantly less signups or a less common sense pricing strategy.


>ultimately be worth $1,200 to the company.

Ok, then charge $1,200.

The price doesn't matter. In fact, $99 is very likely too little. I shouldn't have thrown out a token number.

I mean, it would cost ~$0.11 to store 1KB of data for 100,000 years [1]. I don't plan on living that long.

$99 would be more than enough to store 1KB, 10KB, 1MB for 100 years. Business-wise, death is big business, charge $1,000, $1,500, whatever as long as you can convince people it is worth it.

Emotionally it feels much better to pay a lump sum and now it is taken care of rather than having to swallow and maintain a monthly payment regardless of its size.

I don't want to look or think about my will every month. I want it to be done and filed.

[1]: https://aws.amazon.com/glacier/


Thanks for your thoughts and the clarification to your original point

I understand your set and forget mentality with respect to paying a single fee, setting Passbox up and then leaving it be. Does that change for you at all given the fact that digital items/accounts/etc get updated on occasion? You may also fall into and out of favor with trusted folks and may need to adjust who is allowed to access your account or even assign the data differently.

Other than this I like how you explained not wanting to think about the price on a recurring basis.

Thanks again


Free alternative: use one of several tools that implement Shamir's Secret Sharing Scheme to split your master password into chunks. You can create a bunch of chunks and require that at least a certain subset of them be used to recover the password.

For example, you could encode your password into 10 chunks and require that at least 5 chunks be presented together to recover the secret. Any 5 chunks of the 10 (in this example) could be used, but it is mathematically impossible to recover the secret with just 4 or fewer of the chunks (in this example). Thus, you could spread those 10 chunks among 10 trusted friends, the idea being that they would recombine the chunks only in the event of your death. Moreover, if you are not yet dead, at least five of your trusted friends (again, in this example) would need to betray you for your secret to be stolen.


What are some such tools that you know about/recommend?

I've also considered this for Passbox but needed to start simply.


Not the same, but you can use two-man crypto verification to make sure a file was signed/encrypted by multiple parties. Example: https://github.com/psypete/public-bin/blob/public-bin/src/se...


Take a look at Hashicorp's Vault.

https://www.vaultproject.io/docs/concepts/seal.html


Asking users to trust a random web service with their most sensitive data almost feels like a prank.


I'm with you. That's one of the big challenges I (and anyone in the space, I presume) would have from outset. On the bright side Passbox would only be random until it's not. The right news article, partnership or some other form of validation would inspire trust. It's not there yet but any company has to start somewhere and build up.


Maybe. "random" wasn't intended to be the focus of my comment. But even if, I can't see how something like this is feasible. Even with the best of intentions, services get hacked and they break. A tiny mistake (maybe some extra logging, now or down the line) could expose user's data. All services dealing with personal data claim being secure, until users receive that dreaded "we're sorry" email.

Maybe if you allow uploading files (that would be gpg encrypted by users, locally) with some mechanism to have their keys physically sent to their relatives in a way that you don't store it or even have access to it, it'd be something worth paying for. But at this point, one can just get a safety deposit box, and they can give their loved ones the encrypted file(s) even before death.


Serious question. Why wouldn't I just use a safety deposit box? Outside of the convenience of being electronic what benefit does this add over a physical storage space? The deposit box can store non-electronic stuff as well. When I die, I can pass the key over to the executor and that person can go through the contents etc.


To me I think that'd definitely work with static content/data and of course physical items. Things like passwords, accounts, devices and any special notes you may want to leave can change pretty often and presumably could become a chore to replace in the box and get neglected.

It could also be a hassle handling physical keys and also re-assigning who gets what. The barrier to having multiple and also changing accessors goes down.

Overall I'm not knocking the deposit box approach but it could be a little more work to maintain.


3 months ago: https://news.ycombinator.com/item?id=20545276

TLDR: it's not unheard of for banks to be downright incompetent at maintaining safety deposit boxes.


Hi all, original poster here.

I created Passbox after buying my first motorcycle and thinking that if anything happened to me on it I'd like for my devices/accounts/photos and such to not be walled off forever.

I'd love to hear your thoughts on the app, approach and any feedback in general! Thanks!


Cool idea but your pricing structure seems high. You should consider a one-time lifetime fee, it aligns with your business model.


I would be nervous with the one time fee the developer would give up on maintenance before I kicked the bucket. A monthly fee seems reassuring.


