[aunlead]

The pandemic has made me (re)evaluate how my family can get to my finances and online services. Such solutions can solve issues related to bank/trading account access and key documents but what about subscription services? All my subscription services from Netflix/Plex (less important) to VPN/Blackblaze (more important) are tied to my credit cards, which upon my untimely demise will be deactivated. My family will surely get locked out if I don't leave clear instructions on each of the services and how they can access them, etc. Then there is a technical aspect of taking over these service.

I'm curious on how others have planned around this?

edit: typo

[toomuchtodo]

Everything should be documented. We have a binder with checklists that walk you through gaining access to everything the other partner might need in the event of death (email accounts, domain registrar, bank and brokerage accounts, auto/home/life insurance, ongoing recurring bills of all sorts). Bitwarden databases are exported to paper, 3 hole punched, and put in the binder on a schedule. Both partners get setup with each other's 2FA OTP tokens. Have options? Agreement goes in the binder. Own real estate? Deeds, land trusts, LLC agreements, etc related to this go in the binder. If in doubt, print it out.

Either one of us can assume responsibility for the entire estate in about an hour or so, the only delay would be a life insurance benefit payout. If you have assets that your partner might not know how to facilitate liquidity for, or when to, pay someone you trust to manage that. Your gift to your family is when you leave the world, they can continue on without fumbling to wrap up loose ends.

https://getyourshittogether.org/checklist/

[BerislavLopac]

This is a good approach, but it requires having a partner in the first place...

[kimburgess]

If you don’t have a partner, or one single person in your life who you trust absolutely, you can distribute this trust.

Collate this same information, encrypt it and then use [a key sharing algorithm](https://en.m.wikipedia.org/wiki/Shamir%27s_Secret_Sharing) to split this encryption key across a set of semi-trusted contacts.

[ljm]

I'm single and living alone, no family in the picture. I have a very small circle of friends I love and who I trust implicitly. With their permission I ask them if it's okay to share some important things with them, in case the worst happens. Spare keys, contacts, etc. etc.

Those friendships might outlive any romantic partnership I do have in future. So I don't think it has to be a partner specifically. Of course, there are still some things that you might not share as openly even with that trust in place, but that doesn't stop you from having a backup plan.

[Hamuko]

Couldn't you have that binder laying around in your home anyways? I imagine my family would be able to gain access to my home if I die (even though not one of them has a key).

[cmg]

I downvoted this at first, but I've undone that and am going to respond.

If you have family, extremely close friends (as adults, life-long friends), these can be options. Consider keeping your 'binder' in a safe deposit box and setting up access via your bank.

If not, an attorney or even CPA may be able to keep this information for you.

[cayleyh]

An alternative is to have your attorney be responsible for executing your will, but keep everything else in the safe deposit box and put the instructions on how to access in the will. That way your attorney can access only if you die and they assume legal authority for exercising your will.

If you don't have anyone you will leave your assets to, the attorney will be the one liquidating your estate as per your will.

[fomine3]

Anyway does it needed unless partner or something exists?

[KineticLensman]

If you have any 'estate' and any relatives, it is advisable to have a will to avoid painful / slow legal processes for those remaining.

[alisonkisk]

Sure for my money, but my heirs aren't going to kill each other fighting over my netflix recommendations.

[rightbyte]

One might object to having different subscriptions to big corps draining your estate if you want eg. a charity to have it.

[alisonkisk]

That's why you need to cancel the credit card when you die.

[mc32]

Not to spoil good ideas or be a negative Nancy...

What is the process for revoking this access in the event of a less than amicable split between partners?

[avereveard]

well it's a checklist to change ownership to a list of deeds, would work exactly the same way, with the except being that's it's a third party whom distributes property ownership among the partners and not a unilateral transfer from both to one.

[legerdemain]

In an accident or disaster (house fire, flooding, earthquake, you name it), this binder will be gone. This binder should be in a secret manager.

[toomuchtodo]

Keep a copy in there if you want for convenience, I argue you’ll still want a paper backup somewhere. Opsec is hard, people are fallible.

“What was the password?”, “Where’s the Yubikey?”, etc. These are not the failure scenarios you want to encounter during a tragedy (speaking from experience).

[pkage]

Bank safety deposit box is probably a good option for backup, it's very unlikely that both your home and the bank will burn down at the same time.

