Start treating the Future-You like a Stranger. Write for that stranger, your Future-You will thank you. We think we will remember, but we won’t. So, don’t be too harsh on yourself and make it easier for your future-you. If that stranger finds it easier, it will also be for others; your relatives, kids, etc.
Unless your work and life need to be very secretive, or involve matters of national or international importance, I personally think a simpler printed/written format that works without electronics/Internet would be a better option. Of course, the printed details can have simple encryption, which your family/friends can break using day-to-day quirks you shared, such as the family secret codes, the name of that pet in the town you grew up in, or the middle name from the story of your great-grandfather, etc.
Some time ago, my mother-in-law (erstwhile teacher) and my godmother-aunty (businesswoman) began to forget many things. Their kids have tried quite a few phone apps and whatnot with electronics. Finally, I have suggested enforcing just two things: a lot of Valet bowls around the house (at common places in all the rooms) and pocket notebooks with pens attached. They just write anything and everything, from money to kitchen items to anything they want. If they forgot something, refer to the notebooks. If a key is lost, try the Valet Bowl. Now, my plan is to train their muscle memory to drop/pick from the bowl (don’t try to remember) and write things down.
The idea of Valet Bowls comes from something someone mentioned on Hacker News.
(Funny how I can remember this comment from many months ago after never implementing the bowls, but I currently can’t remember where my car keys are. Should have implemented the bowls…)
Brajeshwar 3 hours ago [-]
Oh God, Yes. Now, in my favorited posts and comments.
For keys, there is only one place: the Keyholder wall-mounted near the main door, while still visible from the main Hall. Not easy to pick and go by “guests” without being seen by someone, but easy for residents to just walk out with one. I got the exact same ones from Amazon and wall-mounted them in all the homes where I serve as Printer-Repair Guy. 10+ years, I kinda have trained every family member’s muscle memory, “Keys go there and only there.” ;-)
Add/Edit: I also have a sticker I printed stuck to the Keyholder, in Monica’s words from Friends, “Got the Keys?”
aforwardslash 7 hours ago [-]
5 out of 7 means you cannot be in an eg. car accident with more than 2 of them at a time, if there is the possibility of all of them present in the car not surviving.
Im also quite more practical - there are responsabilities that may go beyond a simple memory loss - eg. If one is in a coma or just hospitalized for a long period of time; trusted third parties may require access to your accounts even for simple stuff like paying bills/rent/cloud services.
bitexploder 11 hours ago [-]
Low tech: I put my secret manager password in a physical journal that is locked in a fire proof, water proof vault and hidden somewhere only my partner and myself know where it is. I use a password manager. Everything else goes in the password manager.
repiret 10 hours ago [-]
This is what I do too, but be warned about “fire proof” - a fire that results in the total loss of your house will create enough heat for enough time that fireproof gun safes and smaller fireproof lockboxes will be destroyed, or even if not, their contents will get hot enough to combust anyway.
A bank safe deposit box offers a different security profile that’s probably more robust against fire because banks burn less often than houses.
It’s probably not practical to really be robust against fire without being buried several feet deep.
paulgerhardt 8 hours ago [-]
Just went through this. Sample size one:
While the fire resulted in the total loss of the house it was actually the water from the fire department not the heat that did proportionally more damage.
As a mental model you shouldn’t think of it as “what if my house burns down?” so much as “what if nice strangers roll up to my windows and chainsaw through my roof and spray 50,000 gallons of water in here?”
Yes everything in the mechanical room melted but everything in the rest of the house got hot, smoky, soaked and then moldy.
For root of trust materiel like social security cards, cash, passports put in a ziplock bag in a fireproof, waterproof safe. But for other storage I use clear “Ezy Storage” brand stackable 50L tubs labeled with Homebox QR codes. In the US, Target and Home Depot frequently stock them. I am very anti black and yellow tubs.
The majority of work post-fire goes to itemizing your house inventory for insurance. Even cataloging all your bathroom’s soaps by brand name rather than generic can make $100 difference. Multiply that by 500x different things.
From a threat model perspective I look at rooms from a “what would be salvageable in here if I emptied a swimming pool’s worth of water from some fire sprinklers”. Furniture and TVs are easy to replace. Other stuff less so.
repiret 3 hours ago [-]
My insurance agent has recommended that once a year or so I carefully walk through the house with a video recorder, opening every cabinet and drawer and tool box and so on. It's easier than constructing a detailed inventory, but gives you the raw data you need to construct one in the unlikely even that you need it.
