100 comments

[ 0.26 ms ] story [ 92.6 ms ] thread
This is one of those sharp edges around selfhosting. If you build and run critical infra for family, ensure there is a plan if you suddenly transition to another plane of existence. I love to homelab, but if I die, all of my gear can be shipped for recycling and family tech infra will keep on running (those instructions are in the death binder; "package all tech and ship to electronics vendor X to recycle").

We use Fastmail, Dropbox, etc with all service admin accounts in a shared family icloud keychain group [1]; all services are on autopay from a credit card that is automatically paid each month out of investment account, family email domain is paid up 10 years into the future. Any of our family members can check their mail or change configs through Fastmail's web UX.

[1] https://support.apple.com/guide/iphone/share-passwords-iphe6...

I want to point out that, upon our death, everything externally hosted will also break down eventually when bills are not paid. I am not sure what would happen faster.

Apart from that, I am glad to see reddittors stepping up to help the guy. That's the good old internet.

It doesn’t have to be this way: set the bills up on autopay, and have a clear list for your executor of which companies are providing which service. Autopay should keep things working long enough for your kid/parent/whoever to find the list and change the credit card numbers on the accounts.
That doesn't work for all services. Some companies will want/require the persons name to be correct but at the same time have policies that a different person can't just "take over" an account due to death.

At every level our society is very broken after we introduced computers. I'm super happy to be making money from that, though.

A UX problem that simply needs to have best practices, implemented as religiously as Agile
So choose services that are compatible with your legacy needs, just like you double check your hardware will work with linux before you buy it.

My digital assets are designed to work for at least 10 years after my death (I keep domain and hosting accounts pre-paid) and my annual dead-man's switch should ensure my succesors are given timely notice to take over or migrate any services they decide are worth perpetuating longer than that.

I would add what maybe this works in the US, but in a country with a bit better EGOV the news of your death would propagate pretty quickly. In a month, maybe two? Probably. Longer than this - no. And definitely not a year later.
I’m not sure why reliable, timely news of the death of the person who set up the account would necessarily mean the company closing the account, as long as the bills were being paid. Your estate is a legal entity.
> mean the company closing the account

The account with the money, not with the service.

> Your estate is a legal entity.

Only after the executor probated your will and therefore received the rights to manage your assets. Until then nobody can (at least legally) to do anything with the money. And while nobody would bother with an automated subscriptions (till there are enough money on the account ofc) there could be problems if the assets would be frozen until the executor would claim the rights for them. Or if the bank just outright cancel or disable the card to prevent unauthorized (hey, the guy is dead, he can't consent!) withdrawals or payments.

> as long as the bills were being paid

Not every jurisdiction is fine with the money operations from a deceased person.

EDIT: oh, and here even if you have a will signed yesterday and you are named the executor of the will you still need to wait a half of the year for the probate to complete. And IMMSMV you can ask the banks to freeze the assets, specifically till the rightful heirs would be determined. Specifically for a case when a loving niece, ex-gf, bff, whoever wouldn't be able to withdraw everything from the deceased's accounts.

Ah, the missing piece here (at least in the US) is that you always want to have a joint account with someone you trust (a kid, a spouse) so it doesn’t go into probate. Anything that needs to keep being paid after your death gets paid from that joint account.
The difference is the companies billing you will attempt to contact you - hopefully including something that will get to your heirs (snail mail is good for this!). They will also help you understand what the service is for and if you need it.

BTW, if you work for a hosting company, do your processes actually to the above for a non-technical, grieving heir?

In my experience what is done is they send you an e-mail, shut it down if you don't pay and send another mail that they delete it after x time where x is mostly a single digits days.

Something like this [0] where they try to contact you by phone and snail mail and keep your stuff online for more than half a year even if you don't pay is a paid exception and not the norm.

[0] https://www.infomaniak.com/en/secure/renewal-warranty

> everything externally hosted will also break down eventually when bills are not paid.

Most (all?) companies have some process where you show a death certificate and then get access to the account.

