[NikolaeVarius]

I have a similar and opposite problem. I would be fine with all my secrets dying with me, but what i want to protect against is me going into a coma/for some reason I forget how to access my accounts.

How to securely manage it so that only I can open it if my biological self is there? I don't trust bank safe deposit boxes and I can't put a safe worth using inside my Apt.

https://www.nytimes.com/2019/07/19/business/safe-deposit-box...

[ahnick]

I think you are going to have to rely on another human being (or perhaps a group of trusted individuals) even in that case. Depending upon what caused your incapacitation, you may or may not be able to actually retain and manage your secrets going forward. Put another way, if your wetware is damaged you may need a backup (aka trusted human) to handle your secrets on your behalf.

[vorpalhex]

Shamir's secret sharing is the algorithm for splitting a key and requiring only a subset of pieces (so you can disperse it to 20 friends but only need 11 to agree to reform the key).

This would give you protection both against the amnesia route (where you fall unconscious, lose your memory but are totally fine afterwards) and the route where you're unable to manage your secrets at all (eg stroke resulting in longterm failure to maintain memories or make decisions).

You'd still, for the total lose route, need a replacement actor (someone acting on your behalf) to assemble and receive the key, and be the keyholder moving forward - and you would likely need to leave instructions with the flock of people having pieces of the key on how to select or confirm your future keyholder.

[neartheplain]

I think you are going to have to rely on another human being (or perhaps a group of trusted individuals) even in that case.

Not necessarily. Bank safe-deposit boxes are a secure place to keep secrets. To guard against rogue bank employees, encrypt the stored secrets and keep the key at home on a sticky note. If you ever hit your head and forget all your secrets, just present your ID to the bank teller, pull the secrets out of the vault, and decrypt them with the key on the sticky note.

[brigandish]

In that situation I can see myself forgeting where I'd put the sticky note, or what it meant.

[neartheplain]

That’s why you write the whole plan down on yet another sticky note!

[brigandish]

Haha, believe me, I can make this plan fail if I haven't had my morning tea or coffee, let alone serious head injury!

[ibejoeb]

Perhaps just an old ipnone or android with a fingerprint sensor and another installation of bitwarden. You can keep the phone's passcode written down because its only use is to start the device. Then configure biometric log-in for bitwarden as an alternative to a distinct passphrase. In the event of a total blank, you should still have access as long as you retain a finger.

[jbverschoor]

Requires a passcode before allowing biometrics

[ibejoeb]

That's why I said write down the passcode and keep it with the device. The device itself isn't important because you're not keeping anything on it. Bitwarden encrypts everything itself. To my knowledge, once you enable biometrics in bitwarden, you will not need to use the master passphrase.

[chris37879]

Not the person you responded too, but I imagine you could likely get a custom firmware to allow biometrics whenever, if you can replace the kernel, you can generally make the device behave however you'd like.