But what happens when your credit cards are cancelled after you die? That's a Catch-22 right there.


Alternative monetization strategy right there: keep paying us or we'll send all your secret documents to your loved ones / enemies :-)


It would be a shame if somehow, you know, being able to delete data became an uber-premium feature :D


I've thought about this. Not a final decision per se (and I haven't coded anything for the scenario) but I imagine I'd maybe have the third party accessing the data pay (up to a cap) to reconcile the account to make it "current" before giving them access - something like that.

It avoids folks signing up, canceling the card and then riding for free.


My 2cents, ditch the monthly plan, price it yearly instead. Monthly plans are for things you will actually use day to day like netflix, yearly are more like "insurance" products which is what this is, I think displaying the yearly option will be a better value proposition for people looking at it.

Second, I don't know what payment you're using, but seriously consider paypal if you're not already, because I'm pretty sure you can setup yearly recurring "subscriptions" on paypal and people are much more likely to keep their paypal funding sources up to date. So you're not going to have to nag them to update credit card info every couple years and they're less likely to have occasion to think "do I really want to pay for this", it'll just be pay automatically.


This also moves the point of cancellation to once a year and not monthly, or one month after.


I appreciate this. Thanks!

I'm using Stripe at the moment.


I would assume they pass your data to your chosen person then close your account so I don't see the problem?


That's an idea for sure. What could be interesting is cases of some credentials/data/whatever being shared among multiple folks. So do you wait until each person has viewed/downloaded then close? Do I (Passbox) notify everyone else if one person gets access then allow them all access? To be continued...


I would suggest a mix of both. The issue with lifetime fees is eventually someone will start to cost you money. I had a friend who sold some lifetime subscriptions to a VPN service, it's just not entirely feasible.

On the other hand, this is what I use BitWarden for, so my wife has access to important accounts and vice-versa. BitWarden does provide free shared passwords for 2 users.


And with lifetime pricing I don't like the idea of just keeping that money if someone churns. Maybe I'm just not enough of a hardened business person haha.

In your case with Bitwarden you're sharing access to your credentials and such with your wife right now, today, right?

With Passbox I'm looking to defer that access for data that makes sense. In my case I'm currently single and no one else has access to my iPhone but if I passed then maybe my mom or best friend should have that - as a hypothetical.


If you're sticking with recurring, you'll still need to keep the data for some time after the payments stop. The PR will be disastrous for you if someone passed away, and therefore the payments stop, and then all of their data is lost (worse: now imagine consequential financial loss from the loss of their data). I don't know whether you could be held liable for that or not.


Coincidentally just addressed that here:

https://news.ycombinator.com/item?id=21344759


That is correct, and yeah I see what you're saying. For example if both me and my wife were to pass away I don't know who would be able to access our things.


> On the other hand, this is what I use BitWarden for, so my wife has access to important accounts and vice-versa. BitWarden does provide free shared passwords for 2 users.

I just set my wife's email as the recovery address for my Gmail, figuring she can reset most of the important stuff from there.

But that's only a solution for "get into my accounts when I'm dead", not "share access to these things right now", and doesn't have the added benefit of a relatively secure password manager. And it ties you to Google, which may not be the wisest decision (but of course you could do something similar with a different service).


One potential benefit of something like a Passbox is that the important accounts would be ideally listed out vs having to guess what they are then reset the password via your gmail etc.


I don't think that's a fair comparison. VPN services have significant ongoing technical costs: bandwidth, servers, labour (upgrades, support, security, incident resolution) etc which you must pay monthly but are never recovered when charging a one-off price.

If you're finding that the users you're sharing your passbox with are requesting your passwords every day, that's probably signal enough to remove them so they automatically use the service less. I'd expect the lifetime marginal cost of an additional user here to be a very small percentage of the revenue for that client.


> If you're finding that the users you're sharing your passbox with are requesting your passwords every day

This is an interesting scenario I've thought about. Thanks for sharing!

It could be the case that once the "death trigger" happens there's a countdown for the requesting user to download the data and then I (Passbox) locks everything down or deletes the original data or something. To be determined...


Given cloud pricing structures and some basic actuarial tables, it shouldn't be too hard to put a reasonable limit on your resource costs. The real question is whether the cloud will last, or if you'll need to migrate everything off of AWS and onto something incompatible some time in the next 40 years.


Thank you for checking it out and for your feedback!

