Taking Passwords to the Grave

Death isn’t something you like to think about. Its something I think about every now and then, and oddly, its about how my loved ones will be able to get my passwords to all of my online accounts and data if something should happen to me.

I have accounts for banking, a brokerage, my retirement management funds, mortgage billpay, and more. Less important are passwords for utilities companies, like my cellphone and the gas company. I even have passwords for travel booking companies, my credit monitoring companies, frequent flyer mileage sites, jobsearch sites, online datastore backup sites, and passwords for numerous security information sites.

And of course, I have passwords to multiple webbased email services, blogs and more. Altogether, I think I have amassed almost 75 passwords to various information stores on the internet. And all of the passwords are different. How do I go about getting these passwords to those that need them posthumously?

From CNET here:

Family members are increasingly unable to access important data because their loved ones have not left passwords behind.

William Talcott, a prominent San Francisco poet with dual Irish citizenship, had fans all over the world. But when he died in June of bone marrow cancer, his daughter couldn’t notify most of his contacts because his e-mail account–and the online address book he used–was locked up.

Talcott, 69, a friend of beatnik Neil Cassidy, apparently took his password to the grave.

It’s a vexing, and increasingly common problem for families mourning the loss of loved ones. As more and more people move their lives, address books, calendars, financial information, online, they are taking a risk that some information formerly filed away in folders and desks might never recovered. That is, unless they share their passwords, which poses security threats.

Attorneys advising clients on estate planning should ask them to determine who they want to have access to their computers when they die, Rotenberg said.

That’s exactly what San Francisco-based estate planning attorney Michael Blacksburg does. “I advise clients to put all their passwords to things online in an estate planning document,” he said.

Last year, Yahoo was forced to provide access to the e-mail of a U.S. Marine killed in Iraq to his father, who got a court order in the matter.

Google will provide access to a deceased Gmail user’s account if the person seeking it provides a copy of the death certificate and a copy of a document giving the person power of attorney over the e-mail account, said a Google spokeswoman.

Using the same password to every account is tantamount to online hari-kari. If one stupid site gets owned, such as a travel booking site, hackers could use that password to compromise other accounts if they are able to correctly guess what other online sites you may be using. That’s why all of my accounts are different.

I use PassSafe to manage all of my passwords. In fact, I would not be able to access most of my online accounts without this utility, since there is no way I could memorize 75 distinct passwords. And PassSafe stores the passwords in an encrypted format on the drive. Without the master password, no one can crack the encryption, so even if you lose a laptop that contained all of your passwords, you are relatively safe.

For estate planning purposes, you need only give the lawyer two passwords- the one to access the computer system and the one to the PassSafe utility. If you want the PassSafe utility, download it here.