I need to start making plans for when I am gone, much sooner than I thought, and I realized our finances are pretty opaque to my spouse. Our bank account is shared, but there are other sites that only I have access to.
The easiest solution would be to physically write down logins and what needs done, put it in an envelope, and tell my family where that envelope is. I’m not thrilled about that, because I would have to shred and rewrite it every time I update a password or a URL changes, and it’d be vulnerable to nosy guests.
Putting it in a shared Google Doc would be easiest for everyone. But then Google has that data. Even supposing I trust a cloud SaaS provider not to misuse the data (which is a big ‘if’) I do not trust them to never have a data breach.
Self-hosting seems like the next step, except I expect my home server to be the first thing to collapse once I’m gone. Filing login info with an estate attorney would still require frequent updates. Putting a document on a flash drive risks data loss, but is what I’m leaning towards.
Is there a solution I’m missing?
No solution I’ve found, but I’ve been working on this myself. As I see it, there are two situations, and four categories of data:
I. My wife survives me II. We both die, e.g. in a car
I’ve been thinking about getting an M-Disk writer for media, because ultimately, backing up to B2 is fine until I’m gone. Family members will need physical media for the photos and stuff.
For secrets, I’m planning using SSSS. Keys will be given to members on each side of my wife’s and my families. If we both die, they’ll have to get together, put their keys together, and decrypt the KeePass DB.
The online accounts are almost all financial; those are in a KeePass DB. My wife already has access to all of that through power is attorney, and if we both go, it’s SSSS for the family.
The third data category are accounts and services that will be to be stopped. I don’t subscribe to much, but the VPS provider and B2 will have to be terminated, and a document with instructions and with the credentials is in the SSSS archive.
The final category are assets: home, mortgage info, where and what the M-Disks are, a copy of the will that deals with all of the valuables, and any notes about anything not covered in the will. That’s in documents in the SSSS archive.
I still have to put the archive together. I’ve been working toward a state where all of the secrets are in a cryptfs that’s shared on the LAN and automatically encrypted with SSSS and synced to a share. Once I have that automated, I’ll communicate out the SSSS keys and a how-to document.
In some ways, it was easier when you just died and your kids fought over the china. But I have a plan.