

When I'm dead, how will my loved ones break my password? - emontero1
http://www.guardian.co.uk/technology/2009/jun/30/data-protection-internet

======
frossie
Personally, I enjoyed most this comment from the bottom of that article:

 _So let's get this straight; you don't trust your wife, you think your
daughter will grow up to be a nut job, and you're worried that your close
friends will turn against you. Man, I'd just hand it all over now. It sounds
like you have nothing to live for anyway._

Maybe this should be a unit test for whether you are ready to marry somebody.
If you can't bring yourself to trust them with your password - and trust them
not to use it - you have commitment issues. :-)

~~~
sofal
I'd go even further than that. I trust my wife with all of my passwords and as
far as I'm concerned she can go ahead and use any of them at any time for
anything she wants. It's really not a big deal. I married her, for heaven's
sake. What kind of secrets do you keep from your own wife? Sounds like a
Hollywood marriage.

~~~
baddox
Your spouse is still a human being, so you can really only trust them to the
extent that you can trust the most trustworthy human beings. Of course, there
should be unparalleled trust between spouses, but there are still times when a
password should be secret. Passwords to resources regarding one spouse's
employment shouldn't be shared with the other: if not for the trust issue than
simply for preventing liability. Also, while I might trust my spouse not to
deliberately abuse any password-protected resources of mine, I might not trust
the security-awareness of my spouse, e.g. carelessly saving passwords in
browsers on public or shared machines or simply underestimating the importance
of password secrecy.

~~~
frossie
_Passwords to resources regarding one spouse's employment shouldn't be shared
with the other_

I totally agree with this: however passwords/passphrases related to my
employment are not something I worry about in case of my untimely death - they
are known (or can be reset) by my employer.

~~~
baddox
True, that example drifted off topic, but I was responding to the notion that
there should be NO secrets between spouses. I suppose there's a difference
between a secret and simple nondisclosure. Your spouse should probably know
that there's something you simply can't or don't need to tell them because of
security reasons.

------
aristus
This is such a non-issue I really don't understand why it keeps coming up.
Write your passwords down and store them with your _other_ vitally important
documents like your checks, bank account records, passport, etc. Why make it
so complicated?

~~~
wmeredith
This. Why wouldn't you just put a password section in your will?

~~~
pyre
The problem with having it in a will is that there is a 'single point of
failure' to someone obtaining it.

He also mentions moving it out of jurisdiction of the UK, so I'm assuming he's
trying to prevent court orders from trying to force the contents to be
revealed. If that's the case, then it's possible that having a will
stored/signed with a lawyer in Toronto, Canada (or just 'another country from
where he currently lives') is not 'legal' or provides issues with the
execution of the will in the event of death. If that's true, then he has to
have his will in the UK with a lawyer somewhere. I assume that a court could
order his will revealed/unsealed if they thought that his password was there
and they were trying access the contents of his laptop... If it's possible to
have foreign-country wills, then that issue doesn't exist, but I suspect that
a will in a foreign country presents legal problems if it isn't outright
declared 'invalid.'

Of course, if he put it on his will and didn't tell anyone that he did; it's
possible that authorities wouldn't even think to go after it (or maybe a judge
wouldn't allow them access to it unless they had some sort of evidence that
the password was stored there).

------
byrneseyeview
Gosh, why go to all this trouble? Just have an unnecessary heart valve
transplant, and have the doctor inscribe your password on the new valve. Then
develop a serious booze-and-sodium problem (I guess margaritas are the most
efficient way to do this) until you absolutely cannot live without that last
remaining valve. At that point, nobody can access your password until you're
dead. Or, at least, once someone can access your password, you're definitely
dead, which is more or less the same thing.

~~~
Evgeny
Wait a second, there's still one thing missing ... you would then have to kill
the doctor who inscribed the password.

------
mynameishere
Just make a program that takes a password, and then (if correct) sends two
emails: One to your box, and then (a day later) one to whomever you're leaving
your data to. Tell them the password and then if they use it before you're
dead, you have a day to change everything.

~~~
tlrobinson
It should include a way for you to cancel the request, so if the person does
use it before you die you don't have to reset all your passwords. Basically a
dead man's switch.

I thought there were already similar services but only found this casualty of
the first dotcom bubble: [http://www.sfgate.com/cgi-
bin/article.cgi?file=/chronicle/ar...](http://www.sfgate.com/cgi-
bin/article.cgi?file=/chronicle/archive/1999/11/29/BU82176.DTL)

~~~
dkokelley
There are similar services but the author questions the integrity and security
of those services.

------
dejan
Hmm.. I see he missed on something BIG time.

How will his data persist if he is not paying the bills for hosting, Amazon S3
and so on. His legacy might not live up a few months after death.

I think this is a serious issue. What you blog and write today wont exists
after you unless you are a company. Soon I'll post an idea soon on aleveo.com
for this, be sure I'll post back on HN. Securing the data is the easy part
given it is persisted.

------
jf
Interesting, this seems to be the result of this post on BoingBoing:
<http://boingboing.net/2009/05/27/what-will-happen-to.html>

I liked Jacob Appelbaum's reply best: [http://boingboing.net/2009/05/27/what-
will-happen-to.html#co...](http://boingboing.net/2009/05/27/what-will-happen-
to.html#comment-504039)

------
dryicerx
I've always wondered about this, and one of the ideas I've been playing with
my head is the distributing the keys between a few people, and if something
were to happen, they can combine them to unlock my secret (all the keys must
be present)

SECRET xor KEY_A xor KEY_B xor KEY_C xor KEY_D = PUBLIC

This is kind of lame, but the same principle...

~~~
mcav
Interesting, but then if one person loses it, you're out of luck.

~~~
paulgb
If you want to get sophisticated you could use Reed-Solomon encoding to avoid
this problem.

<http://en.wikipedia.org/wiki/Reed-Solomon_error_correction>

------
hvs
Interesting analysis of a problem that I don't have. Either I'm not nearly as
paranoid as I should be, or I just don't feel like anything of value that I
will be handing over to my heirs (whoever they turn out to be) will be digital
in form. They'll get a chunk of cash and a bunch of computers with open source
software on it.

~~~
pyre
Maybe not files, but things like email account passwords and such would be
good. Also passwords to accounts that get charged on a regular basis (hosting
or something) would be easier to deactivate in the event of your death if you
heirs had your password (vs. needing to prove to the company that you're dead
or something).

At the very least, maybe an encrypted file or something with bank accounts,
passwords, etc in it would help them out. And it would be easier to update
than a will.

------
drhodes
I'll just get my passwords surgically implanted. sounds easier, and cheaper
than dealing with all the lawyers. sheesh.

------
gcheong
I've thought about this and wondered if it would be possible to create an
escrow service that would only give over the key when say an official death
certificate is presented or something like that.

~~~
pyre
Problem being government intervention can force them to hand it over. Unless
the company is in a place with laws that prevent that sort of outside
interference.

~~~
tomjen
Find a convenient tin-pot dictator and make sure to give him a good amount of
money to keep out of your affairs.

~~~
philwelch
The problem about bribing tin-pot dictators is that you're not always the
highest bidder.

------
grinich
It seems to me that the kinds of people who have data requiring this amount of
security usually have a lot of other people working for them on just that
task.

------
pchristensen
<http://legacylocker.com/>