Loughla 6 hours ago [-]
We did that with major hail damage a few years ago. I learned that in a disaster, you should count on everything being junk, and you're lucky if you can salvage anything. We also learned the value of itemized lists.
1500/piece for 20 junk windows I was building a greenhouse with that I dug out of the trash the year before. $250 for a bird feeder because they couldn't find one outside of specialty stores. $40k instead of 10k for a new roof on the shed because it was heavier gauge metal than standard.
Exact replacements can be expensive, but you need to make sure your insurance has 100% replacement instead of adjusted for age or like-kind replacements.
After that experience, we itemized EVERYTHING in the house with make, model, serial number, and color. It was a bitch to get set up, but took the value of our home contents from around 75k to over 250k for exact replacements.
Copies of these records along with our master password for our keepass database are in two bank deposit boxes about 45 minutes apart. For $50/year we can sleep easy.
eastbound 1 hours ago [-]
How do you open the bank vault? Key? Passcode?
tgsovlerkhgsel 33 minutes ago [-]
In general, identity (the bank checking who you are) is often involved in regular unlocking and there will be an identity-only recovery procedure that will work even if you lose your usual credential (key, passcode, card, whatever). This may involve drilling a lock and the bill for that.
TacticalCoder 26 minutes ago [-]
Bank vault can be key+combination (eg three letters) or dual key or others. For example in a dual key: one key from the bank and one key being your own key.
If a key is lost, you go and prove your identity (easier if any bank employee is familiar with you) and ask for a new key. A date is set and a locksmith shall come, you are next to him and next to the bank employee while he uses the bank's key and lockpicks your lock. Then he configures it for a new key (or replace the lock).
It's cost you something like $300 or whatever.
Source: been next to locksmith opening a bank vault, twice, in two different countries. Once for a bank belonging to a deceased family member (we had the key but not the three-letters combination) and once not because I lost my key but because the bank's lock (on my vault) went defective.
So it's not "my key from the my vault at the bank melted during a housefire, so I can never access my vault at the bank anymore" nor is it "I forgot my three-letters combination, so until the end of the universe that bank vault shall stay locked".
ThePowerOfFuet 30 minutes ago [-]
If you can prove your identity to the bank and have lost your key, they will drill the lock to get you into your box. For a fee, of course.
tmoertel 3 hours ago [-]
> I am very anti black and yellow tubs.
Would you mind sharing more about these tubs and why you are against them?
alsetmusic 7 hours ago [-]
This is very interesting and will inform changes in how I secure some items. Thanks for the new perspective.
ThePowerOfFuet 37 minutes ago [-]
>put in a ziplock bag in a fireproof, waterproof safe
In the event of a fire, the bag will melt and coat everything in plastic. This may be undesirable.
8n4vidtmkvmk 1 hours ago [-]
Yes but your house has to burn down and you have to simultaneously lose your memory.
If your house and PC burn, restore from online backup.
If your brain burns, spouse restores from vault.
heavyset_go 5 hours ago [-]
That inventory will be available for seizure by court order for any variety of reasons, and you won't ever know about it until it's too late.
Something you keep in your home that no one knows about won't be inventoried.
In December 2025, items worth an estimated €30 million were stolen from a Sparkasse bank in the Gelsenkirchen suburb of Buer, Germany. The thieves used a large drill to break into the bank's underground vault and proceeded to crack over 3,000 safe deposit boxes.
nerdsniper 9 hours ago [-]
Don’t need events that extreme. Regular branch banks have stuff go missing from the safety deposit boxes shockingly regularly. The locks aren’t particularly secure and various people are able to access them. It can be hard to find articles about them because they don’t make the news like the more remarkable incidents do. Examples of boring security box failures (but that were noteworthy in other ways so they did make the news): Jennifer Morsch, Roberta Glassman, Lianna Sarabekyan (multiple customers affected), Philip Poniz, Wells Fargo in Cape Coral FL, Wells Fargo Katy TX (many customers affected, blamed on road construction down the street), lots of individual stories where banks just totally stopped following their own procedures on ID checking and logging.
The vast majority of these don’t make the news because there’s no proof there was even anything inside the box in the first place so anyone could be lying.
> Mr. Pluard, who tracks legal filings and news reports, estimates that around 33,000 boxes a year are harmed by accidents, natural disasters and thefts.