Wow, all those people jumping in to help him graciously. So touching.
My first thought too. Then I wondered how long it would be before scammers used a similar approach to try and get free hacking services from unsuspecting people. Sigh.
There will always be parasites. That should not be the reason we don't help each other, or we'd lose something even more valuable than what the parasites take.
I already thought this was... steal a server from somebody, can't get into it past a certain point, get somebody else to help pretending it's a family server gone bad. Cynical yes but scammer numbers likely outweigh genuine requests these days. Besides, some of those people offering to "help" may be people looking to score some personal data... reverse scamming :D
In this specific case people helping will require physical access for the family member they are helping. If they don't, big red flag (self hosters should be able to recognize a scammer), and if they actually have physical access to a stolen server, they won't need help, or won't be able to create such a scam.
It is. But it's also normal. Selfhosted is a big enough sub to still have some issues, but it's also small enough to still be high quality and push many assholes out.
Ugh, this kind of stuff gives me nightmares. I do all the "IT stuff" for my family, including keeping our cable modem and network infrastructure working, hosting our E-mail, keeping track of everyone's passwords in a password manager. I keep all of the usernames and passwords for our online services, including financial institutions. If I suddenly disappeared one day, nobody would be able to log into anything or pay bills, and they'd be one VPS failure or LetsEncrypt certificate hiccup away from losing access to their E-mail.

I've tried to mitigate this risk by keeping a so-called "death book": a hardcopy of all accounts, passwords, 2 factor auth instructions, router SSIDs, and so on, kept in the firesafe with all the other important stuff. But this Reddit post points out that this is not enough! Someone would also have to come in and take over the technical toil and maintenance that it takes to keep everything running. Not sure what the solution is. The rest of my family has no interest in learning this stuff. They can't even remember their own passwords without me, let alone ssh to our VPS and restart exim4.

> The rest of my family has no interest in learning this stuff

What about going on strike for a day or two? Not in a petulant way, but in a loving way. Just to impress upon your family exactly how important things are, that they're currently taking for granted. Maybe you'd get a volunteer to do some modest training and succession planning.

Maybe. But in my experience, there are a lot of technical things that I value that the rest of my family just doesn’t. And losing access to things that I would consider priceless, others might just be happy to find workarounds for or recreate.

It’s really hard to force people to be interested in things that they aren’t interested in.

That's 99% of the reality right there - most people would just shrug and get a new gmail address and a new phone and tell people "oh my email changed".

My family enjoys having a simple-to-use Jellyfin setup with Infuse as a front-end; but if I'm dead eventually that ZFS server will fail in one way or another, and they'll shrug and go back to streaming or buying DVDs or something.

Attempts to explain are met with "don't bother me with talking about you being dead".

It's the difference between a family and an institution.

When a coworker (IT staff, in your case) leaves, they get replaced.

Family just leaves a hole. Maybe some duties get taken over, maybe not. You may leave behind an IT shaped hole, but it's not really a new or unique problem. You lose the person who organized the holidays, the family reunions, the one who made the good pie, the peacemaker who kept the half-dozen warring factions cordial.

Maybe someone else steps up. Maybe not. It just gets rolled into the larger grieving process of the holes left by those we've lost.

Strong families are institutions.
You can't add a family member to the team just like that
That's why they invented marriage. /s
Too late, it's broken as one of the last competitors to The State for loyalty. Weak families mean strong States in your daily life.
Unless you’re Italian.
You can - strong families often have various hangers-on referred to as "family friend" or similar terms - who are not related by blood or marriage.
I gave my wife instructions on how to access my password manager. From there it has everything (both usernames, passwords, and the URL to access). The password manager has categories, so financial stuff is all together for her to go through.
> I've tried to mitigate this risk by keeping a so-called "death book": a hardcopy of all accounts, passwords, 2 factor auth instructions, router SSIDs, and so on, kept in the firesafe with all the other important stuff. But this Reddit post points out that this is not enough! Someone would also have to come in and take over the technical toil and maintenance that it takes to keep everything running. Not sure what the solution is.

