Low tech: I put my secret manager password in a physical journal that is locked in a fire proof, water proof vault and hidden somewhere only my partner and myself know where it is. I use a password manager. Everything else goes in the password manager.

This is what I do too, but be warned about “fire proof” - a fire that results in the total loss of your house will create enough heat for enough time that fireproof gun safes and smaller fireproof lockboxes will be destroyed, or even if not, their contents will get hot enough to combust anyway.

A bank safe deposit box offers a different security profile that’s probably more robust against fire because banks burn less often than houses.

It’s probably not practical to really be robust against fire without being buried several feet deep.

Another solution is to engrave your secret on something that’s stable up to household fire temperatures.

do you store stuff in a bank? could you tell me more about it? my account gives me access to one for free and been meaning to put a yubikey there for a while but never have

This. A physical safe provides something that you can't do digitally: It's hard, but not impossible to get in without credentials.

On the internet, it's either: Public for anyone in the whole world, or impossible to recover if anything goes wrong.

I've broken into Physical Safes using nothing more than a drill with a half inch bit (I was young and didn't want to drag myself to harbor freight to sacrifice a more suitable tool). Enough boreholes and I had access.

In hindsight, looking harder for the key would probably have been fruitful.

Nothing says you cannot trivially encode the paper password. Those in the know understand that you need to append “BoomShakalaka”, replace “A” with “Q”, or some other super simple modification to what is recorded.

Maybe the NSA would be willing to brute force the infinite variations from that starting seed, but it is still effectively locked for mortals.

sometimes simpler is the best. I am always on the move so vaults don't jive well with me. my concern would be for something to still happen to it, too. I'm trying to go by the principle of not putting all my eggs on one basket.

Alternative - my partner and I (and also two other close contacts) have password managers that contain each of the other one's secret. This was less an effort to help with the memory loss scenario and more of an effort to deal with death and access to services (especially to cease subscriptions and the like).

In a lower trust scenario you could probably use a lawyer as a broker of the secret (potentially even as part of a will).

Password managers like bitwarden also have emergency access features which can do this, with the caveat of trusting them to enforce the requirement of access only being granted after a notification to the account holder is not denied in some time period (but unlike the lawyer you're not trusting them with the secret directly)

Apple has this thing called Legacy Contact which allows the same but then built in to the whole Apple account. This includes devices as well as the iCloud ~~and attached keychains. Granted, it is another hoop to jump through compared to presharing keys with each other.~~

It would be nice if your Apple account could be unlocked with some other keys as well apart from the primary one, but I guess that is what Apple calls the “Legacy Contact Key”.

Edit: okay so the keychain is excluded from this. So back to storing each others passwords in eachothers keychain…

In general whatever kind of backup plan you have for when you die could also work in this scenario, you may just need to think harder about anything that you do not want have revealed when you die.

I like it. Perhaps you can use a weird idea of mine.

You can discard/modify part of a password before sending it to your backend. Then, when you log in the server has to brute force the missing part.

One could extend this with security questions like how many children pets and cars you own. What color was your car in 2024. Use that data to aid brute forcing.

The goal would be to be able to decrypt with fewer than 5 shards but make it as computation heavy as you like. If no one remembers the pink car it will take x hours longer.

ohhhh that's brutal haha! for context my app runs entirely clientside, but I get it, it's an interesting idea...

Other than passwords though, I also have stuff installed at home on a Synology NAS, a mail server, a VPS running some websites (my own, family, my wife's), Home Assistant, Family photos with backups etc etc.

I wonder who would not only have the passwords, but the know-how to manage the whole thing, at least to transition it to more managed services...

you're completely right! the app actually guides you on some of that, it generates a readme that gives you advise on what to document, but I agree you can't be too careful here, the passwords IS NOT ENOUGH.

You need to give people "a map" of where things are: https://github.com/eljojo/rememory/blob/main/internal/projec...

Don’t assume that anyone can.

If you want someone to be able to access it after you’re gone, either put 1000 BTC in it or leave instructions. Paper instructions in a physical fireproof safe is way easier to deal with than any digital encryption with no hints.

This kind of thing, widely implemented, would be a game-changer for dealing with assets after someone's death! I maintain my family's IT infrastructure (Google Enterprise admin, webserver etc) and I've been tempted to write down 1/4 of my password manager root password and give it to each of my family members - but then we run into the problem where if any one of them loses their shard, it's unrecoverable. Some kind of ECC would be great - ideally where I could print it out onto various bits of paper with a user-definable redundancy, or better still, some kind of reciprocal system where (say) 8/10 members of a trusted friend group/family ring could unlock any other member's password...

We care about this porblem and are actively working on it, like the OP we also settled on shamirs secret sharing with a time lock mechanism.

However, there is still the issue of the service provider going offline or out of business which we don't have a solution for yet.

We have started with a good password manager and will be adding digital inheritance/social recovery soon! [0]

Take a look, thoughts and feedback welcome.

[0]: https://saveoursecrets.com

Shamir secret sharing is the cryptographic thing that you want. You can can configure any M of N to be needed to recover the underlying secret.

