• Yodel0914 1 minute ago
    We use Vaultwarden and Bitwarden to share passwords with the family. My wife has my master password and I have hers.

    The bigger issue if I drop dead is all the nontrivial tech crap I have set up (self hosted Vaultwarden included…).

  • bitexploder 2 hours ago
    Low tech: I put my secret manager password in a physical journal that is locked in a fire proof, water proof vault and hidden somewhere only my partner and myself know where it is. I use a password manager. Everything else goes in the password manager.
    [-]
    • repiret 1 hour ago
      This is what I do too, but be warned about “fire proof” - a fire that results in the total loss of your house will create enough heat for enough time that fireproof gun safes and smaller fireproof lockboxes will be destroyed, or even if not, their contents will get hot enough to combust anyway.

      A bank safe deposit box offers a different security profile that’s probably more robust against fire because banks burn less often than houses.

      It’s probably not practical to really be robust against fire without being buried several feet deep.

      [-]
      • Eduard 36 minutes ago
        https://en.wikipedia.org/wiki/2025_Gelsenkirchen_heist

        In December 2025, items worth an estimated €30 million were stolen from a Sparkasse bank in the Gelsenkirchen suburb of Buer, Germany. The thieves used a large drill to break into the bank's underground vault and proceeded to crack over 3,000 safe deposit boxes.

        [-]
        • nerdsniper 18 minutes ago
          Don’t need events that extreme. Regular branch banks have stuff go missing from the safety deposit boxes shockingly regularly. The locks aren’t particularly secure and various people are able to access them. It can be hard to find articles about them because they don’t make the news like the more remarkable incidents do. Examples of boring security box failures (but that were noteworthy in other ways so they did make the news): Jennifer Morsch, Roberta Glassman, Lianna Sarabekyan (multiple customers affected), Philip Poniz, Wells Fargo in Cape Coral FL, Wells Fargo Katy TX (many customers affected, blamed on road construction down the street), lots of individual stories where banks just totally stopped following their own procedures on ID checking and logging.

          The vast majority of these don’t make the news because there’s no proof there was even anything inside the box in the first place so anyone could be lying.

          > Mr. Pluard, who tracks legal filings and news reports, estimates that around 33,000 boxes a year are harmed by accidents, natural disasters and thefts.

          > Oddly, the bank returned to him five watches that weren’t his. “They were the wrong color, the wrong size — totally different than what I had,” Mr. Poniz said. “I had no idea where they came from.”

          https://archive.is/j8e6x

      • ses1984 54 minutes ago
        Another solution is to engrave your secret on something that’s stable up to household fire temperatures.
        [-]
        • 0cf8612b2e1e 38 minutes ago
          A real innovation from the Bitcoin world! There are several physical password store systems that they have suggested for this kind of use case. The simplest is basically using a nail to punch out a password onto a piece of sheet metal.
          [-]
          • echoangle 32 minutes ago
            Just make sure that the metal you use has a high enough melting point.
      • eljojo 54 minutes ago
        do you store stuff in a bank? could you tell me more about it? my account gives me access to one for free and been meaning to put a yubikey there for a while but never have
        [-]
        • nightshift1 28 minutes ago
          Safe deposit boxes are not safe. There are many stories of peoples stuff going missing.

          ex: https://www.cbc.ca/news/safety-deposit-box-protection-1.7338...

          https://archive.is/www.nytimes.com/2019/07/19/business/safe-...

        • cyberax 34 minutes ago
          I do. I have a small safe deposit box in my local branch for about $1 a year.

          It's great if you want to store some documents. But don't expect _real_ security. It's guarded by a minimum-wage employee, and the keys are usually laughably insecure. Banks know this, so they cap their liability for the loss of the deposit box at around $1000.

          So don't even think about storing gold bars there, like they do in movies.

          There _are_ companies that provide safe storage for high-value items, but they are pretty exotic.

          [-]
          • eljojo 14 minutes ago
            that's... a really good perspective to have, thanks for sharing!
      • willmadden 23 minutes ago
        Floor safes do better than above-ground safes.
    • maurycyz 2 hours ago
      This. A physical safe provides something that you can't do digitally: It's hard, but not impossible to get in without credentials.

      On the internet, it's either: Public for anyone in the whole world, or impossible to recover if anything goes wrong.

      [-]
      • kylehotchkiss 1 hour ago
        I've broken into Physical Safes using nothing more than a drill with a half inch bit (I was young and didn't want to drag myself to harbor freight to sacrifice a more suitable tool). Enough boreholes and I had access.