Yeah that's the problem. They may have the passwords etc. but they don't have the knowhow to understand how the Proxmox cluster works, why the scripts aren't running, or comprehend an obscure error. It's basically a business setup at this point and would require someone with an IT background and lots of time to understand. Hell if you suddenly gave me such a setup and asked me to figure it out it would take a lot of time and trial and error as well.

The thing though is that if something happens the stuff won't all go down at once, there will be a process where hardware fails, subscriptions aren't paid, and so forth. So what I tell my family is to immediately backup the NAS files to external HDDs, create new email accounts with a public and setup forwarding for as long as it lasts (while changing their bank/Facebook/etc. to use those new emails), and so on. The telephone/internet providers may need to be changed to a user friendly residental service.

And all that has to happen fast before everything becomes inaccessible.

You need to train them. Your idea of being a helpful hero is actually creating a single point of failure for all of them which is arguably a worse situation. IT as a hobby is fun, but by pulling others in you're actively putting them at risk.
My friend/business partner and I have an agreement to assist the other wind down our personal IT "estates" in the event of either's death. We're both competent sysadmins, and we both try to keep our "home IT" pretty comprehensible. The goal, in the event of death, is purely to wind-down, too-- not to keep services running indefinitely.

My wife knows what hard copies (my "death book") to give him if necessary. Until I die he has no access, but once I do he has my implicit trust.

I don't keep the documentation updated as often as I'd like, but it doesn't drift much between update sessions either. A life event usually prompts updating the docs. The last time I updated was the night before going in for surgery.

Besides my self-hosted stuff, I do "family IT" too. The "family IT" stuff is all documented just like one of our Customers. I made a point of insuring that my business partner could take on the family in the same way that he could take on other Customers. The goal is still probably to wind down, but it puts the family IT on somewhat similar footing to the Customers.

I'm in the same boat, except I recruited two people who are simi-techinical enough to at least know what are servers and services. I trust them with my computer and pw manager credentials. If anything happens to me, they will at least be able to provide credentials to any services, network, or devices I touched in the last 15 years. I hope that will be enough, or at least ease the burden.
This made me think, but I don't think I have the problem(s) everyone else is having.

Internet account - they'll file paperwork to get access. They can continue paying the bills. Same goes for all utility accounts and online services (most of which is not a big loss - they can sign up for their own Netflix account if need be!)

Router: That's the main failure point. But they can just replace it with one the ISP gives (for a fee, of course).

Email: I have my own setup, so no one is impacted if I die.

Self hosted stuff: I think I'm the only user. Wife was using Plex for a while but doesn't any more.

Smart home: Yeah, they'll lose this. Stuff like smart switches "just work". But smart bulbs occasionally need to be reset and resynced to the hub. All in all, it's not really a great problem if they start failing.

I did add notes to my will on what I felt were the important files on my PC they may want to preserve (photos, etc). They don't use Linux so they may need help extracting them. Easy to pay someone to do it, but I have a feeling they won't really bother.

There is only so much you can do though if the other people aren't prepared to learn how to use a password safe (etc).
A death book won't help a spouse. They already have enough on their plate with losing their partner.

Also when one partner dies or is ill, the other often lacks the capacity (mental etc) to deal with complex technical stuff.

They need to use the password manager. They need to be able to access accounts without you. If it is one that they can't use, then you need to find one they can. Also, that is reducing the burden on you. Do they ask you to login to things?
Can you open source the information structure for this "death book"? I imagine it's a common need. Of course every family is different, so over time modularity / extension should be build into the system structure.
This is why The Internet Archive is such an important public service. I run a mostly static web site and I know the some time I will lose the interest or the ability to keep it running. It gives me some comfort to know that my work with be available as long as the TIA is running.

If you have a loved one whose abandoned site will eventually die, consider spidering the site and turning it into a physical book. I don't know of any services that will do this for you but this is the only way family will have a chance to read their words in 20+ years.

The portability and extractability is a big reason why my blog is just a static site generator full of photos and markdown.

If I want to migrate it to a new host or a new static site generator it's all pretty trivial. Theoretically outputting it to PDF or print should be pretty doable.

