How Can I Share Information with Friends and Family After I Die?
Your secrets are safe with nobody if you haven't planned ahead to pass them along after you've left earth. It's smart to think about how to share vital information after your vital signs have stopped. The security experts at Stack Exchange are here to help.
I want to make sure that after I die, someone gets vital information from me (like the password to my bank account), but I don't want anyone to be able to get that information as long as I'm alive. Once I die, I only want a particular person to be able to get the information. How would I go about that?
Don't Trust a Purely Automated Solution - Answered by Adnan
A little more than a year ago, I was in a situation where I feared for my life. I gave this some thought and here's what I did: I made a video recording containing everything I wanted people to know after I die, then I stored the video in a TrueCrypt volume and gave two copies to my two most trusted friends, and the password to my father and my then-girlfriend. I told my dad and my then-girlfriend not to share the password with anybody, and told my trusted friends to share the file only with my dad and my then-girlfriend, and only after I die or after I'm reasonably believed to be dead (due to the nature of the danger, a sudden disappearance was a likely possibility).
The effectiveness of this arrangement comes from my trust in those people-a trust that has been built over many years. I've chosen this arrangement because I couldn't trust a purely automated solution. For example, I set up a Dead Man's Switch message that contained trivial to low-profile information, but at the time, there was a possibility that I'd disappear for weeks or months after which I could still be alive. In that period the Switch would have been activated.
Another solution is to hire a lawyer, draft your will, give him the password, and instruct him to share it only in the case of your death. This way, your password is safe by the power of the law (your lawyer can't breach the confidentiality, and even if he did, the files are with other people). Your lawyer has no access to the information, and your loved ones will get the password after your death.
Google's Inactive Account Manager - Answered by davidwebster48
Google has set up a service called "Inactive Account Manager" which lets you specify certain trusted people who will get access to your account if it is inactive for a certain amount of time (for example, if you're dead). The inactivity period can be set anywhere from 3-18 months.
Safe Deposit - Answered by petiepooo
I'd suggest using a safe deposit box. There are clear guidelines of who can enter your safe deposit box upon your death and what can be removed under specific conditions. Take an index card, write down a long random password along with instructions on how to use it, all on one side, fold it in half (hiding the password), then write the intended recipient's name and any privacy warnings on the outside. Finally, run the folded card through a laminator. Write a will specifying who your executor should be (they will have access to your safe deposit box by court order), and specify in your will how the password cards should be handled.
Then, for each recipient, either give them the file to be decrypted, or let them know how they can retrieve it. Or specify that in the will or inside of the laminated card. I'd be wary of physical media (eg. a CD-ROM in the safe deposit box), as they're only readable for a few years. Even things like USB flash drives will eventually start losing bits. Plus, the USB standard will eventually be superseded. If you're committed to occasionally verifying the file's integrity and accessibility, then a USB drive in the safe deposit box might work. You may consider storing the encrypted file online, if you can find somewhere with long-term, guaranteed accessibility.
Just don't make it so complicated the recipient can't retrieve it when the time comes. I'd also be wary of asymmetrical encryption (eg. PGP) as it adds unneeded complexity, and keys can have expiration dates. That said, PGP and GnuPG have a symmetrical encryption option if you want to steer clear of WinZip or similar. 7-zip would also be a good choice, as it's free, open, and easily available.
Disagree with the answers above? Find more answers or leave your own at the original post. See more questions like this at IT Security, the Stack Exchange site for questions and answers about protection of assets from threats and vulnerabilities. And of course, feel free to ask a question yourself.