> Oddly, the bank returned to him five watches that weren’t his. “They were the wrong color, the wrong size — totally different than what I had,” Mr. Poniz said. “I had no idea where they came from.”
> Regular branch banks have stuff go missing from the safety deposit boxes shockingly regularly. The locks aren’t particularly secure and various people are able to access them.
My late wife had a safe deposit box in the Almaden Valley (San Jose) branch of US Bank. Her key to the box was nowhere to be found. So I had to get the box drilled open.
This would normally require a hefty fee. But the branch was moving to a new location, so they invited customers to make an appointment to show up a Saturday with proper ID for a lock drilling party.
I showed my ID and the death certificate, and we went into the safe to have the lock drilled.
But there was no real drilling involved. The locksmith had a little handheld gadget that she pushed into the lock, gave it a little twist, and the door came right open.
The ironic part? All that was in there were a few pieces of costume jewelry, worth maybe $50 in total.
She was paying more than that per year for the box rental, and if I'd had to pay for the "drilling" it would probably be more than that.
7 hours ago [-]
ses1984 10 hours ago [-]
Another solution is to engrave your secret on something that’s stable up to household fire temperatures.
0cf8612b2e1e 10 hours ago [-]
A real innovation from the Bitcoin world! There are several physical password store systems that they have suggested for this kind of use case. The simplest is basically using a nail to punch out a password onto a piece of sheet metal.
And so we return to our programming-roots with punchcards. :p
rustyhancock 8 hours ago [-]
Additionally hardware wallets which can use a seed to generate huge variety of keys.
Including AGE keys (so you can encrypt arbitrary data), SSH keys, FIDO2 and passkeys.
Additionally you might want to store a hardware wallet in a deposit box instead of the seed (if you trust the security model).
echoangle 10 hours ago [-]
Just make sure that the metal you use has a high enough melting point.
Wistar 9 hours ago [-]
Tungsten, perhaps.
syntaxing 5 hours ago [-]
I know there’s metal plates you can self stamp for crypto wallets. I’m sure you can do the same for this purpose.
willmadden 9 hours ago [-]
Floor safes do better than above-ground safes.
eljojo 10 hours ago [-]
do you store stuff in a bank? could you tell me more about it? my account gives me access to one for free and been meaning to put a yubikey there for a while but never have
nightshift1 10 hours ago [-]
Safe deposit boxes are not safe. There are many stories of peoples stuff going missing.
What if you RAID01 it, so you have four safety deposit boxes, two with the first half of your password, two with the second half of your password? Then no snoop at a particular bank would be able to get your password, but also if one or two go missing, the password won't be lost. And you just check all four boxes once or twice a year to make sure everything is good.
whartung 4 hours ago [-]
My (large) bank is yanking their safety deposit boxes out. They let subscribers know that they have, like, 1 or 2 years to go. They're doing it across the branches. They basically feel it's not worth the liability any more, and the way it was presented to me, it's not just them, but other banks are also doing (or at least considering) this.
Things we take for granted. When my father passed, I was digging stuff out of SDBs that he had for decades.
jerezzprime 8 hours ago [-]
Maybe not safe for valuables. What about stuff that has no value to anyone else? I'm not a villain from Ocean's Eleven, no one is stealing my passwords to break into my elaborate safe.
saulpw 7 hours ago [-]
What I found out when I was burgled, was that they don't care. I had nothing valuable in my firesafe but they still took it wholesale. I found some papers from it drifting around outside afterwards like they had dumped it out. But not my passport or SSN card. The lock was even broken so they could have just opened it to see that and saved themselves the lift. But again, they don't care.
10 hours ago [-]
cyberax 10 hours ago [-]
I do. I have a small safe deposit box in my local branch for about $1 a year.
It's great if you want to store some documents. But don't expect _real_ security. It's guarded by a minimum-wage employee, and the keys are usually laughably insecure. Banks know this, so they cap their liability for the loss of the deposit box at around $1000.
So don't even think about storing gold bars there, like they do in movies.
There _are_ companies that provide safe storage for high-value items, but they are pretty exotic.
eljojo 9 hours ago [-]
that's... a really good perspective to have, thanks for sharing!
munk-a 11 hours ago [-]
Alternative - my partner and I (and also two other close contacts) have password managers that contain each of the other one's secret. This was less an effort to help with the memory loss scenario and more of an effort to deal with death and access to services (especially to cease subscriptions and the like).