An initial thought I had was to look at it as being akin to an insurance policy of sorts and that's what sort of led me down the recurring revenue path. Definitely will consider one-time fees for the future! Thanks again!


Those types of insurance polices payout on an event, so a monthly premium makes sense as nobody can afford to pay it upfront.

I'd say your service is the internet version of someone creating their will, and leaving it with a friend or family member, which are all one-off costs.


Definitely. It'll be interesting for me to balance my recurring costs while matching with consumer ideals. To be continued...


Hi.

While I like the general idea, I do have mixed feelings storing so much valuable data online, on servers of a company I don't know, that operates in the US.


Thanks for checking it out!

Do your feelings change at all with knowing that the data is completely encrypted at rest and inaccessible by me/the company even though I have access to the database?


What prevents a 3letter agency from instructing you to:

1- give access to one of you trusted contact accounts

2- disable sending notifications to the account holders email

3- 3letter agency clicks on request data

4- data gets released ( as it will not get denied if the account holder does not receive a notification)


Thanks for this!

1 - Even with access to the trusted contact's account a passphrase/access key (specific to the main account and not stored by the service) is required

2 - Interesting scenario but still requires the above-mentioned access key

3 - Same as above two points even after being approved

4 - Won't get released without the key


> 1 - Even with access to the trusted contact's account a passphrase/access key (specific to the main account and not stored by the service) is required

I understand that your service is encrypting the data before saving it (vs that happening completely on the client and only encrypted data being sent to you), so there's nothing stopping you from logging it to a plain text file (even accidentally). Given that these passwords will likely hold the keys to that person's identity, that's a huge amount of trust that they need to have in you, your technical abilities and future decisions.


100% agreed with you here - no denying it - and no different from any service that we use where it's up to our trust that they will do the right thing. That said, I can for sure revisit my encryption strategy.

Overall that's one uphill challenge I've seen emerge as I've chatted with folks about the product: inspiring trust.


sounds reasonable, a couple more questions:

do i provide the trusted contact the access key or how does that work?

When is it generated?

What if add a new trusted contact or remove one how does that change things?


Bring on the questions! I don’t mind one bit. Feel free to tweet or email me if needed too (email at the bottom of the landing page)!

What’s funny is earlier versions of the landing page had way more detail for what you’re asking about and I got chided for it during user testing reviews haha.

Every user generates their own key (which can make it more friendly) and would need to provide it to their contacts on their own. It’s required to be set before you add any data.

Modifying users doesn’t change anything for me. Any new contact would need to be sent the same key or you can change it! Old users wouldn’t be able to request access regardless of knowing your (maybe old) key.


Hey! One of my best friends died in a motorcycle accident -- he was a developer as well (got me in the field!).

After his passing, no one knew how to get on his server and/or his domain registrar's account so as a result, someone else snatched up his personal site as soon as it expired, and pretended to be him for several years.

I really love hearing about projects like yours cause I'd definitely want to avoid stuff like that!


Wow. This hits way too close to home. Thanks for sharing!


How do I know you're still going to be in business when I die?


If this actually goes anywhere I personally wouldn't shut the company down silently. I'd have contact information for everyone involved to help them prep for its sunsetting.


What happens if you die in a server-related explosion?

That's a pretty easy way to shut down this service with no notice. Absurdist, sure. But that is the stakes with this kind of service.


Your feature list for Freemium includes both "Fixed 1-Day Access Wait Period" and "Set Your Own Access Wait Period."


I have _no_ idea what you're talking about. :)

(Read: Thanks a ton!)


I use https://www.deadmansswitch.net/

Saved a PGP encrypted message to some friends. One time fee of $20, but the free tier is more than enough. Super simple UX. I click a link in an email once a month.


My solution is to doubly encrypt a 7zip file with 2 separate passwords and send each password to a different individual so that they need to cooperate in order to access the information.

I wrote about it a while ago on my blog here: https://kylekelly.com/posts/share-your-passwords/

I'm wondering if I missed an obvious security issue with this solution?


they cooperate and steal from you


Why not print all that data out and give it to someone you trust or keep it in a deposit box which can be legally passed to your family?


Thanks for this. In my opinion that's not ideal because:

1. They'd have access right then and there

2. You could use a traditional password manager for that

3. Data changes could become more of a hassle to keep up-to-date


I’m surprised there wasn’t a lifetime plan for $5.99. The cost to store that amount of minimal data is moot. I would never pay monthly for something like this - but would likely jump in a second for my aforementioned plan.

