I have a similar attitude and intend to use that feature. But …
UK law may be different. But in the USA, for anyone to access a digital account of a dead person, even with their pre-death permission, is a violation. If the account is a financial account the strict legal situation is even more dire for the person accessing via the deceased person’s credentials.
Cite?
Yeah, I’d like a cite too. Are you referring to financial accounts (specifically bank and investment accounts) or any type of account? Because,um, I may (that is, I definitely do not, for purposes of this conversation) have access to my deceased father’s credit report and union retirement online accounts. Er, in theory, I would have access to this in order to assist in settling his estate. That is, if I did have access to these, which as I said, I do not.
Keepass isn’t just free, but “portable”. The program will work as long as Windows is compatible with it, and you do not need to update it.
I have that issue with Kindle for PC. Yes that’s free, but they keep forcing me to update (I have a good reason not to update). Kindle for PC isn’t portable so it can take actions I don’t want it to, and it also interacts directly with Amazon. Fortunately it doesn’t contain any financial info by itself.
Four years ago I bought a program called You Need a Budget, version 4. I paid for it once. Since then the newer version is pay per month. I kept the license number, so when I bought a new computer in December, I reinstalled that rather than get the newer pay-per-month version.
Nah, Snowflake is Ted Cruz’s dog. Paris Hilton’s was Tinkerbelle…unless I’ve got that backward. I’d love Ted Cruz to have a dog called Tinkerbelle.
I would have thought the account becomes part of their estate, and like anything else, there is the question of both who should be allowed to access it and how that access will happen - If I have valuables in a safety deposit box, those become part of my estate, but if I don’t make any provision for access, they might just go unclaimed.
IANAL, but I believe this is correct. I have POA for my elderly mother’s affairs, but I also am a signer/owner on all her financial accounts. So when she passes, I will still have legal access to those accounts.
I started using one (LastPass) when a Google search of my email address (just for kicks) revealed a pair of websites listing usernames and passwords. My email and a password I used were listed. With LastPass it’s easy to generate distinct passwords for each of my login accounts, which is the main reason I started using it.
For accounts that I log in to frequently, I use whole sentences as my passwords (easier to type and remember than random letters and numbers).
Folks wanting cites to my contention about legal access to incapacitated or dead peoples’ accounts might start here from 2013:
and here from 2018:
These are old, but the laws cited are still in effect.
The punchline being there are lots of legal ways to set up access for trusted family members to control your accounts while you’re alive but incapacitated or once you’re dead. But simply giving that family member your login username and PW so they can pretend to be you to the financial institution’s website is NOT one of them.
My wife is a now-retired banking attorney. Standard practice upon learning of the incapacity or death of a customer is to lock the online account, ATM cards, etc. Later, when somebody brings in a court order showing them as executor, that’s when the bank will discuss how that person gets access.
We use 1Password, and we have it set up to sync to our phones (and one computer) via Dropbox - this way, my husband and I each have access to the other’s passwords at need.
I remember that was a bit of a pain to set up at first: we’d bought the phone versions, but could not do the initial Dropbox sync without having the desktop version, which was extra $$. But we could use the free trial version for the one-time sync, and after that it would work without the desktop version.
A couple years back they tweaked things so that I had to update the vault format on my phone (Android; my husband is on an iPhone). By then I’d purchased the desktop version, as i was finding it useful. So our copies diverged at that point; previously, if he put in an entry for a site, a little while later I’d see it on my phone.
Then not long after that, they went with a monthly subscription model, which is a new and annoying-as-hell trend. 5 bucks a month. Forever. There was some additional functionality (no longer needed to use Dropbox, they’d host and sync using THEIR servers) but in far less than a year I’d have paid more than the initial license cost. Terminating the subscription would, I think, allow access to existing passwords, but no updates going forward.
They DO still have a one-time-only purchase option, where you can configure it to use Dropbox for syncing, but they made it very tough to find out how to do that. It took me a fair bit of digging but I managed it.
They do have browser plugins that will auto-populate passwords, let you generate passwords on the fly, and save ones that you’ve typed into the browser, but I had some issues with that and haven’t used it in a while. It may well be working more smoothly now. Instead, I just launch the 1Password desktop app and copy/paste as needed.
All in all: it works, but it’s a spendy option; if I were starting from scratch, I might look at the other options.
As far as access in case of death: my husband’s vault and mine (separate now due to that update) use the same master password, and we know each other’s phone unlock code, so we can get to whatever we need that way. If we both go down at the same time, I guess I’d have to write down the master password, as well as the desktop unlock code, and say “lookie there for the keys to the kingdom”. I might actually do that, plus our Dropbox password, and seal it in an envelope in a filing cabinet.
Just for giggles, I took a look at my vault to see how many entries it had. Over 750!
Not all of those are logins - things like our SSNs, credit card numbers and so on are also in there. But well over 650 are logins. How on earth would one manage WITHOUT such a tool?
“P@ssw0rd1”, that’s how. Which is how society is in the indentity theft and fraud problem that it is.
In case anyone is wondering how people get their bank accounts drained even with SMS authentication:
A bad guy buys/downloads a list of hacked passwords tied to email addresses. The passwords were taken from the least secure sites on the net; the ones that stored their password database without encryption or protection. If you have logins to more than a handful of sites, chances are that some of them are from one that had horrific security practices.
The bad guy tries the emails on common sites. It doesn’t take long to figure out which ones have accounts tied to them, and which of those shared passwords between sites.
The bad guy does some easy research to tie the email address to a phone number. This step may not be necessary if the original account hack had phone numbers, but in any case there are numerous ways to accomplish this.
The bad guy calls your cell phone company and asks them to assign your phone number to their phone (or rather, their SIM card). In many cases, the phone company will simply do this with no questions. In others, some easy social engineering may be necessary.
The bad guy now has your password and bank security texts go to them. You are now screwed.
These hacks aren’t theoretical; they happen all the time. Text-based authentication isn’t great, but it’s kinda ok combined with a strong password. You should not be depending on one or the other, though (and ideally, use an authenticator app instead of texting for your 2-factor authentication).
Also, you should assign a separate security code to your phone account.
I know AT&T does this - you can set up a completely independent security code that must be entered before any changes can be made to the account. In theory, this will prevent SIMM-switching.
In practice, it probably just tests the boundaries of social engineering.
I used to use the built in iCloud Keychain in safari but since apple went so hard in every wrong direction I don’t use macOS anymore and I’m looking into android phones. But password managers from third parties were never particularly appealing to me so I just manage my passwords myself.
My passwords contain a common numerical code that is an alteration of something so obvious and arguably stupid you wouldn’t think to try it, plus a symbol and some capital letters. The part that keeps it secure is that there are parts of it that vary based on the site, system, app, etc being signed into.