(If you have a trusted third party, you can also enforce a cooling off period: e.g. that any attempt to access results in a notification to the account holder that if not denied within some time period, access is granted)

You can give your password, or part of it, to your estate lawyer to attach to your will.

This is obviously more cumbersome, and probably costly, if you intend on changing your password. I guess you could change the part of it you don’t store with them.

yes! I am starting to do some planning on that myself, that's why I'm in that kind of mindset. If you know more people in this space, please share this with them! would love to get feedback

aw, friend of mine built this way back in the day

https://michael-solomon.net/keybearer

https://github.com/msolomon/keybearer

no way!!!! I searched for a long time for a solution like this, many could encrypt using shamir but none took an actual file with browser upload and easy UX. and like, 14 years ago? my hats down to you my friend.

my zip bundles are 1-2 megabytes due to all the wasm, and you achieved this on so little. impressive job!

I'd love to hear what you think about mine, one of the differences is that it creates a ZIP file containing the recovery app in it, as well as a PDF with instructions for non-technical friends. Overall trying to make the recovery experience as smooth as possible.

but cheers, your version is the only one that I found that does basically what mine does, all the others fall short one way or another!

I wonder how many thousands or millions of useful projects are so well hidden that they are effectively nonexistent.

I also gave this problem some thought: https://github.com/cedws/amnesia

oh hey, nice timing! good name too, I see we're both on the same wavelength there. I'll link you from my readme!

For my personal passwords, I use Apple's password manager. It lets me share passwords with my family. I also created a folder on Apple's iCloud that I share.

https://support.apple.com/guide/iphone/share-passwords-iphe6...

https://support.apple.com/guide/icloud/share-files-and-folde...

Despite the convenience factor, it isn't great to use a manager tied into your own ecosystem. It should exist outside, with the minor factor of lesser convenience.

I suffered a traumatic brain injury (TBI) related to an e-bike accident two years ago. I woke up in the ICU after a short coma-like thing and the nurses/doctors asking me questions and it was clear I was answering for the 10th time or more, like we had all done this before, but I couldn't remember anything.

Thankfully my very long password I use for an encrypted Borgbackup I have was somewhere deep or untouched, but, otherwise I would have been fucked. Also, the backup codes Google told me they would always accept failed and it wasn't until I found a random unused Android device in a drawer that had been unused for a year was I able to get access back to my Google account of ~25 years.

I also had old Google backup codes fail a few years ago. Anybody who hasn't regenerated them in a year or two, I recommend you do so.

Well, this is disturbing news.

Make Google Takeouts a part of your backup routine.

Google services are best treated as a liability.

For this purpose Google offers "Inactive Account Manager" AKA a dead man's switch.

3 months of non-use is the lowest term available before it will enact. That's too long for most situations except maybe probate court

I don't use Google :(

That's an interesting idea. It's a good solution to the problem of sharing all your passwords with your loved ones posthumously. Typically that'd involve keeping everything in a vault which will automatically be released to your person of choice if you failed to reset it. The annoying part is having to reset it indefinitely. I like your idea where you share it with multiple people in advance but they would have to collectively decide to unlock it.

exactly! my hope is to offload some trust to the collective of my friends

Write down the password, print out recovery codes. Store them in separate buildings.

Tell someone you trust about where you left these pieces of paper.

a safe-deposit box at a bank works ok too.

i thought 3M had already invented the best password safe ;)

I think 3M also sells a $5 wrench.

master password on paper hard copy

that's so scary though! what if someone has access to it? or it gets lost when you need it?

Yubikey

I explicitly make it so I cannot regain access to my computer in the event that my memory becomes faulty.

I would be in an impaired state, and cannot function in way that would be conducive to either work or pleasure in terms of computer use.

That is to say, the entire reason why I have password security at all is to keep out people who do not know the password. If someone does not know the password, they should not be able to access the system. That obviously and clearly applies to myself as much as any other person. "If you do not know it, then you do not need it."

I agree in broad strokes. If I am incapacitated, that is when things like durable power-of-attorney, medical advance directives, and living trusts come into play.

The important thing is to ensuring your computer is not a single point of failure. Instead of losing a password, you could have theft, flood, fire, etc. Or for online accounts, you are one vendor move away from losing things. None of these should be precious and impossible to replace. I've been on the other side of this, and I think the better flow is to terminate or transfer accounts, and wipe and recycle personal devices.

A better use of your time is to set up a disaster-recovery plan you can write down and share with people you trust. Distribute copies of important data to make a resilient archive. This could include confidential records, but shouldn't really need to include authentication "secrets".

Don't expect others to "impersonate" you. Delegate them proper access via technical and/or legal methods, as appropriate. Get some basic legal advice and put your affairs in order. Write down instructions for your wishes and the "treasure map" to help your survivors or caregivers figure out how to use the properly delegated authority.

What if you forgot your password but retained all other memories?

Well see, that's why I keep my "password" memory stored snugly next to "breathing" and other such. If I'm walking around conscious, then I must still know my password.

asking the real questions here

No family, eh?