Ok security folks, what does this mean? a safety deposit box with all the root passwords in it?
posted by cosmologinaut at 9:47 PM on March 23, 2015

Metadeath?
posted by Samuel Farrow at 9:50 PM on March 23, 2015

Ok security folks, what does this mean? a safety deposit box with all the root passwords in it?

Oh man, I was just reading about something like that. Where was it? Ugh, it's right on the tip of my tongue... Oh yeah, it was the article linked to in this FPP!

The experience drove Kalat to try to figure out what lessons can be learned from Michael’s death. His first piece of advice: Create a legacy drawer.

Most prominently advocated by author and radio host Dave Ramsey, a legacy drawer is a secure holding space for passwords, wills, estate plans, tax returns, contact information, and other important documents that allow families to more easily deal with the important practical matters that follow the death of a loved one. For you hackers or other security-focused people, it’s extremely useful to include things like network maps and gear labels so that your piles of computer don’t remain an unsolved mystery for the people you love.

posted by Ian A.T. at 9:56 PM on March 23, 2015 [11 favorites]

My dad's been in the hospital since early January, and he's probably not leaving. So I've had the Normal Everyday Version of this story happen, and it's just as unpretty.
Mom had let the marriage become quite traditional so she knew nothing of how much money she had, what bills were due and when and for how much. A basic hack and slash through the piles of paperwork showed that they have basic bills, but everything was attached to dad's email. We didn't know the password to his computer, but his iphone pass was easy to brute force and that lets us get access to email.
Which is a lifesaver because every company has a different system for handling payments and who gets to pay them. if it wasn't for the fact that dad never bothered to sign up for paperless billing, I wouldn't of had a clue who needed what.
So yes, those passwords that we spend so much time safeguarding, the ones for really important shit? Write those down somewhere safe and let someone close to you know about the location. Don't make a password screen something your loved ones learn to loathe.
posted by WeX Majors at 11:17 PM on March 23, 2015 [5 favorites]

The problem is for a good portion of security conscious people they don't see a legacy drawer they see a single point of failure.
posted by fullerine at 12:08 AM on March 24, 2015 [35 favorites]

Dear me, this really reminds me that I need to setup some kind of legacy drawer. My family & SO just won't have a chance at handling my somewhat sprawling digital life should I kick the bucket prematurely. Also I really hope that there can be some kind of development on how the larger digital providers handle death, perhaps an opt-in on what can be done with ones data should suitable documentation be provided?
posted by Ravneson at 12:31 AM on March 24, 2015

That was sad, and I hope she gets to access the family photos.

My loved ones will be fine though. I knew it was a good idea to have one ridiculously simple password for everything.
posted by billiebee at 1:21 AM on March 24, 2015 [1 favorite]

I guess it's time to get a digital dead man's switch.
posted by zinon at 1:48 AM on March 24, 2015 [2 favorites]

A dead man's switch may be something that your life insurance provider could offer as part of their package.
posted by fullerine at 1:58 AM on March 24, 2015

fullerine: "The problem is for a good portion of security conscious people they don't see a legacy drawer they see a single point of failure."

Today your physical security is vastly better than your digital security, unless you live in a war zone or if you are either Poitras, Applebaum, or Greenwald.

I would have no worries about storing a USB stick with my KeePass database, a no-install copy of KeePass and a letter with the master password and instructions in a bank box. Yes, this costs money. Security isn't free.

FTA:

“I’ve been involved in social engineering. When I saw how willing companies with little or no planning for death were to bend the rules, I thought, ‘Wow, this is a powerful technique,’” Kalat said.

Your bank has procedures for this event. You're not getting access to a bank box without a death certificate and proving your identity.
posted by brokkr at 2:57 AM on March 24, 2015 [6 favorites]

Michael’s Google account hasn’t been much better. Although Google does have a death policy, the company hasn’t responded in the more than two months since Michael died and the family submitted an application to access his data.

Google couldn't give less of a fuck about their customers. Was anyone surprised to read this?
posted by oceanjesse at 3:23 AM on March 24, 2015 [4 favorites]

Oceanjesse, it would be harsh of me to point out that the poor man isn't the customer, he is the product being sold -- and now he is expired product, and of even less interest to Google.
--
A friend helped two or three family members in a row as executor, and he pleaded with me to prepare a under with some simple information. I think adding a sealed envelope with some passwords is a very sensible first step toward this.
posted by wenestvedt at 3:28 AM on March 24, 2015 [4 favorites]

I have a Dead Man's Switch - free version - 2 emails, 2 recipients - they thought it was creepy when I told them about it, but if anything unexpected happens to me I know they are going to really appreciate it. It has everything, digital and IRL. I hope it never gets compromised.
posted by unliteral at 3:51 AM on March 24, 2015 [6 favorites]

"The problem is for a good portion of security conscious people they don't see a legacy drawer they see a single point of failure."

Maybe split the info between more than one box between different locations? This way if one box is destroyed or lost or compromised then not everything is gone.
posted by I-baLL at 4:00 AM on March 24, 2015

I've got the master password to my password vault file stored in a secure location. I set it up when my partner moved in and I thought "what if I end up unexpectedly in the hospital or get hit by a bus?" So I set up an envelope with that password so she can get to my online banking and other important information in a single place.
posted by rmd1023 at 4:30 AM on March 24, 2015 [1 favorite]

Microsoft’s Outlook has another simple and straightforward process where, upon receiving proof of death, Microsoft will send a DVD with a user’s data to the next-of-kin. The account itself is shut down, and no one is able to login to it ever again.

This sounds like a bad way to deal with a death, since that removes any chance for the next-of-kin to use password resets to get access to other sites the deceased person used.
posted by ymgve at 4:41 AM on March 24, 2015 [7 favorites]

This has been on my backburner for a long time now, so appreciate the reminder to finally get this done. I've been doing some research about non-electronic security (one time pads, oh yeah!), so that might come in handy, too.

