
Ask HN: Should I put our passwords in our wills? - ahmednuaman
I&#x27;m just thinking about if we died all our documents, financial records, etc... are on our machines and cloud services, but where&#x27;s a good place to stick our passwords just in case something happened to us and our families needed to access the information?<p>Eg: http:&#x2F;&#x2F;www.bbc.co.uk&#x2F;news&#x2F;technology-26448158
======
mmacvicarprett
I am using the emergency contacts feature in lastpass, this contact can ask
for access, lastpass will contact and allow it if you don't respond in a
configurable amount of time (i.e 24h, 1 week, etc). I have 2 emergency
contacts, one with a long period and my wife with a shorter one. I also use
secure notes to include information about important things that only I might
be aware.

~~~
ezekg
So does that mean they store your passwords in some other way as opposed to
only storing those encrypted with your master password? I’ve only used 1pass,
so maybe it’s different, but that seems sketchy that they can just access your
data without your master password to decrypt things. Or is this recovery
system all handled locally on a machine you own?

~~~
RKearney
[https://helpdesk.lastpass.com/emergency-
access/](https://helpdesk.lastpass.com/emergency-access/)

From the documention:

LastPass uses public-private key cryptography with RSA-2048 to allow users to
share the key to their vault with trusted parties, without ever passing that
information in an unencrypted format to LastPass. When Emergency Access is
activated, each user has a pair of cryptographic keys – a public key to allow
others to encrypt data for the user, and a private key that allows the user to
decrypt the data that others have encrypted for them.

The key used to encrypt and decrypt your vault data is encrypted with the
Emergency Access contact’s public key, and can be decrypted only with their
corresponding private key. When setting up Emergency Access, you are using the
recipient’s public key, encrypting your vault key with that public key, and
then LastPass stores that RSA-2048 encrypted data until it’s released after
the waiting period you specify. Only the recipient can decrypt the data, so no
one else can decrypt it without access to the private key of the recipient
you’re sharing it with, which is encrypted with their master password key.
This process is completely automated, with no action required by the end user,
and ensures that the data is inaccessible by LastPass or outside parties.

~~~
ezekg
Awesome! Thanks for the info.

------
Top19
Safe Deposit box with emergency unlock codes for 1password or Last Pass maybe?
That should be pretty straight-forward.

You would need to make clear that they would need your phone as well for MFA
codes, so if you have a phone password (you should) make sure to put that in
the deposit box or notes section of 1password/LastPass.

~~~
kockfre
I would also recommend a Yubikey or something, in case MFA is needed.

Nice story here about this topic:
[https://www.buzzfeed.com/nicolenguyen/digital-death-plan-
pas...](https://www.buzzfeed.com/nicolenguyen/digital-death-plan-
passwords?utm_term=.yhQQD2gnW#.mqEm8PB5G)

------
logronoide
I’m not sure about passwords. But I have left clearly explained how my family
should use my private keys for my Bitcoin and Ethereum cold wallets.

~~~
sova
"Do not hastily throw any hard drives away."

------
hourglassassin
It would be better if you put a password hint on your will that only your
beneficiaries could figure out; do not directly give the password.

------
billsimms
There was a newspaper column a decade ago urging people to write a "Read This
If I am Dead" document describing how to actually find and do all the large
and small things that you want done when the contents of your brain are gone.
Thinking carefully about that, writing, revising and simplifying it to the
point that someone will be able to actually do that when I am gone is probably
the best thing I ever did. Google used to be able to find the contents of that
column, but it appears gone now. There is a book now "Read This When I am
Dead" by Presley and Howard on likely the same subject.

~~~
ahazred8ta
Humberto Cruz, "A family records organizer", in the Boston Globe, 2007 ----
[https://archive.is/SjTWI](https://archive.is/SjTWI)

"In essence, "Read This If I Am Dead" is a living, loving, and constantly
evolving little book I write for my family. You can do the same..."