In a lower trust scenario you could probably use a lawyer as a broker of the secret (potentially even as part of a will).
rcxdude 11 hours ago [-]
Password managers like bitwarden also have emergency access features which can do this, with the caveat of trusting them to enforce the requirement of access only being granted after a notification to the account holder is not denied in some time period (but unlike the lawyer you're not trusting them with the secret directly)
spockz 10 hours ago [-]
Apple has this thing called Legacy Contact which allows the same but then built in to the whole Apple account. This includes devices as well as the iCloud ~~and attached keychains. Granted, it is another hoop to jump through compared to presharing keys with each other.~~
It would be nice if your Apple account could be unlocked with some other keys as well apart from the primary one, but I guess that is what Apple calls the “Legacy Contact Key”.
Edit: okay so the keychain is excluded from this. So back to storing each others passwords in eachothers keychain…
eljojo 10 hours ago [-]
I didn't know about bit warden doing this until today! I definitely have to look closer into it, been using 1password for more than a decade and I keep being disappointed. I'd definitely like off-sourcing this to someone instead of building it myself
kwanbix 5 hours ago [-]
So if you and your partner die, whoever is part of your family is fck.
eljojo 10 hours ago [-]
this is honestly a very pragmatic solution. the amount of life-long relationships i've seen vanish overnight has got me to reconsider my choices when it comes to single points of failure.
I like the idea of the lawyer, unlike normal people, they like sticking to their promises.
maurycyz 11 hours ago [-]
This. A physical safe provides something that you can't do digitally: It's hard, but not impossible to get in without credentials.
On the internet, it's either: Public for anyone in the whole world, or impossible to recover if anything goes wrong.
kylehotchkiss 10 hours ago [-]
I've broken into Physical Safes using nothing more than a drill with a half inch bit (I was young and didn't want to drag myself to harbor freight to sacrifice a more suitable tool). Enough boreholes and I had access.
In hindsight, looking harder for the key would probably have been fruitful.
0cf8612b2e1e 10 hours ago [-]
Nothing says you cannot trivially encode the paper password. Those in the know understand that you need to append “BoomShakalaka”, replace “A” with “Q”, or some other super simple modification to what is recorded.
Maybe the NSA would be willing to brute force the infinite variations from that starting seed, but it is still effectively locked for mortals.
Dylan16807 27 minutes ago [-]
If you add an explicit reminder to check the email where you explained the modification, then the idea seems solid. Tough at that point put half the password on paper and send the other half to a whole bunch of trusted people.
mathstuf 10 hours ago [-]
I've thought about making a "word search" and embedding the passphrase in it using a pattern (e.g., a subset of a Knight's tour, a space-filling curve overlay, or some other sampling algorithm).
I used to keep a password card in my wallet and had a pattern I would use.
tempestn 2 hours ago [-]
I'd advise sharing that knowledge with one trusted person outside your household too, especially if you and your partner have dependants.
rcxdude 11 hours ago [-]
In general whatever kind of backup plan you have for when you die could also work in this scenario, you may just need to think harder about anything that you do not want have revealed when you die.
eljojo 10 hours ago [-]
sometimes simpler is the best. I am always on the move so vaults don't jive well with me. my concern would be for something to still happen to it, too. I'm trying to go by the principle of not putting all my eggs on one basket.
utopiah 1 hours ago [-]
Ah, I actually did something similar years ago. I basically hashed individual pages of my wiki and I think I published the hash of hashes on the Blockchain. Anyway I didn't need it and stop maintaining that system but definitely interesting explorations.
To clarify the hashing was to verify that the pages were indeed modified by me, to prevent tempering.
The "lost my memory" scenario differs a bit from death/succession planning in that you can use biometrics... but IMO it's better to jump straight to the latter and concuss two birds with one stone.
KevinChasse 3 hours ago [-]
Interesting approach. I like that this is explicit about human recovery rather than pretending crypto alone solves catastrophe.
That said, this design and fully stateless systems like mine (deterministic derivation, no escrow) are solving opposite failure modes. Shamir-based social recovery assumes:
trusted third parties remain reachable,
they are willing and able to cooperate,
and that recovery is an exceptional event.
Stateless systems assume the inverse:
no one can be relied on,
recovery is impossible by design,
and the primary threat is silent compromise rather than lockout.