        In hindsight, looking harder for the key would probably have been fruitful.

        [-]
        • 0cf8612b2e1e 1 hour ago
          Nothing says you cannot trivially encode the paper password. Those in the know understand that you need to append “BoomShakalaka”, replace “A” with “Q”, or some other super simple modification to what is recorded.

          Maybe the NSA would be willing to brute force the infinite variations from that starting seed, but it is still effectively locked for mortals.

          [-]
          • mathstuf 44 minutes ago
            I've thought about making a "word search" and embedding the passphrase in it using a pattern (e.g., a subset of a Knight's tour, a space-filling curve overlay, or some other sampling algorithm).
            [-]
    • munk-a 2 hours ago
      Alternative - my partner and I (and also two other close contacts) have password managers that contain each of the other one's secret. This was less an effort to help with the memory loss scenario and more of an effort to deal with death and access to services (especially to cease subscriptions and the like).

      In a lower trust scenario you could probably use a lawyer as a broker of the secret (potentially even as part of a will).

      [-]
      • rcxdude 2 hours ago
        Password managers like bitwarden also have emergency access features which can do this, with the caveat of trusting them to enforce the requirement of access only being granted after a notification to the account holder is not denied in some time period (but unlike the lawyer you're not trusting them with the secret directly)
        [-]
        • spockz 51 minutes ago
          Apple has this thing called Legacy Contact which allows the same but then built in to the whole Apple account. This includes devices as well as the iCloud ~~and attached keychains. Granted, it is another hoop to jump through compared to presharing keys with each other.~~

          It would be nice if your Apple account could be unlocked with some other keys as well apart from the primary one, but I guess that is what Apple calls the “Legacy Contact Key”.

          Edit: okay so the keychain is excluded from this. So back to storing each others passwords in eachothers keychain…

        • eljojo 42 minutes ago
          I didn't know about bit warden doing this until today! I definitely have to look closer into it, been using 1password for more than a decade and I keep being disappointed. I'd definitely like off-sourcing this to someone instead of building it myself
      • eljojo 43 minutes ago
        this is honestly a very pragmatic solution. the amount of life-long relationships i've seen vanish overnight has got me to reconsider my choices when it comes to single points of failure.

        I like the idea of the lawyer, unlike normal people, they like sticking to their promises.

    • eljojo 55 minutes ago
      sometimes simpler is the best. I am always on the move so vaults don't jive well with me. my concern would be for something to still happen to it, too. I'm trying to go by the principle of not putting all my eggs on one basket.
    • rcxdude 2 hours ago
      In general whatever kind of backup plan you have for when you die could also work in this scenario, you may just need to think harder about anything that you do not want have revealed when you die.
  • econ 1 hour ago
    I like it. Perhaps you can use a weird idea of mine.

    You can discard/modify part of a password before sending it to your backend. Then, when you log in the server has to brute force the missing part.

    One could extend this with security questions like how many children pets and cars you own. What color was your car in 2024. Use that data to aid brute forcing.

    The goal would be to be able to decrypt with fewer than 5 shards but make it as computation heavy as you like. If no one remembers the pink car it will take x hours longer.

    [-]
  • nippoo 2 hours ago
    This kind of thing, widely implemented, would be a game-changer for dealing with assets after someone's death! I maintain my family's IT infrastructure (Google Enterprise admin, webserver etc) and I've been tempted to write down 1/4 of my password manager root password and give it to each of my family members - but then we run into the problem where if any one of them loses their shard, it's unrecoverable. Some kind of ECC would be great - ideally where I could print it out onto various bits of paper with a user-definable redundancy, or better still, some kind of reciprocal system where (say) 8/10 members of a trusted friend group/family ring could unlock any other member's password...
    [-]
    • rcxdude 2 hours ago
      Shamir secret sharing is the cryptographic thing that you want. You can can configure any M of N to be needed to recover the underlying secret.

      (If you have a trusted third party, you can also enforce a cooling off period: e.g. that any attempt to access results in a notification to the account holder that if not denied within some time period, access is granted)

    • tmpfs 54 minutes ago
      We care about this porblem and are actively working on it, like the OP we also settled on shamirs secret sharing with a time lock mechanism.

      However, there is still the issue of the service provider going offline or out of business which we don't have a solution for yet.

      We have started with a good password manager and will be adding digital inheritance/social recovery soon! [0]

      Take a look, thoughts and feedback welcome.

