Ask HN: What's Your Digital Estate Plan?

12 points by pards ↗ HN
I'd like to hear from HNers about what measures you've taken to ensure that your digital life is safely and respectfully handled after your death.

  * Passwords
  * Email accounts
  * Social media accounts
  * Google Docs etc
  * Photos
  * Git repos
  * Personal sites
  * Domain names
I've been using a password manager with multiple vaults for many years but this feels insufficient.

There are some assets that I'd like to delete upon my death, and others I'd like to make sure are passed onto my wife and children.

My gut tells me that this is beyond the capabilities of traditional lawyers. Is there a way to automate it?

[Edit: formatting]

11 comments

[ 2.7 ms ] story [ 26.3 ms ] thread
You're talking about the "Bus envelope".

Pick a person, a trusted loved one or family member likely to survive you, and let them know where those written instructions are.

It's well within the remit of existing lawyers and I advise you involve one. Wills are standard documents. If there are time-critical actions make it a legal instrument that precedes any transfer of responsibility to an executor (who may not end up being the trusted party you designated and probate can drag on for years in complex cases.

Yes it's a security risk because you'll need to write some things down including passwords. Tell them a password in advance that they'll never forget and anticipate that they may be in shock or unable to follow complex time-critical instructions at the time. Use a unique shared secret like "Remember what that bird was singing when it sat on the balcony on our honeymoon night?"

Many people in service are required to leave a "professional will". Clients need to be informed. Debts paid. Records destroyed (there are many legitimate circumstances for this).

And god willing, it never happens for you.

Naming an Executor on one's will is standard but the responsibilities balloon when one expands the role to cover digital assets.

My password manager contains over 400 entries. Going through each one and requesting account closures from each individual site would take years.

I don't want to burden my loved ones with that chore.

I understand. A dead man's handle seems to be what you're looking for. You want a cron script on a well secured VPS that will de-alloc and garbage collect your whole life if you don't check in every month or so.
Yes, this is what it amounts to.

Maybe Europe's "right to be forgotten" laws will make this easier to automate in the future.

Agreed. You'd definitely need some prescribed technical measures that only strong laws could enact.

The stumbling block would always be that what you want is a "Delete it all, right now, and don't argue" remote API call.

No commercial provider will ever give you this at present. Practically every line of code running online services is designed to avoid that and do the exact opposite. The only practical solution I can see is that you somehow obtain a certificate that allows that capability and keep it _very_ _safe_. Nonetheless, there will be some people who let their "digital self-destruct" cert get loose and then complain when a prankster deletes them.

This problem adds weight to the idea that it's better to manage your own digital affairs, then it's as simple as

@monthly "if [ ! -f "$STILLALIVE" ]; then ssh me@myhost find ~ -type f -exec shred {} +; fi"

I don't see a needness to care about any of that except funds - bitcoins and bank accounts if any. Former might to be tattoed as a qr in nasty parts of a body which is hard to be observed and therefore decoded without my knowing. And latter has not any reasons to be a secret from the family. Last but not least is an access to my phone number but it depends of circumstances of my death like will my body be burned (with my clothes and everything in pockets which is common during war which is going on my backyard) or will I be robbed. So sorry that it is impossible to duplicate my phone if the phone to which my digital life is bounded is going to be carried everywhere, because why not to have an access to my digital life from everywhere.
Bank accounts and other financial accounts are not considered digital assets.
I have a huge amount of funds on my bank account which is not accessible without a phone after last update of some software on their side. Maybe that account is not a digital asset but I do not want that funds to belong to my bank instead of my family just because of my unexpected death. That is definitely not an off-topic.
Safe deposit box with my password manager info in it (and my wife has a key and box access). Anything I want to die with me is not in there. I still have more work to do to organize my affairs but for now it's better than nothing.
I’ve been thinking the same. Password manager with the nuclear code master passwords in a bank safety box. But how do you choose the most reliable guaranteed bank?

I can’t hear ‘you didn’t come to the bank for X years, so it’s gone’.

I have passwords and instructions. The directions are "burn it all to the ground"