[Discuss] After I'm dead (re: deadmanish login?)
Rich Braun
richb at pioneer.ci.net
Mon Feb 6 15:33:56 EST 2017
Daniel Barrett <dbarrett at blazemonger.com> suggested an estate plan:
> Try storing your passwords in a safety deposit box.
>
> 1. On paper, or
> 2. In a plain text file on a CD or USB key, or
> 3. Encrypted with a GnuPG key that has an empty passphrase (which even a
> spouse can remember :-))
>
> This approach won't protect your passwords from a mastermind criminal,
> but in the other 99.99% of cases it should be fine.
That strategy (I have a hybrid of the above: a USB flash drive containing the
full-disk encryption keys, which is itself encrypted, and a piece of paper
with the plain-text pass phrase and a paragraph describing the convoluted way
I've got my server-startup configs implemented).
The above needs to be complemented with:
4. A list of 2 or more trusted friends to whom your (non-tech) spouse can turn
when these directions need to be followed.
5. A way of dealing with the password-update problem--probably a separate
LastPass login that you only use to store other master passwords that need
periodic updating, but I haven't fully figured how to avoid the race condition
that happens between the time you update your primary master passwords and the
time you update that pretty little estate-planning paper sitting in the
safe-deposit vault: just don't get killed during that time and your spouse is
fine, right?
Earlier in the thread, someone mentioned how vulnerable (to phishing etc) an
auto-filled password is. Thanks: since I use LastPass, a handful of my pw
entries were still set to that app's default autofill value. Serves as a
reminder to the rest of you: be sure to un-set autofill for any of your
financial accounts (brokerages, banks, *and* things like amazon.com unless you
like belatedly finding out that your account got used to order nefarious
things for delivery to faraway locations.)
My case differs from most younger people's situations: my sig-other followed
my habit of storing most photos and personal stuff on a local server, rather
than the cloud, so I've got an extra responsibility to ensure that the data
can be accessed in my potential absence. Most people under 30 probably can't
even imaging storing data like that on home servers. (But now we know that
both 2016 presidential candidates do, at least with their email. They're old,
I guess, and even more paranoid than I am ;-))
-rich
More information about the Discuss
mailing list