[Cryptography] In the event of my death, master password

[Kent Borg]

On 2/27/19 6:42 PM, Paul F Fraser wrote:
> Trying to work out for my project, how best to handle a master 
> password for relatives and others to access data after death, 
> including data about ongoing subscriptions etc.. 

My advice?  Change how we manage passwords. (No, I'm not ambitious...)

First, don't recycle passwords between different sites. Okay, I just 
lost 99.8% of my audience.

Second, people should write down their passwords on paper. All analogue, 
no electronic-anything involved (because you can't trust that stuff is 
working for you, and can't trust it is competent). There goes 0.1%...

  - Keep a backup by copying by hand, and regularly updating the backup. 
And now I have lost the remaining 0.1%. (No photocopies, they are 
computers these days and can't be trusted.)

  - Protect that paper as though it were important--treat it like cash 
money. For frequently used passwords you will learn them and won't need 
to refer to the paper, it's not that bad.

  - If some passwords are more critical than others put them on a 
different piece of paper and treat it like a /lot/ of cash (i.e., don't 
carry it around with you).


Now the recovery question is much simpler: Tell your airs where the 
backups are kept. (Put that in information in a sealed envelope, if you 
would like.)


-kb, the Kent who is terrified of end-point security.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190227/e81c7115/attachment.html>