As for the digital world, I am the only one in my family who knows a lot about it. Unfortunately, my wife only uses her iPhone for email, Facebook, chat and games. That’s all. I, on the other hand, control EVERYTHING else related to the Internet or computers. I manage our online banking, investments and credit cards.
I also have all passwords and logins for all the sites we use, from AAA to our HOA site to airlines, social media, etc. Etc. In addition, I also manage all of your digital media, including photos , videos and important digital documents. To complicate matters, I’m running an all-digital business: blogging! I have multiple sites linked to their own bank accounts and online identities, including ad network deals, social media pages, hosting sites, etc.
Recently the thought occurred to me that if I die or become incapacitated, my family will be screwed up. She wouldn’t know how many bank accounts we have, where our investments are, what online accounts we have, or what I store in the cloud (which is a lot). Moreover, even if she did, she would not be able to enter any of them. This will mean that there will be tons of digital logins and assets lying around with no one to manage or take care of them. Our digital identity would be a complete mess.
The only salvation is that she knows my master password and has access to my two-factor authentication device, which she can use to access a list of all my sites and accounts. However, she didn’t even know where to use the master password, as she had never done so before.
In this article, I want to look at some of the possible solutions I’ve researched over the past few weeks, and how I chose to protect my digital heritage in the event of my untimely death or demise. Not fun to think, but absolutely necessary, especially since most of what we do in our lives is done online or digitally.
First, get everything together
Regardless of which path you choose at the end to convey information to your loved one or family member, you first need to put all the information together and store it in one place. There are several ways to do this, but it is absolutely imperative that the data is stored in a very secure place, since you are essentially placing your entire digital life in one place.
Depending on your level of trust, you can create this list digitally or the old fashioned way. I am using a password management app which I am sure will not be cracked. However, if you do not want to post such sensitive information on the Internet at all, then it is better to just write it down or print it, then print and delete the digital version.
The two best digital storage options are KeePass and LastPass. KeePass can be stored locally, so it might be the best option for those wary of keeping everything online. If you’re happy with encryption and two-factor authentication, you can use LastPass to compile all the data you need.
LastPass has other useful security features like one-time password. With a one-time password, you can keep it in a safe place, such as a home safe, and your spouse can use that password to log into your account if something happens to you. The good thing about a one-time password is that it will expire after a single login. This way, you don’t need to share your master password or store it in insecure places.
As far as the information you need to collect, it should literally be anything you can think of. Email Accounts, Online Banking, Credit Cards, Investments, Social Media Sites, Airlines, Shopping Sites, Backup Sites, Hosting Sites, Etc. Etc. Basically anything you’ve ever logged into , is still relevant and useful. With KeePass and LastPass, you can also add notes to every item you add, so if there is additional information other than the login information you need to include, it’s easy to add it.
Second, secure everything
Now that you have the ultimate collection of everything in your digital life, you need to make sure it’s safe. If you’re using digital options like LastPass or KeePass, you need to use more than just a strong password. Both have secondary authentication options (two-factor) that make everything a million times more secure.
However, even with encryption and two-factor authentication, data can be compromised, and this is where people wary of storing data digitally have a legal right. For example, if you have spyware or malware running secretly in the background, it can easily hijack whatever you enter. In terms of actually gaining access to your entire database, this would be much more difficult since the data is heavily encrypted with a default. Even if the malware copied your database file to its computer remotely, they would not be able to crack it in any reasonable amount of time, even on many fast computers.
It is very important that the computer you are using to collect all this information is clean before starting work. If you perform a lot of copy and paste operations, malware can hijack the contents of the clipboard before it enters the encrypted database. Plus, if someone can control your computer remotely, they can open programs (if left open) and get all the information they need. This is why it is also important to shut down the database if you are not using it (KeePass) and set a short timeout if you are using a browser extension (LastPass).
With the LastPass Browser Extension, you can access everything right from your browser. This is handy for automatically logging into websites, etc., but also poses a big security risk. If someone takes over your computer and you’re logged into LastPass, they can simply export a file with all of the logins and credentials and transfer it to themselves in minutes or less.
However, LastPass is aware of all of this and therefore has many security options. For example, if you close your browser, you can make sure LastPass is logged out. This means that if someone else comes and opens the browser, they will have to log in again. You can also set up logging out after a certain amount of idle time. I set this value for a few minutes because I don’t want anyone else to be able to access my account while I’m away and the browser window is open.
With KeePass, you also have a bit of security. The newest version even has the ability to obfuscate the keyloggers installed on your computer so that they cannot actually capture the data you enter in any of the fields. Besides the master password, you can use key files. A key file is a file that is stored on an external device and must be used in addition to the master password to open the database. Finally, you can also link the database to your Windows account, so even with a password and key file, you will have to log into that particular account as well.
This is why almost everyone uses one of these two options to store secure login information. If you don’t want to use any digital option, just write everything down on paper. I strongly discourage using a program like Word and then printing the file. The main problem is that while you create the file, it is widely open to attack and not encrypted. In addition, you have a chance to completely forget about it, thereby opening yourself to a variety of problems. Obviously it will take quite a long time to compile the list, so it’s best to use something safe when doing this.
Later, after exporting the database to print, you can delete the database or online account if you are really not comfortable.
Third, get a lawyer
Unfortunately, the real world and the digital world are interconnected. When someone dies, the bank usually blocks their accounts. If you do not have proper financial power of attorney, your wife will not be able to access the money until the property is settled. This can add more stress to an already over-stressful situation.
A good lawyer can put things in order for you and can even be used to store your confidential master print file or master password. It is important to draw up the entire power of attorney correctly. A joint checking account will work, but only if you have one bank account. In such a case, like mine, I have several bank accounts with only my name on them. If I want her to take control, just giving her login details won’t do anything. In fact, this could cause more problems, because it would technically break the law by gaining access to accounts after my death.
Fourth, write a directory and store it
Finally, you need to create something that someone non-technical can follow. The best way to do this is to write a document explaining how everything is set up, which accounts are important, how to access them, etc. Print this document and also a list of all accounts for everything and save it in a safe deposit box in the bank.
Don’t store it at home, even if possible in one of these home safes. Why? Well, it’s best to leave it in an official place where you need someone to actually walk into a public place. If you have a safe in your home and have people who know what is inside, this may cause someone to do something ill-considered, such as forcing your trusted person to open it for them. It’s probably a small chance, but the fact is, sometimes crazy things happen after someone dies and you don’t want to deal with it.
If you don’t want to actually keep the entire list of passwords and logins in the safe, you can simply save the master password or even one one-time password there, although this is a little more dangerous since it can only be used once, and if after that someone will be blocked without proper information, he will never be able to return.
Obviously, this is not the only or best way to pass on your digital identity to someone else after your death, but it is the first step that most people, myself included, have not even thought about. My wife and I drew up a will long ago with a power of attorney and a power of attorney, but I realized that this is only half of what she needs to properly manage everything.
Let us know what you think if you created a plan and what tools or processes you used to collect and store sensitive information. Enjoy!