[kbelder]

My house, several of my friends' houses, my insurance agent's office, my vet, all burned down in the same wildfire a few months ago. Local banks were destroyed along with everything stored in them, and we nearly lost our kids' school. Standing at the remains of my house, looking around at the destroyed community, it looks like we were firebombed. Not modern precision strikes... WWII scale, wrath of god, miles of destruction firebombed.

Anyway, I'm just saying that things you think are safe, really aren't. It's inconceivable that two houses across town from each other would burn down on the same day, until they do. Probably not going to happen, but sometimes it does.

Thankfully, my wife grabbed the binder with accounts and passwords, along with the kids and pets, when she evacuated, while I was stuck on a backed-up freeway an hour away.

I've been very conscientious since then about keeping both a physical and digital copy of everything important. I would never trust digital alone, but a physical copy just isn't reliable enough.

[imtringued]

What if you keep a digital backup in your car? The mobility of your car should spread the risk. If your house burns down during work hours your data will be safe.

[NikolaeVarius]

Safety Deposit boxes are not trustworthy

https://www.nytimes.com/2019/07/19/business/safe-deposit-box...

[Dylan16807]

A pile of papers will probably survive a lot better than a valuable object, at least.

[teej]

The bank across the street from me is 100% burning up in the same fire as my apartment if the California wildfires get to me.

[teruakohatu]

Fires are strange beasts. Sometimes one house in a street will survive completely unscathed and the rest all burn down to nothing.

A street is a firebreak. An earthquake might level you and them but a fire won't necessarily.

[toomuchtodo]

A lot of banks have been phasing this product out, but if your bank supports it, I highly recommend it. Usually, they’ll even allow you access with a drilling fee if you’ve lost the key but can show multiple forms of ID. Whether this is good or bad depends on your threat model.

[legerdemain]

What's a good, safe place to store the key?

[danboarder]

I think giving a USB key or login details with access info to your password manager to a trusted friend or family member might be preferable to having a paper binder that could be lost in a disaster situation.

[epse]

You'd have to account for bit rot though

[jannes]

I recently looked at an old USB key that had some JPGs stored from ~5 years ago.

I was astonished to see that over 50% of the photos had some sort of bit rot that broke the JPG rendering. Many photos would display correctly at the top until the row where the damage occurs and then display grey for the remainder.

This definitely occurs more than you would think on USB keys.

[avereveard]

even for personal safety you need layers of backups. my phone recently lost all data after it botched it's own update, and restoring some key has been a true pain. I've a binder with almost all of the important authenticator tokens or relative recovery codes, but some bank application do the otp setup on their own app side channel and required a lot of paperwork and calls to get it fixed.

[spiffytech]

Home safes are available that are fireproof, waterproof, and very durable. Theft is an issue, though.

A bank safety deposit box is a good backup plan for the home binder.

The benefit of the binder over (or in addition to) the secret manager is it maximizes the chances your family can successfully access your data. I've designated family members as the emergency access contacts for my password manager, but one member completely forgot I even used a password manager, or what it was called. They would never have looked for my data there in an emergency.

[lbeltrame]

Interesting. Did anyone make a similar checklist for passwords and what not? I have something in a binder which is meant to be used in case of emergency, but it's a bit out of date and I wanted to revamp it.

[shortandsweet]

Absolutely read that same book. One of the most useful I've read.

[NamTaf]

Having gone through an unexpected, young death where nothing was recorded, I’ve come to the opposite conclusion: anything significant enough to care about already has next-of-kin processes established such that the Right Person will be able to sort it out.

Indeed, when it comes to stuff like finances, at least where I live, touching them post-death creates issues when the legal channels confirming there’s no contest over next-of-kin haven’t been run to ground. In those situations, having a password means nothing.

This doesn’t mean you shouldn’t prep a will and have processes in place, but it gave me a lot of reassurance that I did not need to worry so much about this.

[shortandsweet]

That's fine if you're single but incredibly selfish if you're not.

[rjmorris]

I think an accusation like that warrants some elaboration. Please describe why you think this is selfish.

[yjftsjthsd-h]

It makes the whole thing the problem of whoever survives. By not leaving documentation, you pass the work of picking up the pieces to someone else. I think "selfish" might be a little strong, but it's not an indefensible position to take.

[wastedhours]

This depends on what we're defining as documentation vs access. My interpretation of the start of the GP was more about passing over actual login/access information, which especially for assets and finances really shouldn't be handed over this way.

Documentation in the form of "I have a bank account at Bank X, and a will at Lawyer Y (or, I don't have a will, but there are established protocols to handle this)" (even if only verbally) is different than "here's my username and password to my trading account in case I snuff it".

