1Password access for bereaved/heirs

Hey,

I got everything in 1Password and Evernote. I live paperless. 1Password is the key to everything important in my life.
I am not that old and it might be odd to think about it yet, but I wonder how my wife or kids will gain access to all my "paper" in case I die in an emergency or so.

Right now, the only way secure way I am aware of, is to leave the Master-Password in a sealed envelope in a safe deposit box. Not the best approach, since a) I might want to change my master-password frequently and b) it is a physical copy of something that should not have a physical copy.

I could teach my wife the master-password, but she'd forget it (since she wouldn't use it for years or decades). Same with my kids. Also, it generally does not feel right to share the master-password with (too many) others.

Is there a better way to handle this?

What I had in mind as a cool solution:

I could setup up to three or five "trustees" at 1 Password. These would for example be my kids and my wife. These trustees could, after some auth-process, request [a hint to] my master-password. Once requested, I first would get a notification email with a (literal) "dead man button": If I don't hit the button within 72 hours or so, the hint would be revealed to the trustee. If I hit the button, the request was wrong and I can "kick that trustee out".

How are others approaching this problem?

Comments

  • There are two problems with your idea:

    1) In 30 years time, if you wife any more likely to remember the master password from a hint than just remembering it? I doubt it.
    2) If you make the hint the entire master password then you are effectively giving Agilebits (and the NSA, GCHQ and any other TLA's out there) full access to your vault.

    The fundamental problem that you're trying to address is to make something that exists only in your mind available after your mind is no longer available. It's a fundamental contradiction.

    The way out is to copy your master password somewhere other than your mind. Where that is depends on your situation and the kind of threats you wish to protect against. A piece of paper in a safe is a mostly fail safe method, although it does have a risk if you burn to death in your home. Another option, if your wife uses 1Password is to store your master password in her vault (and vice versa).

  • One answer here is to give your master password to the same attorney you might have handle your will.

  • brentybrenty

    Team Member

    @cobaltjacket: :+1:

    You could also simply provide the attorney with a key to a safe or bank box, but it's the same basic idea: somebody needs to be able to get to this stuff after we're gone.

  • edited April 2015

    What about this?

    Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule

    Alternately, perhaps a simpler server-less version of that concept.

  • brentybrenty

    Team Member
    edited April 2015

    Okay, that is pretty cool! My favourite part:

    1. Cryptographic security. The Red October server does not have the ability to decrypt user keys without their password. This prevents someone with access to the vault from decrypting data.Password flexibility.
    2. Passwords can be changed without changing the encryption of a given file. Key encryption keys ensure that password changes are decoupled from data encryption keys.

    Sounds familiar... :)

  • This is the best real-world analogy I could come up with:

    Of course, one would hope that a pistol would not be required to have your estate handlers "turn their keys."

  • brentybrenty

    Team Member

    Of course, one would hope that a pistol would not be required to have your estate handlers "turn their keys."

    Amen. :dizzy:

This discussion has been closed.