Password Access for Heirs

Kurt Knutsson has some thoughts on ensuring your heirs, as designated by you, have access to your passwords after you’ve died. Passwords are especially critical for access by your heirs to your financial accounts, brokerage accounts, subscriptions and online purchasing facilities on which you’ve stored credit data for convenient renewal and purchase execution (yeah, I know…), and so on.

Knutsson’s thoughts center on using a password manager to hold the passwords so that only the manager’s password needs to be kept available to an heir.

I have thoughts, too.

In-the-cloud password managers can be hacked, just as can another other cloud facility, because the ongoing arms race between hackers and security developers always has the hackers having the initiative. When anything in the cloud gets hacked everything in the cloud—at the least, your particular assignment in the cloud—gets exposed. There go the passwords.

In-the-cloud managers also depend on access to the Internet, and lots of things can block that access at critical times and for critically long durations. These can range from storm-related power failures taking down ISP servers or power to your own house’s neighborhood, through to auto accidents taking out an electric power distribution point feeding your neighborhood (this has happened to me a couple of times) on up through to hackers’ access denial attacks.

Password managers on your browser? That would eliminate Internet access-related problems, but not the hacking problem. Browsers can be hacked, and yes, even the most carefully set up household LAN can be hacked—see the arms race above.

All of that is remote access by the hacker.

An alternative, preferred by my august self, is to write down on paper your passwords and the accounts to which they allow access. Keep those passwords under lock and physical key (cypher locks can fail from battery failure. Losing memory from loss of battery is rarer with modern locks, but there is neither battery nor memory failure from any cause with a physical key). Let your heirs know where they can find that locked location and its key. A good place to store that knowledge is in the Letter of Instruction you’ve written (and keep updated) and placed with your copy of your Will. Because of course you’ve written both.

Hard copy, written down, passwords can only be hacked by physical entry into your home and entry into your locked storage device. That requires the hacker to be physically on scene. And that’s much rarer than any software hacker breaking into any software password manager from anywhere the hacker finds convenient.

Oh, and the convenience of password managers for accessing your money-related accounts across all of your devices? No, don’t do that. Keep your money access stuff limited to a single device, ideally your PC or laptop, and never your cell phone. The cost of that convenience is just too high.

Keep it real, as the kids say. Keep it physical.

Leave a Reply

Your email address will not be published. Required fields are marked *