I need to start making plans for when I am gone, much sooner than I thought, and I realized our finances are pretty opaque to my spouse. Our bank account is shared, but there are other sites that only I have access to.
The easiest solution would be to physically write down logins and what needs done, put it in an envelope, and tell my family where that envelope is. I’m not thrilled about that, because I would have to shred and rewrite it every time I update a password or a URL changes, and it’d be vulnerable to nosy guests.
Putting it in a shared Google Doc would be easiest for everyone. But then Google has that data. Even supposing I trust a cloud SaaS provider not to misuse the data (which is a big ‘if’) I do not trust them to never have a data breach.
Self-hosting seems like the next step, except I expect my home server to be the first thing to collapse once I’m gone. Filing login info with an estate attorney would still require frequent updates. Putting a document on a flash drive risks data loss, but is what I’m leaning towards.
Is there a solution I’m missing?
Self hosted stuff will collapse without you. Bitwarden has a family plan with survivorship rules. You can also share passwords easily. Also, Google and Microsoft accounts also have survivorship rules you can set up.
I use Vaultwarden with two user accounts but with an “organization” that contains passwords that we both might need access to at some point. They then get updated at the same time the password is updated since it’s where I store all passwords.
You kinda only need the email credentials. Shouldn’t the rest be resettable from that point?
Is there anything that needs MFA that they won’t have?
Use something like Bitwarden, and record your master password and/or backup codes in an envelope.
every time I update a password
Use a password manager. KeePassXC stores stuff in a file, so it’s easier to synchronize. You can selfhost BitWarden too.
Syncthing is great to synchronize stuff across devices.
Cryptomator creates encrypted volumes (looks like a folder with gibberish inside) for you, which you can sync with whatever commercial cloud.
Putting a document on a flash drive
Data loss might come from bitrot, yes. Regardless, you should always have multiple backups.
"In this envelope is the password for my keepass password vault. The entry for “In case of emergency” contains everything you should need to know in the event of my incapacitation or worse.
There are two USB keys with this vault on them, they are synchronized for redundancy. When I pass, get the password out of this envelope, plug in a USB key, open keypass and enter the password. "
You: Use the primary key as your password storage, keep the backup key plugged into a raspberry pi, run syncthing on both devices.
Have a spare test key set up, do a dry run with the family members you entrust to have this data.
I would use Keepass. You would have a single file, opened with a single password, that you could share with them however you want.
Wishing you the best
I’ll just write down instructions etc on a libreoffice document and put it on the desktop or somewhere easily accessible