>The main thing I'm hoping to recover is the webmail (I think) service most of my family used. That went down in September, and we've lost access to a number of other accounts because of that.

At first, I self-hosted email on home server. Paid extra for a dedicated IPv4 address in the cable broadband bill at a residence.

I then started dealing with critical business emails, and a single server at the house is not reliable for that so I migrated to semi-self-hosted by paying for business-class email package. I still use my custom domain and point the DNS MX records the the hosting company's server. That was 15 years ago and had a few family & friends also use that for email.

But I'm now in the process of getting everyone off my email server except for me and migrating them to GMail and Microsoft 365 Outlook. They need simple reliable email and my 1-man-army of IT staff (me & myself & I) cannot support them if I'm in the hospital for a month.

My custom email setup has "too many moving parts". There's a login in at the registrar to constantly renew the domain. And there's another login at the hosting company and pay that yearly bill with a credit card. There are multiple points of failure. I'm the proverbial "if he gets hit by a bus" problem: https://en.wikipedia.org/wiki/Bus_factor

No, I can't write up some documentation with screenshots so they know how to navigate the process at the registrar and hosting company. E.g. if they try to login from their "unrecognized" computer to takeover email administrator tasks, a 2FA email confirmation with random 6-digit code would be sent to guess where? To _my_ email, not theirs. The interconnected dependencies are complicated and invisible because the recovery procedures are not stress-tested. Besides, the web UI changes constantly at those companies so the "oh shit what do I do" documentation would quickly get out of date anyway.

The redditor's story just reinforces my decision to not let people depend on my email server anymore.

If you're hosting email for family & friends, carefully think through all possible failure modes so they're not in trouble if you're not around.

There doesn't seem to be a good solution. Self-Hosting E-mail requires a high degree of technical wizardry, but relying on a cloud E-mail host means you are one inadvertent TOS violation away from losing access to your entire identity (all password reset features ultimately rely on access to E-mail).
How often do people break a TOS? I’m not sure that’s a problem normal people should worry about. There’s always a TOS, whether it’s at the email service or the ISP or the data center.
I don’t know why this is getting downvoted. If you self-host your email, you are still beholden to your ISP’s TOS. Maybe it’s an improvement because it’s less likely you’ll be found infringing, but it’s still quite real.

Let’s not forget your domain registrar either…

It seems every couple of weeks we have a new "I was banned by $COMPANY_X and lost access to everything! They won't tell me why." HN article. It's probably rare, but happens often enough and the consequences are severe enough that it's a risk worth considering.

It's likely a lot more rare to get banned from your VPS or ISP than it is to get banned from something like Google, since who knows what the rules are there? Your kid could upload an inappropriate video to YouTube or something, and they'll associate IPs with your account and suddenly you lose access to Gmail.

Yeah, it just happened to me a while ago. Banned from an online game inexplicably, for something I am absolutely innocent of. Their support team refused to do anything, assured me "the ban is correct". Only got lifted because of knowing someone who knew someone and was able to have it actually looked into, rather than the usual non-investigation you'd typically get. I know numerous people who have lost their entire Microsoft or Google account (or other services), with zero explanation, zero recourse, just everything permanently nuked. This can happen to anyone at any time, as erroneous false positives happen seemingly arbitrarily.
You generally don’t self-host your email via your ISP, you use a VPS, and you can switch that at will.

I haven’t heard of any case where a domain registrar took away a domain other than as a consequence of criminal prosecution or court orders.

In any case, it’s far more robust than e.g. Google shutting down your account for unknown reasons.

The problem is not breaking TOS in general. In general if that happens because of you, you simply apologize to the company, pay a fee or something and continue. The problem is breaking TOS of the internet monopolists. If that happens you don't know if you broke the TOS at all, if yes, then what part of it, how to remedy it and what the rules are in general. Instead you are nuked from existence with all dependent services immediately and forever, have zero recourse or understanding because reasons are always secret, so you can't even dispute a mistake of a dumb script on their side or abuse of third party (i.e. fraudulent DMCA strike). And after erasing your existence, Google or Facebook will sic their shitty scripts on you, to prevent you ever interacting with their services.