[dnadler]

My wife and I recently had to settle an estate (pre-covid), and most subscription services are quite easy to work with. The estate we were dealing with was a bit of a mess, so we basically had nothing to go on except some bank/credit card statements. We were able to contact the banks, deactivate all the credit cards, and contact some services to request refunds for several months of service. We didn't have any trouble getting those refunds after providing the death certificate.

Obviously, it would have been much less of a hassle if we'd had the account information from the beginning, but there were much more annoying problems to deal with than deactivating Netflix.

If you're really concerned about this, make sure you have a will in place and beneficiaries defined on your financial accounts. That is probably just as important as making sure your dependents have immediate access to your money.

[Abishek_Muthian]

A day before a critical surgery I was told I had 50% chance of survival, being a single founder of my startup I had access to all the accounts, passwords, encrypted data (files, codes etc.) and had to find a way to transfer them to my shareholders if I die.

I settled for writing the master key in a physical file to be delivered to a trusted contact in case of my demise along with registering the fingerprint of my trusted contact to my smartphone(all of which has since been revoked). Bitwarden's Emergency Access addresses this problem in a much safer way.

I didn't think about credit card access then, but in my case I think shareholders could have legally taken over the startup and thereby getting access to all the online subscriptions; what wouldn't have been feasible was accessing the private encrypted data hence the 'need for secure key transfer after death'[1].

[1] https://www.needgap.com/problems/27-secure-transfer-of-encry... (Disclaimer: My problem validation platform where I had posted this problem a while ago).

[launch_queue]

So did you make it?

[Abishek_Muthian]

Not sure whether it's a serious or funny/GPT question,

But I did survive, but had to shutdown my startup anyways[2].

[2]https://abishekmuthian.com/i-was-told-i-would-become-quadrip...

[gpanders]

After my wife watched the show “Dead To Me” on Netflix, we had this exact same discussion. I ended up writing a “death document” on Google Docs and sharing it with her. It just outlines “here’s where everything is and this is what you do with it”. It was done kind of jokingly, but now that it’s written it actually makes me feel much better.

For passwords and such, she has a Bitwarden account too and we share all important passwords (finances, medical, etc) in a shared organization between the two of us.

[bronco21016]

Fun story about shared passwords in Bitwarden... I recently had to undo that process because I’m going through divorce. We aren’t at the point of severing everything yet but my ex took the liberty of using the shared Bitwarden passwords to sign into each of the utility (gas, electric, etc) accounts and change the passwords. Thus locking me out.

I had resisted doing anything with the shared passwords prior to this because the process to unshare an account is to delete it from the organization and make a new entry on your personal vault.

Ultimately the blame is on me but the process for unsharing is broken. I guess the moral is to just be careful about sharing accounts in a BW org if you ever expect you might have to undo all of them. It was about 15 accounts in all because we had also shared everything related to financial institutions and health care. I did take the time to change each of them as well since there was no way of knowing what may have been copied.

[xref]

That sucks though I’m not sure your story supports “the Bitwarden process for unsharing is broken”. If you could remove shared passwords from someone else’s vault wouldn’t that just leave _you_ with access, effectively locking out your spouse?

[bronco21016]

You can’t unshare them from the organization. Say you create an entry for Bank of America. You then later share that entry with the “Family” organization. That entry now forever lives with that organization unless you delete it and then make a new entry again in your personal vault.

A more user friendly approach would be for the entry’s ownership to always remain with the original creator and simply share that entry with the organization. You could then later revoke sharing the entry with others or the organization. This is how almost every other file sharing works.

I’m sure there are underlying issues, especially since the goal is for it to be cryptographically secure, it’s just not a very user friendly system and as I said it’s ultimately my own fault what happened to me.

[xref]

Yeah I understand, I’m just saying in this case that feature would allow you to lock out your spouse effectively

[bronco21016]

Which was exactly what my spouse did to me by having access to the password and then changing it with the utility company and not updating it in the password manager.

I think as another commenter said we’re complaining about the wrong piece of the flow. Important accounts like utilities should have a mechanism where as many users as necessary are tied to an address. In many households it will be one user but in some it might need to be 2, or in the case of roommates 2+.

We can have multiple users tied to our mobile phone service provider so why not the gas or electric?

[cosmie]

Sounds like you can already do that with the "delete from org + recreate in personal" workflow, so an "unshare" button would just be streamlining that existing capability.