Basically, I want to hit that sweetspot between Realistic Vulnerability and creating some kind of "there's always money in the banana stand" misunderstanding.
posted by Aya Hirano on the Astral Plane at 4:48 AM on March 24, 2015 [2 favorites]

Google couldn't give less of a fuck about their customers. Was anyone surprised to read this?

They might if you could sell text ads alongside the coffin.
posted by DigDoug at 4:50 AM on March 24, 2015 [5 favorites]

This is a bit of a solved problem, there's just little motivation to set it up since most people don't have personal hosting businesses and massive private labs. You're mostly talking about email and other user accounts that a simple password list in a secure spot would solve.

>"The problem is for a good portion of security conscious people they don't see a legacy drawer they see a single point of failure."

People concentrate on the confidentiality in AIC but forget about the availability. As per the article, the one user with all the information is the real single point of failure. to prevent that in the real world every company I've audited or worked with has a type of master password file somewhere, at least a sealed hard copy held by CEO/CFO outside of the tech chain. That's considered secure for business and government, it should be fine for personal data like your home WI-FI or twitter account password.

>Maybe split the info between more than one box between different locations

Now you have two separate points of failure and lack full redundancy between them. So any issues with either site guarantee loss of 50% of your data. Better to have the full data set backed-up to two locations so that you always can restore the full 100%.


>that removes any chance for the next-of-kin to use password resets to get access to other sites the deceased person used.

Sounds like a feature, not a bug. For account security, as well as licensing.
posted by anti social order at 5:35 AM on March 24, 2015 [2 favorites]

My wife and I established a joint email for bills and whatnot. Forwarding makes sure we both get copies in our personal emails.

I then used a very long password, and wrote it down. Since we rarely log into that account, it should be more secure than my name@service account is.

The other thing is a backdoor admin account on my machine. Same deal - long password written down. But, she canchange the password on my account and get access to my stuff.

Not as secure as a Ouija board, but probably more reliable.
posted by Pogo_Fuzzybutt at 6:52 AM on March 24, 2015

I know this is very, very good advice:

“Switch roles for one month every year,” Kalat says. “If one person does the bills, handles the gas, does all the tech stuff, make sure the other person can do it too. Make sure they are equipped to survive without you.”

But just the thought of doing this fills me with nausea and dread. I don't know what should be packed for snack. And you're not saving that bill payment confirmation to Chronicle, and they only show it on that one screen don't close that tab no noooo ...

On the plus side, we'd do okay with most of the big things. And we do have a sheet of paper with the important passwords written down on it, taped to the desk. But there are a few specialized niche jobs - bill payment, backups, music and video streaming from the NAS - ugh.
posted by RedOrGreen at 8:26 AM on March 24, 2015 [2 favorites]

I would have no worries about storing a USB stick with my KeePass database, a no-install copy of KeePass and a letter with the master password and instructions in a bank box. Yes, this costs money. Security isn't free.

Unfortunately, flash memory is not a great way to archive data offline due to gradual charge leakage. A better approach is optical media (DVD+R is best for technical reasons)

Also, I would dispense with the KeePass stuff altogether; if this is something that you want to be accessible to non-technical successors, put it in a plaintext file.
posted by indubitable at 8:54 AM on March 24, 2015 [2 favorites]

We have a water and fire resistant safe that contains a book with all of our account details in it. One page per account, so that you can write in changes as time goes on. We settled on this approach because:
1. It's offline and not digital. It won't be hacked and there's no risk of the host going out of business.
2. Both of us have easy access to it to update the information.
3. In the event that we both die, the safe is going to be among our effects and given to the next of kin.
posted by domo at 8:54 AM on March 24, 2015 [3 favorites]

Something relevant to this conversation for those with particular security concerns, such as viewing a legacy drawer as a single point of failure re robbery, etc., is Shamir's Secret Sharing Scheme (well-known in the popular open-source implementation ssss). You can encrypt something with the terms "make N pieces of the password, of which any M together can be used to decrypt it" (and you pick N and M).

So you could, say, make 5 password fragments, require at least 3 put together to decrypt the thing, and distribute those passwords as you see fit (say: one each to lawyer, best friend A, best friend B, sibling, parent). The thing you encrypt could be, itself, a password to a digital store of some sort (say, your SpiderOak store / LastPass account / GPG key). Combinations of the traditional password and an ssss scheme can give you essentially anything you want in terms of actor trust level.

Combinations of deposit boxes, lawyers, and encrypted archival media (M-disc, etc.) should let your survivors do what they need with a reasonable minimum of trouble.
posted by introp at 2:43 PM on March 24, 2015 [2 favorites]

indubitable: "Unfortunately, flash memory is not a great way to archive data offline due to gradual charge leakage. A better approach is optical media (DVD+R is best for technical reasons)

Also, I would dispense with the KeePass stuff altogether; if this is something that you want to be accessible to non-technical successors, put it in a plaintext file."

The KeePass dump was mostly for convenience, since that's where I keep my passwords anyway. But yeah, after writing my post I realized that (in usual techie fashion) I was overthinking it. Just print it all on a sheet of paper and put it in the box.

And don't save the file on your laptop after printing ;)

(Actually, it should be fairly trivial to write a KeePass plugin that dumps your entries to plaintext ready for printing.)
posted by brokkr at 4:01 AM on March 25, 2015

jeffburdges: “Eighth Grader Charged With Felony for Changing Teacher's Desktop”

The network administrator password was a teacher's name? “Step away from that network server! I'm certified!”
posted by ob1quixote at 1:50 PM on April 10, 2015 [1 favorite]