After a friend passed last week, I was forced to reflect on the matter of how our personal and confidential digital data would be passed on and entrusted to others in case something unexpected happened to my wife and I.
Original approach
I maintain a 256-bit AES encrypted disk image that contains a copy of my 1Password keychain and a text file whose contents include my 1Password password along with an extensive description of the locations and access credentials of the various places in which we store both physical and digital confidential data.
Only my wife and I know the password to that encrypted disk image, and the idea was that if anything should happened to me, she would be able to access that disk and its contents.
What I hadn’t considered until now is the case in which something happens to both me and my wife. How could I get that disk image to trusted relatives or friends, along with the password required to open it?
Today’s approach — Dead Man’s Switch
Dead Man’s Switch is a simple, free service that sends you an email from time to time—i.e. a “heartbeat” email—with a link to click to indicate to the service that you’re still alive. If you don’t click the link after a period of time, it will send an email that you’ve pre-written to a group of recipients that you’ve specified.
Since the service doesn’t allow file attachments, I created a ZIP archive containing the confidential information in the above-mentioned disk image, and PGP encrypted it with the keys of some trusted friends and family members, and put the resulting PGP-encrypted file in Dropbox.
The email message that I then configured in Dead Man’s Switch explains that if the recipient received the message, it means something unfortunate may have happened to my wife and I, and includes the URL to download the PGP encrypted data, and asks them to use the data responsibly.
Simple, but hopefully effective.
PS: Although Dead Man’s Switch is free, I chose the one-time, lifetime payment of $20, which allows me to specify the three trigger times manually:
- I set the heartbeat email period to 15 days.
- I set the last-chance heartbeat email to 23 days.
- I set the notification email to be sent to our friends at 30 days.
In this way, our friends would be notified and provided with our digital assets in a maximum of 30 days after the last heartbeat confirmation.
Update 2016-03-21
Note that the above approach is an update to a previously-described setup involving two online services—SecureSafe and DeathSwitch. Unfortunately, DeathSwitch went out of business and using a PGP encrypted file stored in Dropbox makes SecureSafe no longer necessary.
That’s pretty thorough, Matt. I’m impressed that your beneficiaries understand and can manage their own PGP keys. I’d be inclined to just implement the SecureSafe PDF with delay + Deathswitch, but if SecureSafe can generate secondary access methods via PDF, there is a potential vulnerability there, which is why I understand your extra encryption step.
If I didn’t encrypt the SecureSafe PDF then, yes, there would be a potential vulnerability there. That risk would be to some extent mitigated, however, by the delay introduced by SecureSafe when someone tries to access an account via such an activation key. When that happens, the owner of the account is notified, and has a configurable period of time to intervene—denying the requested access, and optionally revoking that beneficiary.
This is a good approach. But every web service disappears, eventually. And in the event of your death, your heirs might face the prospect of obtaining legal empowerment to access your digial assets. Knowing the decedant’s passwords is not the same as having the estate’s permission to access the assets protected by that password. Isn’t it better to keep that secure disk image in a physical place — a safe deposit box in a bank. And the “deathswitch” is instructions left with your attorney and executor? Because data rots and software becomes outdated, I would also accompany the secure disk image with hardcopy. And I would make sure my beneficiary instructions are up to date so that the person who receives the password is authorized by you to use it.
Empowering decedent’s with legal power to control digital assets is a different matter than that addressed in this article, and as you point out is part of legal estate planning. This article simply proposes an approach that informs them of the assets, and provides access, in a way that’s efficient to maintain up-to-date. The risk that the web service disappears between the time I would pass away, and when they would need access to the data is, I would presume, minimal. (If the web service disappears while I’m still around, I can, of course, migrate to something else.)
Gr8 article. I come across few good online services that provide this offering such as Afterstep, estatemap, and everplans. What is your opinion/recommendation on these services in comparison to SecureSafe. The above mentioned services offer everything that securesafe + Deathswitch offer.
Hello Bhuvan, thanks for the comments. I hadn’t heard of those other services, but just quickly scanning over them, it looks like they don’t offer the equivalent of what Deathswitch offers — i.e. they seem to provide access to digital access, once at least two of your “verifiers” have confirmed your death. Deathswitch, on the other hand, determines that themselves (by way of your not responding to their periodic pings).