I am recently dealing with the death of my father as his executor and having real trouble accessing all of his gadgets: laptops, iphones, pads etc... where he kept a lot of his photography and records of affairs. He has not recorded anywhere his passwords or pin numbers and from what I am finding even if the password is known to the hosting organisation, they are unwilling by policy to provide to an executor with probate over the deceased. Sometimes the PIN is local to the device with no way to unlock but to wipe the device, which defeats the purpose.
My father is probably an unusual death as he was old enough to leave a very clear will, but also young at heart and a real technophile. Cases like his are only going to increase in the future as tech reliant individuals start passing with wills in place.
It makes me start to think of my own will and how I can assure that my digital assets are available to my inheritors. I wonder whether I could explicitly state that I release organisations to give passwords to my executors and release them from any resulting prosecution or action. Would this be enough for them to release or do we need to campaign for policy change?
Should we ensure we build deceased person protocols into devices that have locally stored PINs? Some form of extended identification data like national insurance numbers, dates of birth, etc of the original owner could be used to verify a reset?
Or must we rely on writing down the dozens of passwords we use on pieces of paper to place in a safe and hope we haven't been asked to change our password between writing it down and passing?
I doubt there is much I can do for my Dads affairs right now except rely on grey market cracking services. But I do want to make sure my own affairs are easier to deal with. I really would like to know if this is something hubski has thought about or has some views on?
There's already a service out there for such a provision - Dead Man's Switch. You can sign up for it, for free - and it will check periodically (through emails with a link that needs to be clicked) if you're still alive. If it's not, it sends emails (that you've written) to addresses (that you select) - and thus you can add all of that vital info in there and have it be sent if you're apparently dead. But yes - it's a very interesting question, and for me the answer is simple: communication.
I remember reading about our national/provincial archives discussing archival of personal data. The provincial archives already accept (historically interesting) documents from deceased individual people, so they were thinking of extending that to electronic documents too. Don't know what the actual current status of that project is. Digging a little bit in the archives website, they seem to accept material on mutually agreeable basis, subject to resource limitations, and expect the donator to do appropriate footwork to help to make the archives usable - so it'd require extra work from the inheritors and it's not exactly "came to drop here the old man's hard drive, kthxbye". And there's several more specialised archives, especially what comes to art and photography and other special interests. So I guess putting PINs and master passwords in the wills is just the first step. The second step would be to encourage your inheritors to work with the professional archivists. Or, heck, become professional archivists. Setting up and curating private collections can be fun.
The best solution to this is to include your master password for your password manager (you are using a password manager, right?) in your will. Registering this information with your lawyer is a pretty safe place to put it, and you can ensure it won't be shared until you are incapacitated or no longer living. The alternative is to have your digital identity and property die with you. Some might legitimately choose this option instead.
Both are options. I use a password manager, and it would be simple to have two password archives. One is everything I want to grant access to and one things I'd rather see die with me. So if I want to give access to my email and online banking, I put that in one, but put things like Twitter in the other. I probably should arrange this. I haven't given anyone the password to my passwords but probably should. I'd trust my brother, and between trust and lack of physical access, I'd be comfortable with the security.