Not all TOS are equal, and not all services are equally important and have same severity.

The main threat for normal, well-behaved people is the growth of services that encourage us to put all our eggs in one basket, multiplying the routes by which you might attract the wrath of The TOS Overlords.

An example would be the number of people who don't want to issue perfectly valid chargebacks against Amazon because they'll lose access to digital purchases (kindle, audible, etc) in retaliation.

So more on-topic, it's conceivable that, for example, you have a dispute over a Google Play purchase, and in trying to exercise your consumer rights, you lose your access to your gmail account.

You don't need to be a troll to be violating a TOS, "if they're being punished they must have deserved it" is no more valid online than off.

Yes, this is exactly where I was going with the TOS comment. To take this risk to the extreme: Imagine in the coming future, when every service you rely on or use comes from the same company, and any TOS violation or dispute on one of those services gets you banned from the rest of them. That's the world of hosted services we are slowly moving towards.
I see, I guess I should have specified that I was talking more about email services like Fastmail, where you are just paying for email and if you break the TOS you probably were doing something absolutely bone-headed, and if not then you can just move your domain easily and take your email backups to another provider. Another example would be using some GUI or CLI utility and any generic S3 service to backup data, where you can move the backup to any S3 service you want to. I think that's a reasonable medium between losing everything because you put all your eggs in one basket with Google or with your HomeLab. Family can pretty easily pickup a Fastmail account and understand how to work it, and the same with a simple backup program on each computer plus S3 storage. I feel like this is the "golden path" through the middle of today's SaaS economy without having to train a replacement from your family like you're running an IT dept.

tl;dr: Everyone keeps saying Google/Facebook/etc but I am talking about hosting your services with individual corps, not "all eggs in one basket" style.

I pay for an email address connected to a domain that I own. It's fairly inexpensive and I could switch email providers relatively easily.
You can use your own domain with commercial email hosters, and switch hosters when needed. The important thing is to have your domain at a registrar that is not also your email hoster.

I also don’t know why GP has to “log in at the registrar to constantly renew the domain”. Auto-renewal exists. I haven’t lifted a finger for any of my domains for many years.

Not only that but you can renew most domains for many years. I have mine paid up for 10 years.
(comment deleted)
For my website, I own the url and pay siteground to host it. If siteground and I have a falling out, I can take my content and my url somewhere else. Isn't the same true for email addresses associated with that domain? Can't you get another cloud provider to host, so you can always access email-based password recovery? (I'm ofc talking about @mypersonaldomain.com addresses, not @gmail.com or whatever.)
Nobody owns a URL. You lease them at the registrar’s leisure by following your registrar’s policies.
Well, if you own the domain you can point the MX record elsewhere if one host starts jerking you around. Of course you can have problems at the registrar level, but having used 100% self-hosted email, 100% hosted email (their domain) and hosted email pointed at by my domain, IME the hosted but my domain option is the most resilient.
Receiving e-mails is easy sending them on the other hand can be a huge pain in the ass. But you can self host and use a service to send e-mails (smarthost is the keyword).
With a MS/Gmail/etc. account you're also a violation away from losing your identity. At least with your own domain you can port it over to any hoster you like as the domain remains yours.
Which is why you split the difference. Own your own domain, and host at a reputable, reliable mail service provider like Fastmail. If you get taken down by a TOS violation, you didn’t lose your email address, just the contents of your inbox — which you hopefully have backed up, at least in your local mail client. Update your MX records to a new mail provider, and you haven’t lost what’s essentially your digital identity at many SaaS services.

Everyone in my family has their own domain. The instructions for renewing a domain, a list of reputable mail service providers, and instructions for pointing MX records at a new service provider, are not very complicated for somebody that can work a computer at a basic level of productivity. Many email service providers will even run nameservers on your behalf so you don’t even have to mess with individual DNS records. You can fit that in about one formatted page of instructions to include in your online contingency plan you share with love one(s).