      [0]: https://saveoursecrets.com

      [-]
      • eljojo 39 minutes ago
        services going offline is a big concern for me! that's why my solution is offline first, I like the idea of the encrypted backup living in my friend's email inbox and working entirely without internet. a true hard copy.

        for the time lock mechanism, how do you go about it? I'm interested in exploring using drand time lock, but that also relies on the service continuing to run (which is admittedly very likely) https://github.com/drand/tlock

    • nandomrumber 1 hour ago
      You can give your password, or part of it, to your estate lawyer to attach to your will.

      This is obviously more cumbersome, and probably costly, if you intend on changing your password. I guess you could change the part of it you don’t store with them.

    • eljojo 1 hour ago
      yes! I am starting to do some planning on that myself, that's why I'm in that kind of mindset. If you know more people in this space, please share this with them! would love to get feedback
  • gingerlime 1 hour ago
    Other than passwords though, I also have stuff installed at home on a Synology NAS, a mail server, a VPS running some websites (my own, family, my wife's), Home Assistant, Family photos with backups etc etc.

    I wonder who would not only have the passwords, but the know-how to manage the whole thing, at least to transition it to more managed services...

    [-]
    • reddalo 44 minutes ago
      Me too. I'm starting to self-host more and more services for both me and my family, and I wonder what would happen should I meet a bus in a front-facing way.
    • thephyber 59 minutes ago
      Don’t assume that anyone can.

      If you want someone to be able to access it after you’re gone, either put 1000 BTC in it or leave instructions. Paper instructions in a physical fireproof safe is way easier to deal with than any digital encryption with no hints.

    • eljojo 57 minutes ago
      you're completely right! the app actually guides you on some of that, it generates a readme that gives you advise on what to document, but I agree you can't be too careful here, the passwords IS NOT ENOUGH.

      You need to give people "a map" of where things are: https://github.com/eljojo/rememory/blob/main/internal/projec...

  • 2color 35 minutes ago
    I like that more people are thinking solving some of the problems of digital inheritance we face. These are problems that are so important now that so much of our lives are digital and tapping into ones actual social circle seems the best way to do this.

    Also, kudos for packaging it as a static web app. That's the one platform I'm willing to bet will still function in 10 years.

  • cbabraham 2 hours ago
    aw, friend of mine built this way back in the day

    https://michael-solomon.net/keybearer

    https://github.com/msolomon/keybearer

    [-]
    • eljojo 59 minutes ago
      no way!!!! I searched for a long time for a solution like this, many could encrypt using shamir but none took an actual file with browser upload and easy UX. and like, 14 years ago? my hats down to you my friend.

      my zip bundles are 1-2 megabytes due to all the wasm, and you achieved this on so little. impressive job!

      I'd love to hear what you think about mine, one of the differences is that it creates a ZIP file containing the recovery app in it, as well as a PDF with instructions for non-technical friends. Overall trying to make the recovery experience as smooth as possible.

      but cheers, your version is the only one that I found that does basically what mine does, all the others fall short one way or another!

      [-]
      • thephyber 56 minutes ago
        I wonder how many thousands or millions of useful projects are so well hidden that they are effectively nonexistent.
        [-]
        • eljojo 38 minutes ago
          you know, I've always thought that "If I know I have something... somewhere, but I don't know where that thing is is, I have effectively lost it"
          [-]
          • mohn 27 minutes ago
            I agree with the sentiment, and the specific wording of your comment made me want to link to the classic bash.org quote[0] which has consistently been in the top 5 for a long time, but I just learned that we lost bash.org... :(

            [0] https://web.archive.org/web/20230610235249/http://bash.org/?...

            [-]
            • eljojo 20 minutes ago
              ayyyyyyyyyyyy lmao 100%

              also RIP bash.org found out thru you :(

  • rawgabbit 2 hours ago
    For my personal passwords, I use Apple's password manager. It lets me share passwords with my family. I also created a folder on Apple's iCloud that I share.

    https://support.apple.com/guide/iphone/share-passwords-iphe6...

    https://support.apple.com/guide/icloud/share-files-and-folde...

    [-]
    • eljojo 11 minutes ago
      I've been so tempted to try out the apple password manager, I'm fully vested in their ecosystem, but the lock in is too big for me to feel comfortable with.

      This is the sort of stuff that terrifies me https://hey.paris/posts/appleid/

    • politelemon 59 minutes ago
      Despite the convenience factor, it isn't great to use a manager tied into your own ecosystem. It should exist outside, with the minor factor of lesser convenience.
  • ddtaylor 2 hours ago
    I suffered a traumatic brain injury (TBI) related to an e-bike accident two years ago. I woke up in the ICU after a short coma-like thing and the nurses/doctors asking me questions and it was clear I was answering for the 10th time or more, like we had all done this before, but I couldn't remember anything.

