[Kynsofficial]

Thank you for raising this — it's a deeply thoughtful perspective and you’re absolutely right: secure access control and ownership revocation are “job one” for a tool like EchoVaults. I'll try to address your concerns directly and clearly:

1. How the Owner Can Change or Revoke Authorization EchoVaults is entirely offline and local to your device. That means:

You can edit your trusted contact, master password, or emergency instructions at any time from within the app.

All changes happen instantly, without needing to connect to the cloud or re-sync anything.

If someone you previously trusted becomes untrustworthy, you just open the app, change the vault password, the 5 identity challenge questions, or remove them entirely. No delay. No approval needed. You remain in control at all times.

Because there’s no external server, no one — not even us — can override or silently alter this.

2. What About Memory? What If a Senior User Forgets? You’re right to say that remembering a master password + challenge questions can be tricky, especially for seniors. That’s why we built the system with multiple human-friendly backup methods:

You can print an encrypted PDF backup of your vault with your password + answers, and store it in a physical lockbox or with a trusted lawyer or child.

You can export a password-protected backup file and write the access code down on paper.

Or, if you use a password manager already (like 1Password or Bitwarden), you can safely store your EchoVaults credentials there.

We also strongly recommend setting a codeword-based lock screen message like:

"If I’m incapacitated, [Name] should use the code ‘River’ to open EchoVaults."

This gives helpful direction to trusted parties, without exposing anything sensitive upfront.

3. Preventing Exploitation (e.g. Power of Attorney Scams) Because we don’t connect to servers or share data, no one can remotely access or tamper with your EchoVaults data.

The most important layer of defense is:

Your phone’s passcode (which protects the device itself)

Your EchoVaults master password

Your chosen unlock questions

If someone ever tries to pressure you or gain access improperly, you can silently update or revoke their access within seconds. They would never know until it no longer works.

You're absolutely right that this kind of product must earn your trust, not just ask for it. That’s why we’ve published a full transparency report https://echovaults.org/transparency, made the app open-source, and designed everything to work offline, privately, and at your pace.

If there are better ways we can surface this info on the website (e.g., clearer onboarding or an FAQ section just for seniors), we’d love your suggestions.

Thank you again for asking. Your voice matters, and it helps us build better.

[k310]

You're welcome. Just make this info easier to find on your website. I may be old but I've been computing since Kim-1, and better than most at ferreting out info.

It's for all the others! I appreciate your reply.

P.S. I never used, but like the idea of a plausible deniability password, which unlocks nice looking but useless (or even incriminating) info, like the fake ID that came with a wallet, but I keep it the vulnerable back pocket in case someone lifts it. Unfortunately, it's very dated. I keep the real stuff in front.