Note also that a dedicated email service like Fastmail has a lot fewer ways you can accidentally violate TOS than, say, GMail. Your google account can get TOS'd for activity on YouTube, Drive, Chat, Photos, Docs, Blogger, etc. When was the last time you heard about someone getting TOS'd for the contents of an email being misunderstood?
> Which is why you split the difference. Own your own domain, and host at a reputable, reliable mail service provider like Fastmail.

I do the same, but your argument is a little dishonest: You can lose your custom domain and lose your provider account, so you've essentially gone from one point of failure to two.

The novelty domain is totally worth it though, at least to me.

Honestly, the state should provide every citizen an official email address and make it a requirement that every invoice, contract etc is provided to this account...

Not sure about the privacy ramifications if that though.
You mean wrt the state provided email address?

That's solvable issue with multiple solutions.

I.e. making the address routeable to another provider by configuration. Imagine an address like yourchoice@$identifier.TLD.mail

The state could give you the option to set the MX record for this subdomain to a provider of your choice

Unless you're in the habit of regularly getting into serious social trouble (as opposed to the normal, run-of-the-mill, unserious social trouble), the risk of violating that TOS and getting kicked off the platform is likely much lower than the risk of the proverbial parent poster getting hit by a bus.

If you think I'm being facetious, I'll point out that at this point, I have several hundred person-years under my belt of the use of various online services, and I've not had issues with getting unfairly banned from them.

I do, however, expect to die, and anything I built to crumble to dust and bitrot long before I have several hundred person-years of life under my belt.

I, personally, worry more about a Google algorithm deciding I'm trying to hack my own account, a la https://news.ycombinator.com/item?id=34116361 / https://news.ycombinator.com/item?id=31681221 , than I do about a ToS violation.
Sure. TOS isn't the only risk factor.

I still think you're far more likely to die (or suffer some other situation where you're unable to properly maintain your homebrew house of cards) before you experience it in your lifetime.

If it's your hobby, that's great, its a productive way to stay busy, and it teaches you things! But in long-term use, if I inherited a home-built dishwasher from my dad, or my spouse, I'd probably just junk it and buy a Bosch at the first sign of trouble from it.

I agree that sticking with an unmaintained house of cards isn't a great idea, and I agree that fully self-hosted email is pretty likely to be jank in one way or another - I'm just trying to push back a little on two ideas floating around in this thread: 1) any deviation from the fully-hosted happy path is necessarily a house of cards and 2) the fully-hosted happy path doesn't have risks of its own

Specifically, I have a domain prepaid for a decade pointing at a mail host prepaid for a decade. I've had this setup for decades and it has literally never broken. In this timeframe I and many friends and family been locked out of Google accounts for one reason or another. If I had to bet money on a family member's ability to access this setup after I have an unscheduled meeting with a bus, vs. their ability to maintain access to a Google account, I'd bet on my setup, not least because that setup involves actual (pre)paid support.

So yeah - house of cards bad, but some degree of control doesn't have to mean house of cards. I think we're mostly in agreement - just wanted to try to outline where I'm coming from a little more specifically.

My as-yet unlaunched solution to this is mutual.email - mutual, as in mutually owned. The idea is to have democratic, member led decision-making, while eventually farming out the technical work to a managed hosting provider, or staff. One of the key criteria is that it should be able to outlive any of the parties involved in using or delivering it - something only an organisation can do.
Lower likelihood of my getting banned than my dying imho. It's just a risk assessment and I've landed here.
1Password allows you to share login credentials and stores/generates TOTP which can be used across multiple users/machines.

A Yubikey as 2FA is another good option but that is not widely supported yet.

Add another phone line for a phone that stays home and is the 2FA phone (or a Google Voice to a shared email account, with all family members phones as the Gmail 2FA, since it supports multiple phones)

#1 rule, pay for domains out the full 10 years, every year, everything else is gravy. As long as your estate owns the domain, things can be fixed even if some mail is lost. They have a decade to sort it out ;)

I am with you. The last few years I tore down all of my self hosted solutions (except Homebridge) and move all family members to SaaS and I just pay for everything.

* All mails are on Gmail or iCloud.

* All backups are on Dropbox and iCloud.

