Set up a legal trust, transfer (if transferable) your accounts to family members. If you know this is not supported, put your login info and MFA devices in a lock-box for them to inherit. Prepay your accounts, as your CC will get suspended. Those with full power of attorney should be able to legally access your accounts. Executors and primary beneficiaries named to have your accounts. Double check with an attorney in your location as some places have silly laws. I am not a lawyer, thankfully.
I have cron jobs set up on pre-paid servers so that should something happen to me, my friends will get emails from me as I don't entirely trust the trusties to do what they are obligated to do.
It's probably one of those "dead-man-switches", where if OP doesn't do some action before the timer goes off, then it fires off those notifications to his friends (in this case).
So OP has to regularly do some action until they can't (either aren't able to, or are dead in this case).
Cron checks if file is X days/months/years old.
Also I would add two offset. First triggers earlier with reminder to self (taking extra long holidays while forgetting about cronjob), second is actual dead-man-switch when you are probably incapacitated or dead.
Yeah, sure, if they know about it at all. Also consider your threat model: are you worried your family will kidnap you to get access to your accounts? If you think they would, maybe you need a different plan. I mean otherwise, if they've got you kidnapped anyway, they could just beat the password out of you.
Its complicated but people were guessing the right thing. In effect, if something isn't updated that should be, I am assumed compromised and things start to happen. This isn't specific to a will or mortality. I just don't want people to wait until I have been missing for weeks before someone lifts a finger. :-)
I know at one point apple would not let you do this even with a spouse's account. Once they knew you were deceased they closed the account. I was wondering if this was still the case.
> login info and MFA devices in a lock-box for them to inherit.
This seems wise, but won't work unless the software allows multiple MFA devices. I need my MFA device & phones on me to access my accounts several times a day. My bank logs me out after a few minutes and requires MFA to get back in
Most MFA have backup codes that you can download during first setup. This is typical for the MFA using QR codes. For things like banks where they email/text you your temporary code, many already have processes in place for when someone passes away (ie typically someone needs to contact the bank with proof that xyz passed away).
You can just save and print out the QR code onto paper and put that in your lockbox. Then your bequeathed can just scan those with their MFA device. Be sure to label them ;)
> I have cron jobs set up on pre-paid servers so that should something happen to me...
That's interesting, effectively a "dead man's switch" as a script. I think that would be extremely useful thing to do if you're going camping, mountain climbing, or visiting dangerous places etc.
But if you're just talking about "natural causes" most accounts have a way for a designated person to take control upon death. Octogenarians, I expect, are not apt to be facile with cron jobs, strong passwords and MFA devices. At that point, power of attorney papers become the most important thing (POA's don't have to be family members).
When a parent of mine died, I accessed their computer (not password protected). It was still powered on and logged into gmail, facebook, and various other sites. I simply changed the passwords and wrote them down (I also had access to the cell phone in cases where 2FA was used -- but that was rare in my parent's case). Now many years later, I still have access. The sites have no idea that user is deceased and I have no intention of notifying them. I don't actively use the accounts, but log into them when I'm feeling nostalgic.
Do you mean you didn't know the original passwords? Many services (like GitHub and I think Gmail) don't let you change your password without typing the old password first. This becomes a problem if you forget your Gmail password, even though you're still logged in.
Sort of related, I’d love a service or option that makes your git repos public after you die. Like unfinished projects or ideas you never got to work on etc.
how do you program anything to have a "fire if human is dead" logic? By definition it will accidentally fire sometimes when the human isn't actually dead and then, ugh, so embarrassing having to tell everyone you are still alive.
So make it more complex and have it "fire if human is not in touch" then. Have it give some level of notification that there is a problem needing human attention and that if possible, they should get in touch with you. You could give out keys to a secret (see: Shamirs Secret Sharing) so that if a few people got together then they could find out more but don't tell them who the others are (if they are likely to be at your memorial they will find each other). Give out secrets in sequence so that the longer it goes on, the more people get involved - tell the later ones who the earlier ones are. I guess it doesn't have to be all-or-nothing on the first day the software misses you?
Google has a feature you can enable where if they detect no activity on your account they will send several notifications over a set period of time, like 6 months or so. If you respond to none of them then they will give access to your account to people you configure.
Essentially you have to ask yourself if there will be a period of time in the future where you know won't use your account for that long. If so then you should disable the feature.
You can configure it to do anything including scan your social media for signs of life, cURL your own servers, and send out text/emails with attachments. Uses client side encryption if desired, or just give us your own self encrypted files.
In my case Verizon (Yahoo) deleted my whole email inbox while I am still alive... who cares when we die... these companies think we users are just sheep.
32 comments
[ 3.0 ms ] story [ 69.1 ms ] threadI have cron jobs set up on pre-paid servers so that should something happen to me, my friends will get emails from me as I don't entirely trust the trusties to do what they are obligated to do.
So OP has to regularly do some action until they can't (either aren't able to, or are dead in this case).
Touch a file on login.
Cron checks if file is X days/months/years old. Also I would add two offset. First triggers earlier with reminder to self (taking extra long holidays while forgetting about cronjob), second is actual dead-man-switch when you are probably incapacitated or dead.
And in that ensuring that all your legal matters will be easy on your family.
This seems wise, but won't work unless the software allows multiple MFA devices. I need my MFA device & phones on me to access my accounts several times a day. My bank logs me out after a few minutes and requires MFA to get back in
That's interesting, effectively a "dead man's switch" as a script. I think that would be extremely useful thing to do if you're going camping, mountain climbing, or visiting dangerous places etc.
But if you're just talking about "natural causes" most accounts have a way for a designated person to take control upon death. Octogenarians, I expect, are not apt to be facile with cron jobs, strong passwords and MFA devices. At that point, power of attorney papers become the most important thing (POA's don't have to be family members).
You could GPL a bunch of code (doing this legal step when you are alive), give it to an escrow service and let them distribute it when you die.
Essentially you have to ask yourself if there will be a period of time in the future where you know won't use your account for that long. If so then you should disable the feature.
You can configure it to do anything including scan your social media for signs of life, cURL your own servers, and send out text/emails with attachments. Uses client side encryption if desired, or just give us your own self encrypted files.
This is not the type of thing you'd want to entrust with "Big Tech" who can't seem to resist spying on you. -Cyber Security Expert
I’ve mused about setting up a service like this to tie up loose ends that are not addressed in wills. I’ll take a close look at your service.
It's open-source!