Neither is “better” universally; they’re value judgments. What I appreciate here is that the tradeoffs are made explicit instead of buried behind UX.
One open question I’d be curious about: how you reason about coercion risk over time (friends change, incentives change), and whether you see this as something users should periodically re-shard as relationships evolve.
no way!!!! I searched for a long time for a solution like this, many could encrypt using shamir but none took an actual file with browser upload and easy UX. and like, 14 years ago? my hats down to you my friend.
my zip bundles are 1-2 megabytes due to all the wasm, and you achieved this on so little. impressive job!
I'd love to hear what you think about mine, one of the differences is that it creates a ZIP file containing the recovery app in it, as well as a PDF with instructions for non-technical friends. Overall trying to make the recovery experience as smooth as possible.
but cheers, your version is the only one that I found that does basically what mine does, all the others fall short one way or another!
thephyber 10 hours ago [-]
I wonder how many thousands or millions of useful projects are so well hidden that they are effectively nonexistent.
eljojo 10 hours ago [-]
you know, I've always thought that "If I know I have something... somewhere, but I don't know where that thing is is, I have effectively lost it"
mohn 10 hours ago [-]
I agree with the sentiment, and the specific wording of your comment made me want to link to the classic bash.org quote[0] which has consistently been in the top 5 for a long time, but I just learned that we lost bash.org... :(
I like it. Perhaps you can use a weird idea of mine.
You can discard/modify part of a password before sending it to your backend. Then, when you log in the server has to brute force the missing part.
One could extend this with security questions like how many children pets and cars you own. What color was your car in 2024. Use that data to aid brute forcing.
The goal would be to be able to decrypt with fewer than 5 shards but make it as computation heavy as you like. If no one remembers the pink car it will take x hours longer.
digiown 8 hours ago [-]
This makes little sense, IMO. Information is information. There is no difference between this and just having a short/simple passphrase with the PKBDF iterations turned very high. You might as well shard secrets using Shamir and encode it via a modified version of BIP32 words.
econ 3 hours ago [-]
I'm no crypto expert, just fooling around.
The security questions are like extra shares of lower value.
My mental model is something like burying the password in your 100x100 yard. You give one friend the X and a different friend the Y coordinates both rounded down to a multiple of 10 meters. The security questions can be added to the X and Y coordinates.
ohhhh that's brutal haha! for context my app runs entirely clientside, but I get it, it's an interesting idea...
econ 3 hours ago [-]
I wonder if they even need a file. They could pick some question and type their secret into the app, something like the name of their first date etc
If you are to hand out files maybe it is wonderful to write them a letter that serves as their shard? They might actually store it some place safe and it wouldn't scream I'M A SECRET!
ImPostingOnHN 9 hours ago [-]
That is a neat take on "key strengthening", or "peppering":
Would also cover banking details or whatever else you want to put in there.
csullivannet 3 hours ago [-]
> Trusted emergency contacts must be existing Bitwarden users
While the motivation is similar this basically kills the feature. It requires that your friends not only use but continue to maintain their accounts.
From my understanding of OP's implementation, being completely offline they can basically just keep the key on a USB or file store of any kind.
Personally I think the most robust solution is single key access (a la emergency kit), distributed in one or more secure bank vaults for redundancy (many still do offer these for free or cheaply for small boxes). Put instructions in your (living) will and done.
gingerlime 10 hours ago [-]
Other than passwords though, I also have stuff installed at home on a Synology NAS, a mail server, a VPS running some websites (my own, family, my wife's), Home Assistant, Family photos with backups etc etc.
I wonder who would not only have the passwords, but the know-how to manage the whole thing, at least to transition it to more managed services...
Terr_ 8 hours ago [-]
I think that boils down to having a checklist addendum to go with your will, an outline of accounts and data to rescue.
reddalo 10 hours ago [-]
Me too. I'm starting to self-host more and more services for both me and my family, and I wonder what would happen should I meet a bus in a front-facing way.
thephyber 10 hours ago [-]
Don’t assume that anyone can.
If you want someone to be able to access it after you’re gone, either put 1000 BTC in it or leave instructions. Paper instructions in a physical fireproof safe is way easier to deal with than any digital encryption with no hints.
eljojo 10 hours ago [-]
you're completely right! the app actually guides you on some of that, it generates a readme that gives you advise on what to document, but I agree you can't be too careful here, the passwords IS NOT ENOUGH.