* All photos are on iCloud shared folders.

* All passwords and secret notes are on 1password.

And I made sure that I am not the only admin. Life is simpler this way. I wrote detailed instructions on how to recover all these in my will in 1password.

We did estate planning. The first page of our family trust is the 1Password recovery page and information about critical accounts. Train your immediate family on what to do if the unexpected renders you useless.
> a 2FA email confirmation with random 6-digit code would be sent where? To _my_ email, not theirs.

So you set up an email account specifically for those, and put the credentials for it in the documentation. You probably want that to be hosted somewhere else though, because needing the code to access your email system so you can get the code is not a fun kind of circular dependency.

That's not limited to self-hosting though. You lose your device and therefore the saved password for Provider A, to reset it they want to send a code to Provider B, to sign into that they want to send a code to Provider A. 2FA circular dependencies are actually kind of a scourge.

>So you set up an email account specifically for those,

Sorry I wasn't clear. I wasn't looking for a "solution". I was trying to explain how one can be blind to future failure scenarios (e.g. 2FA behavior is just one example) and thus, the "admin procedures documentation" can be inadvertently flawed. It's because the owner never had a 2FA verification email for years and so completely forgets that their friend will get an unexpected 2FA random code request in the event of a disaster recovery. I edited my comment to hopefully make that more clear.

>The interconnected dependencies are complicated and invisible because the recovery procedures are not stress-tested.*

What I'm asking is, how is this unique to self-hosting?

You set them up on Cloud Email and it asks for a phone number to create an account, then they find out some debtor used to have their phone number and they're getting calls from debt collectors, or they move and want a number in their new area code, so their phone number changes. No one thinks to update it with the email provider until they insist on sending a code to the phone number you used to sign up ten years ago.

Or you set it up for them and it prompts for a backup email, which they don't have because the one being created is their only one, so you use yours thinking something is better than nothing, and now they still need the code sent to yours.

How does the hosting method affect any of this?

> E.g. if they try to login from their "unrecognized" computer to takeover email administrator tasks, a 2FA email confirmation with random 6-digit code would be sent where? To _my_ email, not theirs.

It's infuriating how everyone in the world is doing this forced 2FA stuff now.

I spent 15 minutes this morning trying to get a family member access to a code/URL to verify their email address that wasn't being forwarded by the family mail server I run.

This happens to me a few times per year and is enough of a hassle to get me to want to get off of this forwarding service.

Ten or fifteen years ago I set up an email server on a cheap VPS for myself and my then-boyfriend. It took some doing, but I got it reliable enough that we both used it as our primary email.

Today I'm married to a different person and still administering email for my ex. Out of everything that came of that relationship, I regret the email server the most.

Uh, did the court order you to administer e-mail in perpetuity? Sounds like it's high time to put your foot down.
I'd love to move my personal email off my self hosted (Postfix/Dovecot) server, but I'm not paying $5/person/month for the privilege (ProtonMail etc). I know how little admin work it takes to maintain an email server, and I know that cost doesn't change per user. I would gladly pay $5/month for my entire family.
How much does your server cost? A $500 computer that you replace every 10 years is most of that $5/month. Then there is electric costs, internet connection costs, and so on. You are correct it doesn't cost $5/month to admin your mail server, but there is a lot more than the cost of the admins pay that you are paying for.
Get a shared web host that provides email. Usually you can create unlimited email accounts.

Dreamhost is $13/mo (although they have a temporary discount right now). That's more than $5/mo, but you get a lot more than email.

They also have email only hosting: $1.67/mo/mailbox if you prepay for a year.

I can see why you think the hosting companies are gouging you with their prices per user, but look at it from your family's perspective. Their email is probably worth a lot more than $2/mo to them, and if you suddenly die and they lose access, it would be because you didn't want to pay $2/mo to avoid that pain.

Everyone knocks writing down passwords, but it helped us tremendously that a year prior to my dads death he and my mom went through all their accounts and got usernames and passwords on a sheet of paper.