    Thankfully my very long password I use for an encrypted Borgbackup I have was somewhere deep or untouched, but, otherwise I would have been fucked. Also, the backup codes Google told me they would always accept failed and it wasn't until I found a random unused Android device in a drawer that had been unused for a year was I able to get access back to my Google account of ~25 years.

    [-]
    • ericbarrett 2 hours ago
      I also had old Google backup codes fail a few years ago. Anybody who hasn't regenerated them in a year or two, I recommend you do so.
      [-]
      • lucenet 2 hours ago
        Well, this is disturbing news.
        [-]
        • bornfreddy 37 minutes ago
          I have (had?) a Google account tied to my email (which is on a domain I own). Not sure if I ever gave them my phone number, initially. Tried to login a few years back, correct password, but they insisted on me entering my phone. Finally I did - and they can't let me in because my "provider is not supported" and they can't send an SMS with the code, so I'm locked out. Tried every few months since then, no go. Fortunately I didn't lose much (except some family photos), but it is annoying as hell. I wouldn't trust Google with anything important. And yes, I tried with an brand new number on a new phone, unrelated provider. No dice. According to reddit I'm far from alone in this. So if you rely on a Google account for anything... Well, good luck!
        • Zambyte 1 hour ago
          Google services are best treated as a liability.
        • tencentshill 1 hour ago
          Make Google Takeouts a part of your backup routine.
    • eljojo 1 hour ago
      my stomach turned into a knot just reading your story. I know that feel of waking up surrounded by nurses not knowing what happened. I'm so glad you had proper backups!!!!!!!!!!

      this exact story is why i built my app, thank you so much for sharing.

      my hope is to basically make a next version of your plan that's distributed among friends.

  • mikkupikku 34 minutes ago
    I'm a firm believer in passwords on sticky notes.

    (At home of course, people get pissy if you do this at work!)

  • cedws 1 hour ago
    I also gave this problem some thought: https://github.com/cedws/amnesia
    [-]
    • eljojo 58 minutes ago
      oh hey, nice timing! good name too, I see we're both on the same wavelength there. I'll link you from my readme!
  • moltymolt 3 hours ago
    That's an interesting idea. It's a good solution to the problem of sharing all your passwords with your loved ones posthumously. Typically that'd involve keeping everything in a vault which will automatically be released to your person of choice if you failed to reset it. The annoying part is having to reset it indefinitely. I like your idea where you share it with multiple people in advance but they would have to collectively decide to unlock it.
    [-]
    • eljojo 1 hour ago
      exactly! my hope is to offload some trust to the collective of my friends
  • modeless 2 hours ago
    For this purpose Google offers "Inactive Account Manager" AKA a dead man's switch.
    [-]
    • couchdive 1 hour ago
      3 months of non-use is the lowest term available before it will enact. That's too long for most situations except maybe probate court
    • eljojo 1 hour ago
      I don't use Google :(
  • lucenet 2 hours ago
    Write down the password, print out recovery codes. Store them in separate buildings.

    Tell someone you trust about where you left these pieces of paper.

    [-]
    • notepad0x90 2 hours ago
      a safe-deposit box at a bank works ok too.
  • rkagerer 47 minutes ago
    Nice! Good to see some tooling in this space explicitly designed for simplicity and user-friendliness.

    One practical problem to consider is the risk of those distributed bundles all ending up on one or two major cloud provider's infra because your friends happened to store them someplace that got scooped up by OneDrive, GDrive, etc. Then instead of the assumed <threshold> friends being required for recovery, your posture is subtley degraded to some smaller number of hacked cloud providers.

    Someone using your tool can obviously mitigate by distributing on fixed media like USB keys (possibly multiple keys to each individual as consumer-grade units are notorious for becoming corrupted or failing after a time) along with custodial instructions. Some thought into longevity is helpful here - eg. rotating media out over the years as technology migrates (when USB drives become the new floppy disks) and testing new browsers still load up and correctly run your tool (WASM is still relatively new).

    Some protocol for confirming from time to time that your friends haven't lost their shares is also prudent. I always advise any disaster recovery plan that doesn't include semi-regular drills isn't a plan it's just hope. There's a reason militaries, first responders, disaster response agencies, etc. are always doing drills.