TouchID is a good starting point... though it does confirm your password weekly.
Somewhat tongue-in-cheek, but if I lose my memory, how am I supposed to remember the 7 (or 5) friends who have my password...?
Somewhat less tongue-in-cheek, if you really wanted to be serious about your friends not being able to produce your password now for the lolz, then you'd actually want to ensure they were merely acquaintances who didn't know each other and couldn't find each other, e.g. not all Facebook friends. In which case the list of friends becomes essentially as important as the password, and then how do you remember where you've stored that list?
In reality, hopefully you can just entrust your master password with your closest family (spouse, parent, adult children), assuming they're not going to drain your bank account or read your private digital journal.
Yodel0914 9 hours ago [-]
We use Vaultwarden and Bitwarden to share passwords with the family. My wife has my master password and I have hers.
The bigger issue if I drop dead is all the nontrivial tech crap I have set up (self hosted Vaultwarden included…).
karussell 8 hours ago [-]
Honest question: what is the benefit of such a specialized service compared to just an encrypted file with all your passwords that you share via some common file sharing service (hosted or self-hosted)
nippoo 11 hours ago [-]
This kind of thing, widely implemented, would be a game-changer for dealing with assets after someone's death! I maintain my family's IT infrastructure (Google Enterprise admin, webserver etc) and I've been tempted to write down 1/4 of my password manager root password and give it to each of my family members - but then we run into the problem where if any one of them loses their shard, it's unrecoverable. Some kind of ECC would be great - ideally where I could print it out onto various bits of paper with a user-definable redundancy, or better still, some kind of reciprocal system where (say) 8/10 members of a trusted friend group/family ring could unlock any other member's password...
gomox 8 hours ago [-]
Don't worry even if your heirs have the password, it's extremely likely that Google will find the login attempts "suspicious" and try to verify your identity by sending SMS codes to a phone number you last had in 2005, despite your best attempts to prevent it.
rcxdude 11 hours ago [-]
Shamir secret sharing is the cryptographic thing that you want. You can can configure any M of N to be needed to recover the underlying secret.
(If you have a trusted third party, you can also enforce a cooling off period: e.g. that any attempt to access results in a notification to the account holder that if not denied within some time period, access is granted)
cyphar 5 hours ago [-]
There are much better systems for splitting data than just chunking it into N chunks, the most common is Shamir Secret Sharing[1] (the main benefit being that you can construct an M-of-N scheme easily and having N-1 shards provides you zero information about the secret). One word of caution -- a lot of software developers get enamored by the idea of information-theoretic security when they first run into it, but you eventually realise that useful applications of tools like SSS are actually quite rare.
Shameless plug: I wrote a project a few years ago to create PDF-based backups with sharded keys which would do exactly what I suspect you want[2], unfortunately I got stuck at the "make a nice UI for it" stage (everything works but it's just a CLI tool at the moment). I guess I should take a look at using an LLM for that these days... (I used this to store my password manager root password and necessary keys to pull and decrypt the encrypted backups of my server.)
A quarter of your password manager's password means it needs to be really long for it to not be bruteforceable if one or two quarters are recovered (on the order of at least 24 completely random alphanumeric characters)
Shamir's secret sharing scheme does not allow anyone to bruteforce it, no matter if they have 99 out of the 100 required pieces that unlock a 10-character password. If you want to do this sort of thing, I would recommend using a secret sharing scheme instead
ezwoodland 9 hours ago [-]
Something along the lines of reed-solomon codes could work for you:
If you want to share your password with M family members such that you only need N to agree to recover the original:
Split your password into ordered chunks.
Make a polynomial p, of power N where the p(1) = chunk1, p(2) = chunk2, ...
Evaluate the polynomial at M other points: p(N+1),p(N+2)...
Gives those M new points to your family along with their index (+1,+2,...).
If less than N family members get together, they will not be able to figure out the password much better than guessing. If N get together, they can interpolate their points to form the unique polynomial which will match p. Then evaluate p at p(1),p(2),... to get your original password.
If you put the whole password into 1 chunk, and pad the polynomial with random extra coefficients or points to make the polynomial of sufficient degree, then they get literally no information on the password without having at least N cooperate. If you make multiple chunks then they can do a little correlation between the chunks without knowing the whole thing.