The one that was forgotten was his cellphone pin; would have been nice to get a copy of his photos (encrypted Samsung)

See this is one advantage of the Google approach - everything is cloud-synced so my photos are all on my Google account hooked to my Google credentials. So even if my phone is locked, all the files that it represents are in my gcloud.

(aside: I still need to get those photos backed up into my home NAS).

This is actually a very good idea, and there's nothing wrong with writing all your passwords onto paper, if you put that paper inside a fireproof safe or safe deposit box. Taping it under your keyboard is when things go bad.
There is hardly anything more secure than writing a password on paper and storing it in a safe. Hell, a password on a post-it on your desk at home in plain view isn't all that bad in most situations.

I constantly recommend the use of password manager and unique credentials everywhere (to prevent cred stuffing attacks). I always get feedback from friends/family that they worry about forgetting the password to the manager. I tell them to write it down and put it in their safe. And it always results in a deer-in-headlights response. They've been told for years to NEVER write down a password.

All the "Company XYZ fired half it's employees and its still working" people need to probably read it.
there's a lot of technical solutions but i think dad needed to have trusted friends who could come in in this kind of situation. that used to be how men operated, you had life long associates that were both part of your vocation, and were trusted enough in case of your untimely demise to do the right thing by your family. i have a handful of friends like that, they have verbal instructions of where to physically recover master passwords from for all my home infrastructure.

(in before "oh no! what if they steal your stuff! what if they leave your wife and kids with nothing and steal your money" i have two answers to that, get better friends of course is the main one. but the second one is that reason our mind goes in that direction is because there's been a lot of moral stories written, bulk of them in victorian times, of wives left destitute because of unscrupulous associates. those stories make for nice drama, and they are also warnings for individuals and society in general. you gotta trust someone, better be people i knew for a long time, rather than some random consultant from reddit, or a geek squad member)

I had a very close call with death in 2022. As a result I have a very detailed “If I die” note shared with my wife.

- All account passwords

- All financial account info etc

- Information on where pictures are stored on our home server.

- a message for her to read if I die.

My instructions for self hosting is basically “tear it down and give it away”

It helps that almost everything is in 1Password.

(comment deleted)
I gave up self hosting most stuff years ago because I was worried about the impact to my family if I passed unexpectedly.

I still have a lot of home automation but I’ve specifically selected equipment that “fails normal” - the smart stuff like rules and voice control and so forth might go away, but the switch on the wall will continue to work regardless.

Finally I fanatically use a password manager. The password, backup key, etc for that is written on an “in case” letter stored in a fireproof/waterproof envelope in a fireproof safe in my home, and my family is aware of it.

It’s one of those unpleasant things to have to plan for, but I don’t want my family to have everything break on them if I die.

A few years ago I decided to run everything at home in kubernetes and started doing GitOps in a public github repository. Doing everything in public makes it quite easy to talk to people about it:

If I need help with some open source software, I can reach out to their community, point them to the repo, and show them exactly how to reproduce my issue.

And I just realized that when I am not around, my wife can still call my technical friends or find contractors to fix stuff, by submitting PRs to the repository. She just need to get my GitHub account from shared password manager and approve PRs ;)

Thus kind of thing makes me think, if we can't set it and forget it with these services anymore this whole industry is going to fall to pieces. Its just not reliable infrastructure.

We want to keep making things more shiny and complex because it justifies our jobs. But everything has dependencies, breaking changes, cruft. Working systems decay too fast. The software industry has become nothing but overhead and maintenance.

If this continues there's no future for it, that might sound impossible or unbelievable, but humans advance, and this isn't advancement, you can't run a space colony on software that stops working a year later and needs legacy system admins to keep the air running in 15 years. This stuff needs to normalize, slow down, become bedrock, or our civilizations will not be able to rely on it.

My dad died late last year and I inherited all of his self hosting projects. Thankfully I helped him set up pretty much all of them and they revolve around home automation and media management.

This is why I refuse to touch “critical” things for self-hosting like email. If Home Assistant goes down then it’s not the end of the world. Physical switches still work and people can work around it. Same deal with a media server, it’s not the end of the world. Losing email/chat/photos IS the end of the world for a lot of people.