Providing access to your passwords to your next of kin if something happens to you
tl;dr whatever system you set up, do regular trial runs with the relevant people. Bitwarden’s Emergency Access feature is good.
I want the recovery procedure to look like this:
- Next of kin requests access to passwords.
- An email notification is sent to me, asking me to approve or deny the request.
- If I don’t respond because something bad has happened to me, next of kin is granted access.
The system must be foolproof.
My password manager is 1Password.1 1Password’s only recovery solution is the Emergency Kit. You write all of the information requried to access your account on a piece of paper and store it somewhere secure. It is not a bad solution and is certainly better than nothing. However, it would not be very good if this piece of paper fell into the wrong hands. Your passwords and even your master password(!) could be changed before you even became aware of the breach.2
And so I also have a Bitwarden Premium membership in order to make use of Bitwarden’s Emergency Access feature. All my Bitwarden vault contains is the info required to access my 1Password account.3 The Bitwarden account obviously has to be secured to the same level as the 1Password account.4
See also:
- “An untested backup is not a backup.”
- Dead man’s switch. A switch that is designed to be activated if the human operator becomes incapacitated.
-
And will continue to do so for the foreseeable future. While I’d feel better using something open-source—Bitwarden being the obvious choice—the inertia is real, and 1Password has served me very well as far as functionality is concerned. ↩︎
-
1Password users have for some time been requesting a feature similar to Bitwarden’s but there is no indication that one is forthcoming. ↩︎
-
i.e. What would otherwise be written on the Emergency Kit. ↩︎
-
i.e. Good 2FA. ↩︎