I’ve recently been looking for somewhere to keep files securely that would be (more or less) automatically accessible by my wife or kids in the event of my demise (I’ll elaborate in a later post).
I found that my bank offers free cloud storage as part of their online banking solution - I thought this would be great - it’s a joint account, but only I have online access - I could drop some encrypted documents there and give the encryption key to my wife - if the key was accidentally breached, the files are secure - and if the cloud is hacked, the hacker won’t have the key - and if I die, access to the files would be granted by the bank.
Sounds ideal - except that the T&Cs of their cloud storage state that only certain file formats are acceptable, and no encrypted files should be stored there. Reason? They want to be able to browse and view them to check that I’m not doing anything illegal or inappropriate.
WTF? They want the right to view my stuff? No thanks.
Basically, the problem I’m trying to solve here is: how would my wife tidy up or take control of all my affairs if I were to die unexpectedly.
What I think I want is a way to securely store a set of documents containing all the details (and in some cases, the passwords etc) for my online accounts (banking; websites, including my own; email, etc), so that:
[ul]
[li]I can update the information at will[/li][li]It’s secure to me only during my life[/li][li]It opens more or less automatically to my loved ones after my death[/li][/ul]
Ordinary cloud storage solutions (DropBox, [del]Sky[/del]OneDrive, etc) :- potentially difficult for someone else to take charge of (perhaps even to find) without my assistance.
Physically (i.e. paper or USB drive) stored in a bank deposit box :- secure, probably easy for someone with power of attorney to access, but difficult for me to update.
Physically stored at home :- easy to access by me and anyone else, but not secure now.
Pre-shared with my wife (i.e. I grant her access to it now) :- not secure now.
So I was sort of hoping that an electronic storage solution provided by my bank would be secure for now, easy for someone with power of attorney to access later, but inaccessible enough now that I could write the encryption key on paper and hand it to my wife, but my bank wants the option to rifle through my stuff unhindered.
Not me (and it seems to me that half the fun of dying unexpectedly is leaving a tangled mess for your heirs to deal with). Honestly, in the situation you’ve outlined, I would just leave a piece of paper, in the house. We’re really talking about a handful of passwords here, no? Any time you update them, just update the paper. It’s a bit old school, but sometimes that’s the straightest way.
But clarify something for us: are you really concerned about your wife having access to this piece of paper before your demise? Is that what you mean by insecure?
Why not put a piece of paper in your safe deposit acct with access instructions for Dropbox. As long as you don’t change the filename/password, you can update it whenever you wish.
If you die in a house fire/explosion/tornado/sinkhole/washed away in a flood, that piece of paper in your house won’t be accessible either.
My stepbrother (who I did not know very well) died suddenly/unexpectedly a couple of months back - he was a wealthy and successful businessman with investments all over the place, but lousy paper trails for all of it - his family had to deal with quite a mess and there’s probably a good deal of stuff they will never find.
I don’t want to put anyone through all that nonsense and inconvenience.
It’s a bit more than that - for starters:
[ul]
[li]4 email accounts (probably only two of them are important)[/li][li]Login credentials or other details for maybe a dozen or more online accounts (some can be left to lapse, but others might need to be cancelled to kill a subscription - and a couple where I’d like someone to inform my contacts of my demise)[/li][li]Details of several pensions and insurance policies (there’s no real reason these need be with everything else in the list, other than convenience)[/li][li]Details of the hosting, admin access, payment config and ad revenue accounts for the domains and website I own.[/li][li]An online bank account that receives the ad income for the above.[/li][li]My PayPal account.[/li][/ul]
I daresay much of that would be eventually traceable and could be brought under control, but I’d like to find a way to hand it over gracefully.
A safe deposit box can be the worst place to put post mortem instructions. You die and your spouse goes to the bank - surprise! The box has been sealed, and the contents are off-limits until the estate has gone through the probate process. Unlike a joint checking account, there’s no easy and automatic transferance of a safe deposit box’s contents to the surviving spouse.
Can you encrypt the list of logins, insurance info, etc in a Word (or similar) document and email it to your wife’s phone?
I just checked and my bank is in the process of phasing out safe deposit boxes (as indeed seem to be many of the other major banks in the UK - they still offer a secure ‘wallet’ storage service - where you pay a small monthly fee for them to store an envelope of papers, with a slightly bigger fee for each time you want to access it (the wallets are stored centrally and are accessed by requesting that they are sent to the branch or posted to you by Royal Mail Special Delivery)
The bank keeps track of death notices for customers. If your name pops up, they seal the box. No one can get in until probate starts. This was carefully explained to us by our lawyer when we had our will drawn up so that we knew why putting our will/post-mortem instructions in a box was a bad thing. Stuff that is part of the estate is okay, but nothing that will be needed in the days or weeks after death.
My advice: If you use paper for any part of this, be sure to rub some tea on it then dry it out in the oven afterwards. If you can manage some fancy old-school handwriting, so much the better.
Trusting your local bank to do cloud storage makes about as much sense to me as trusting your favorite restaurant to sell you life insurance.
Generate a random password for your dropbox account, give the first half to your wife to store securely and the second half to the executor of your estate to store securely. Any person finding either half of the password can’t do anything with it.
There’s more sophisticated ways of doing this (like Shamir secret sharing) but, in essence, this seems to largely solve the problem you’re asking about.
edit: for slightly more security and convenience, register a second dropbox account, share the folders you want to be accessible after your death with the 2nd account with read only permission (there’s no reason why it should be able to modify your files). Generate a strong random username and password on the 2nd account and distribute half to each person as mentioned above.
That’s quite a sound plan - probably the best yet - and I don’t wish to be the OP who keeps finding objections to every offered solution, but there is one more problem: my wife isn’t especially computer-literate.
I guess she wouldn’t have to be, in the Dropbox scenario - she’d just have to recruit the assistance of a trusted friend.
I don’t use Dropbox at the moment (I have Skydrive) - is Dropbox free? Is there any activity that needs to be done regularly to keep an account alive?
It’s not my local bank - it’s a large international bank - and the cloud thing is part of their online offering. Apart from their weird terms and conditions, it ought to make at least a little sense to trust them, because they are in the business of keeping things securely.
Regardless, a bank is not in the business of setting up and running cloud storage and they’re likely to do a half assed job of it. Anyone who’s ever worked on bank software before will tell you that it tends to be extremely poorly written by not especially bright people and security is often a low priority.
If you use skydrive, then continue using skydrive, the same method applies. It’s pretty easy to walk your wife through the procedure now. As long as she knows how to operate a web browser and log into a site, there’s not much to it and any friend would certainly be able to help her provided you leave clear written instructions.
As far as I know for dropbox, it will keep your files indefinitely without you having to do anything. You should check with skydrive whether they require you to login within a certain period of time to stop them erasing your files but I doubt it.
Is this a policy-based (i.e. metaphorical) seal where they flag the account with some sort of “do not open” flag and staff are instructed not to allow access to a box that is associated with such a flagged account, or does a bank official actually go in to the vault and squirt superglue in the keyhole or apply some other sort of physical barrier?
Seems to me you are doing things in the wrong order. Write a will and get an executor. Then bring the executor into the discussion of how to secure everything. They will be responsible for looking after your entire estate (including anything valuable secured by the passwords you are concerned about). Even if you don’t want your executor to have immediate access while you are alive you can still discuss what would processes would be easy for him to deal with and how (maybe breaking the password into pieces and leaving one piece difficult for him to get at while you are around) to go about getting the necessary password.