Good idea thinking out of the box with your SaaS. Good luck!


Thanks for your feedback and compliment!

As you can imagine I had to pick an approach and run with it. Nothing’s set in stone and I’m considering the exceptional feedback throughout to see what changes I should make that are mutually beneficial.

Taking pricing off the table would you be game to give the app a test drive and email me your feedback/thoughts?

Thanks again!



500 error here


This service (Passbox) seems to be equivalent to LastPass's "Emergency Access" feature. See:

https://support.logmeininc.com/lastpass/help/set-up-and-mana...


LastPass is cheaper too. Or if you're really cheap, leave your lastpass login written down somewhere where friends and family will find it.


Thanks for this.

LP is cheaper depending on how many users you have. My current model allows for unlimited trusted users (people who can request access to your account) for the same price. LP charges per user.


Definitely but with more of a focus on the assigning/sharing of data primarily than being a pw manager.


If a person dies and their payment card stops working, does the account get suspended for non-payment?


I haven’t coded anything for that yet but my thinking is to possibly have the third party user pay the balance of what’s owed (probably up to a cap) to access the account owners data. Reason being that without that anyone could ride for free by using a card that is then canceled

Thanks for your question!


Another solution is to share the data with friends and family why you are living. Most services and passwords can go with you to the grave no dramas. Bank accounts etc. would be covered by a will. Access to domains etc.: Personal blog, who cares (just author in Github then someone can grab the source if they want) anything valuable domain wise should be owned by a company. That company should have procedures if you die and probably will share passwords between trusted owners or employees.


I don't disagree with you here. I just aim to offer a one-stop shop to get that access.

The ideal scenario too is for credentials, data, etc that's not currently shared between people when alive. So I, for example, as a single dude don't have anyone else with access to me iPhone, email, or Facebook. That's not something I'd just hand over to anyone just in case. In a Passbox scenario though then by all means!


> Bank-Level Security (using AES Encryption)

I know what they're trying to do, but "bank level" doesn't inspire confidence. Financial institutions have regularly clunky rules like max password sizes, and I've gotten a plain text password emailed to me by a bank before. I also feel like they're over represented in the Troy Hunt security shaming (https://twitter.com/troyhunt).


Thanks!


My trusted friend decides to try to access all my online accounts, and requests access to my Passbox. Passbox sends me an email informing me of the request.

Oops. The email from Passbox ends up in my junk email folder by mistake. I never see it.

After the waiting period, my trusted friend gets the information from Passbox and proceeds to wreak havoc with all my online accounts.

No thanks.


Thanks for your comment!

Email is the current approach I decided to _start_ with but isn't the only way to go about it. Voice calls, text messages and maybe even push notifications (if a mobile app materializes) are feasible approaches too.


For those (with gmail accounts) looking for other alternatives, Google provides something like a "Dead-man's Switch": https://publicpolicy.googleblog.com/2013/04/plan-your-digita...


Two concerns:

1. I don't think I can trust a new 3rd party with private data

2. I don't think this service will live long enough to be around for another 50+ years

This service makes sense for people who are highly likely to die or become in a vegetable state someday soon like stuntmen or intense sport athletes


I’m with you on number 1. It’s going to be an interesting challenge to overcome but I’m mindful that even the biggest of names today started from scratch.

Understood on your second point but should it be wound down it’s easy to contact everyone, provide a suitable sunset notice and allow off-boarding.

Thanks for your comments!


You should line up the free and paid features, perhaps in a table. I can't glance at a list of 8 items and a list of 10 items and distinguish what changed between them, so I'm not sure what I'd be paying for.


Thanks for this comment!


My method is to give half of a passphrase for a keypass file to family members. My attorney will hand over the other half.


There's another on, key2lyf.com which is really similar. I love these kind of ideas.


Thanks for the head's up!


What if Passbox dies before I do?



Wouldn't it be nice to leave 60$/year to those you really care instead?


$60 is a lot for something a notepad in your desk could achieve. Never mind any additional security risks caused by this.


I thought about doing this several times but backed off because of dark connotations with death :)


It took me a while to even mention death in my copy but I know I have to embrace it - it's part of life!


i rather die, then giving a 3.american company my PWs.


You'd really be giving the company garbled (read: encrypted) data and allowing folks you care about access to your actual data/passwords/notes/whatever.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: