[PinguTS]

There is another issue with all those growing 2FA/MFA protected accounts: managing your unexpected death.

How do you teach your beloved ones to access your accounts. And they need to remember what to do. For some accounts may it doesn't matter. For others that means to be able to end the subscription. Because not all subscriptions are associated with a credit card, which just expires.

But if you allow to contact a company by a third party to cancel and or change things then this becomes the go to for social engineering.

[croes]

Isn’t the device to access the password manager mostly the same device used for 2FA?

I hope most people use a password manager.

[dewey]

Most people are just storing them in the browser but that’s not stopping people from coming up with easy to guess passwords.

[bobbiechen]

In the US, you have a legal right to access accounts of the deceased through RUFADAA. It's not as simple as logging in (usually requires a court order) but it's possible. I wrote about it and related issues here: https://digitalseams.com/blog/what-happens-to-your-online-ac...

(and recently discussed on HN: https://news.ycombinator.com/item?id=42991112)

[pests]

Services like FB have the concept of a legacy contact, an account that can manage your page after death. Also the concept of your profile switching to a memorial page, with your legacy contact doing moderation of posts.

I did the math years ago and even back then, thousands of users would pass daily and now with most of the world population on FB it probably comes in handy.