    I once designed something like this using sealed paper cards in identified sequence - think something like the nuclear codes you see in movies. Annually you call each custodian and get them to break open the next one and read out the code, which attests their share hasn't been lost or damaged. The routine also keeps them tuned in so they don't just stuff your stuff in an attic and forget about it, unable to find their piece when the time comes. In this context, it also happens to be a great way to dedicate some time once a year to catch up (eg. take the opportunity to really focus on your friend in an intentioned way, ask about what's going on in their life, etc).

    The rest of my comments are overkill but maybe fun to discuss from an academic perspective.

    Another edge case risk is of a flawed Shamir implementation. i.e. Some years from now, a bug or exploit is discovered affecting the library you're using to provide that algorithm. More sophisticated users who want to mitigate against that risk can further silo their sensitive info - eg. only include a master password and instructions in the Shamir-protected content. Put the data those gain access to somewhere else (obviously with redundancy) protected by different safeguards. Comes at the cost of added complexity (both for maintenance and recovery).

    Auditing to detect collusion is also something to think about in schemes like these (eg. somehow watermark the decrypted output to indicate which friends' shares were utilized for a particular recovery - but probably only useful if the watermarked stuff is likely to be conveyed outside the group of colluders). And timelocks to make wrench attacks less practical (likely requires some external process).

    Finally, who conducted your Security Audit? It looks to me as if someone internal (possibly with the help of AI?) basically put together a bunch of checks you can run on the source code using command line tools. There's definitely a ton of benefit to that (often the individuals closest to a system are best positioned to find weaknesses if given the time to do so) and it's nice that the commands are constructed in a way other developers are likely to understand if they want to perform their own review. But might be a little misleading to call it an "audit", a term typically taken to mean some outside professional agency is conducting an independent and thorough review and formally signing off on their findings.

    Also those audit steps look pretty Linux-centric (eg. Verify Share Permissions / 0600, symlink handling). Is it intended development only take place on that platform?

    Again, thanks for sharing and best of luck with your project!

  • croisillon 2 hours ago
    i thought 3M had already invented the best password safe ;)
    [-]
    • eljojo 10 minutes ago
      lol i'm so neurodivergent i had to read this 5 times to understand 3M didn't just get into the encryption business
    • ddtaylor 1 hour ago
      I think 3M also sells a $5 wrench.
  • JTbane 2 hours ago
    master password on paper hard copy
    [-]
    • eljojo 1 hour ago
      that's so scary though! what if someone has access to it? or it gets lost when you need it?
      [-]
      • seb1204 45 minutes ago
        I think this is when you need to evaluate your thread scenario. A) self-made crypto accessible through web or browser that any cracker can find through www and use machine clusters to run on or AI to work on etc. B) physical home invasion that are interested in one of your A4 papers with some random words that have only meaning to you and few trustees.
  • BoredPositron 2 hours ago
    Yubikey
  • registeredcorn 2 hours ago
    I explicitly make it so I cannot regain access to my computer in the event that my memory becomes faulty.

    I would be in an impaired state, and cannot function in way that would be conducive to either work or pleasure in terms of computer use.

    That is to say, the entire reason why I have password security at all is to keep out people who do not know the password. If someone does not know the password, they should not be able to access the system. That obviously and clearly applies to myself as much as any other person. "If you do not know it, then you do not need it."

    [-]
    • saltcured 1 hour ago
      I agree in broad strokes. If I am incapacitated, that is when things like durable power-of-attorney, medical advance directives, and living trusts come into play.

      The important thing is to ensuring your computer is not a single point of failure. Instead of losing a password, you could have theft, flood, fire, etc. Or for online accounts, you are one vendor move away from losing things. None of these should be precious and impossible to replace. I've been on the other side of this, and I think the better flow is to terminate or transfer accounts, and wipe and recycle personal devices.

      A better use of your time is to set up a disaster-recovery plan you can write down and share with people you trust. Distribute copies of important data to make a resilient archive. This could include confidential records, but shouldn't really need to include authentication "secrets".

      Don't expect others to "impersonate" you. Delegate them proper access via technical and/or legal methods, as appropriate. Get some basic legal advice and put your affairs in order. Write down instructions for your wishes and the "treasure map" to help your survivors or caregivers figure out how to use the properly delegated authority.

    • catlifeonmars 2 hours ago
      What if you forgot your password but retained all other memories?
      [-]
      • wavemode 56 minutes ago
        Well see, that's why I keep my "password" memory stored snugly next to "breathing" and other such. If I'm walking around conscious, then I must still know my password.
      • eljojo 1 hour ago
        asking the real questions here
    • esafak 2 hours ago
      No family, eh?
      [-]
      • seb1204 43 minutes ago
        Maybe but does not want to share the pics or tax return.