[leetcrew]

the larger (but difficult to fix) issue here is that these important services don't seem to offer a good implementation of a joint account. if two people live in the same house, they should both have access to the account with the utility company to view balances and make payments, but neither should be able to lock the other out without some formal process. having multiple people share the same credentials is an antipattern.

[ZackJ37]

I actually put together a service that is focused on this issue called Fidelius Vaults (https://www.fideliusvaults.com). If you have a moment to look, I'd be curious to hear your feedback on whether it solves the problem you stated.

[sebmellen]

I really like this idea, but what's the longevity of the service? Do you have any sort of contingency plan if you die, or if you don't have the funds to maintain the service anymore?

[avereveard]

ah, I dabbled in a same idea, but before "guardians" I had another step, which was contacting the "vault" owner after "keyholder" requests and before "guardians" approval allowing for the owner to veto access if needed be, as another layer of authorization.

glad to see things like these are cropping up, there's a need for sure.

[_wldu]

Have one email account on your domain (example.com) and use that for everything important. Use a long random password for the account and don't 2FA it. Share that with your family. That's probably all they need to gain access and reset your other accounts.

If you 2FA the email account, you risk locking you and them out permanently for many services. I've written some about this. If you care to read it:

https://www.go350.com/posts/now-they-have-2fa-problems/

Also, if you 2FA other things and aren't really careful, you may lock them out even if they know the password and/or are able to reset it. That is by design.

This problem is growing larger every year as more sites enable or mandate 2FA. It's impossible for humans to manage this at scale.

[dyingkneepad]

I don't buy the "don't use 2FA" argument.

My partner knows how to unlock my phone. She can read the eventual SMS (I know, it's insecure, but still the only 2FA method in many US bansk), she will receive the email with the eventual password reset on the phone, she can use my authenticator apps. She also knows about my Yubikeys and where they are stored.

She also has access to my laptop, where backups for the above are stored.

[kijin]

Even with TOTP, it's trivial to set up the same key on more than one device at the same time.

[shortandsweet]

And what the manual unlock codes?

[dyingkneepad]

What manual unlock codes? You mean the TOTP backup? It's documented. But she won't need if she has the rest.

[hypertele-Xii]

I've written down all account credentials and passwords into a text file that sits inside a Veracrypted volume on an external hard drive with multiple copies including off-site. My wife knows the encrypted volume password (as her personal files are also within), and the location of the text file.

Still need to write a licence permitting her to release all my IP into the public domain.

[galkk]

I have shared document that has high level details: Savings accounts, investment, 401ks etc. That is known to my wife. We both use lastpass, so Im also using delayed access release* for wife (14 days) and for my brother (30 days, he lives in another country, were not particulary close).

If we travel together with wife on something like plane we ensure that our wills, that have the same information as above are shared with relatives.

* the wife can request access to my account. I'll get email notificarion. If I wont reject it in given time period the access will be given

[MatMIS]

I conceived this a little while ago and got a friend who is a developer to write it.

https://play.google.com/store/apps/details?id=com.mistudios....

It's been a slow start but hoping it picks up and we can get it onto the Apple store.

My mother has the releaser email and the email itself goes to my partner.

[jjnoakes]

I don't do anything with my online accounts; for assets I rely on beneficiary information and my will, and I expect that the online accounts will just die off (as CCs close, etc).

I've always wondered if I should do more. What are the downsides of relying only on wills and beneficiaries? What might I be missing with this super basic estate planning?

[MrStonedOne]

Their concern seems (to me) to stem mostly from how the rest of their family will be able to use the household services if they pass.

Should the family have to setup new netflix accounts with new watch history tracking because the primary account holder passed away? Given how long it would take for the cc's to get cancelled and netflix to notice, would it be smart for your kids or partner to get that kind of gut wrenching reminder of what was lost months after your death?

[shortandsweet]

I know of two off the top of my head, probate and people fighting over your stuff

[jjnoakes]

Could you elaborate?

What issues would simple wills and beneficiaries have in probate? And how does giving someone access to my passwords avoid those issues?

[Terretta]

This question feels like a potential opsec danger zone.

Same question reformulated: “What’s the one thing you need to compromise to get into my entire digital domain?”

[nickthemagicman]

Keep everything in Lastpass notes or the notes of whatever password manager you use.

Then put the password to that somewhere safe for people to have.

[GVRV]

Lastpass actually has emergency access contacts you can setup without having to share your master password.

[rubyist5eva]

safety deposit box at my bank with my accounts, passwords and 2FA recovery codes in a notebook