|
|
|
|
|
|
by k310
338 days ago
|
|
|
Also curious about this. There seems to be a master password and a bunch of questions. Presumably (I looked around) one transfers these. Now, there have been cases of seniors being conned into signing away power of attorney. If this is detected, how can the owner change the authorization? And if used by seniors (I am one, OK) how can they remember the password/questions other than a password manager app (which requires a password) or printing them out and saving in a lockbox? And then there’s access to the key … Anyway, granting access seems to be the entire point of this, and I didn’t see it addressed “job one” on a quick run through the website. Then again, I’m a senior … |
|
|
1. How the Owner Can Change or Revoke Authorization EchoVaults is entirely offline and local to your device. That means:
You can edit your trusted contact, master password, or emergency instructions at any time from within the app.
All changes happen instantly, without needing to connect to the cloud or re-sync anything.
If someone you previously trusted becomes untrustworthy, you just open the app, change the vault password, the 5 identity challenge questions, or remove them entirely. No delay. No approval needed. You remain in control at all times.
Because there’s no external server, no one — not even us — can override or silently alter this.
2. What About Memory? What If a Senior User Forgets? You’re right to say that remembering a master password + challenge questions can be tricky, especially for seniors. That’s why we built the system with multiple human-friendly backup methods:
You can print an encrypted PDF backup of your vault with your password + answers, and store it in a physical lockbox or with a trusted lawyer or child.
You can export a password-protected backup file and write the access code down on paper.
Or, if you use a password manager already (like 1Password or Bitwarden), you can safely store your EchoVaults credentials there.
We also strongly recommend setting a codeword-based lock screen message like:
"If I’m incapacitated, [Name] should use the code ‘River’ to open EchoVaults."
This gives helpful direction to trusted parties, without exposing anything sensitive upfront.
3. Preventing Exploitation (e.g. Power of Attorney Scams) Because we don’t connect to servers or share data, no one can remotely access or tamper with your EchoVaults data.
The most important layer of defense is:
Your phone’s passcode (which protects the device itself)
Your EchoVaults master password
Your chosen unlock questions
If someone ever tries to pressure you or gain access improperly, you can silently update or revoke their access within seconds. They would never know until it no longer works.
You're absolutely right that this kind of product must earn your trust, not just ask for it. That’s why we’ve published a full transparency report https://echovaults.org/transparency, made the app open-source, and designed everything to work offline, privately, and at your pace.
If there are better ways we can surface this info on the website (e.g., clearer onboarding or an FAQ section just for seniors), we’d love your suggestions.
Thank you again for asking. Your voice matters, and it helps us build better.