This is sufficiently simple you can even work this out by hand without a computer, though it would be somewhat tedious.
octoberfranklin 7 hours ago [-]
Reed-Solomon is error correction, not encryption.
nandomrumber 11 hours ago [-]
You can give your password, or part of it, to your estate lawyer to attach to your will.
This is obviously more cumbersome, and probably costly, if you intend on changing your password. I guess you could change the part of it you don’t store with them.
tmpfs 10 hours ago [-]
We care about this porblem and are actively working on it, like the OP we also settled on shamirs secret sharing with a time lock mechanism.
However, there is still the issue of the service provider going offline or out of business which we don't have a solution for yet.
We have started with a good password manager and will be adding digital inheritance/social recovery soon! [0]
services going offline is a big concern for me! that's why my solution is offline first, I like the idea of the encrypted backup living in my friend's email inbox and working entirely without internet. a true hard copy.
for the time lock mechanism, how do you go about it? I'm interested in exploring using drand time lock, but that also relies on the service continuing to run (which is admittedly very likely) https://github.com/drand/tlock
eljojo 10 hours ago [-]
yes! I am starting to do some planning on that myself, that's why I'm in that kind of mindset. If you know more people in this space, please share this with them! would love to get feedback
cyphar 3 hours ago [-]
I wrote a project to do this a few years ago[1], it's mainly missing an automated mechanism to scan the PDFs and a GUI. Maybe you'll find it interesting.
I suffered a traumatic brain injury (TBI) related to an e-bike accident two years ago. I woke up in the ICU after a short coma-like thing and the nurses/doctors asking me questions and it was clear I was answering for the 10th time or more, like we had all done this before, but I couldn't remember anything.
Thankfully my very long password I use for an encrypted Borgbackup I have was somewhere deep or untouched, but, otherwise I would have been fucked. Also, the backup codes Google told me they would always accept failed and it wasn't until I found a random unused Android device in a drawer that had been unused for a year was I able to get access back to my Google account of ~25 years.
lucb1e 8 hours ago [-]
Wow, it both surprises me but also makes me feel justified in that I keep telling people to make backups of things they care about including something like a Spotify account (if your song lists are dear to them, at least the titles and other metadata that they could rebuild from) and other "cloud" or SaaS services. Anything one cares about, back it up! (Not to you but as a PSA)
Still, it's weird that Google doesn't accept a recovery code. Then again, I had a similar issue where I had nothing set up but a recovery email address and password (back when 2FA was rare), and after confirming both, Google said "well, we still think it's suspicious, why don't you use a device where you're already logged in" (my account had no active sessions that I knew of, besides that I was traveling). Luckily I didn't need it for anything as I had my email moved away already at that time. I still can't access that account today and I switched to throwaway accounts for things like youtube comments or app downloads from the play store (need to download that government authentication software somehow...)
Did Google specifically reject the recovery code as invalid, or did it accept all entries and then their algorithm rejected the login outright?
ddtaylor 2 hours ago [-]
It accepted the backup code and my correct password and then wanted to verify more stuff, which there was nothing, and just said "Sorry, we can't give you access to your account right now".
ericbarrett 11 hours ago [-]
I also had old Google backup codes fail a few years ago. Anybody who hasn't regenerated them in a year or two, I recommend you do so.
rektlessness 9 hours ago [-]
Long-term access recovery typically requires rituals like annual check-ins, media rotation, and human drills. We already do this with annual fire-drills.
lucb1e 8 hours ago [-]
My password manager has, *checks*, precisely 900 entries. Say that I care about maybe ten percent, that's still doing a "drill" on every single weekend day of the year
Security aspects of software should just work properly. Google should test this and, imo, people should make backups of data they care about. Google might ban you for any reason, no matter if the recovery drill worked 2 hours ago it might not work anymore now. Seems like a fool's errand to keep chasing it instead of making routine (or automated) backups of data when you update it
lucenet 11 hours ago [-]
Well, this is disturbing news.
bornfreddy 10 hours ago [-]
I have (had?) a Google account tied to my email (which is on a domain I own). Not sure if I ever gave them my phone number, initially. Tried to login a few years back, correct password, but they insisted on me entering my phone. Finally I did - and they can't let me in because my "provider is not supported" and they can't send an SMS with the code, so I'm locked out. Tried every few months since then, no go. Fortunately I didn't lose much (except some family photos), but it is annoying as hell. I wouldn't trust Google with anything important. And yes, I tried with an brand new number on a new phone, unrelated provider. No dice. According to reddit I'm far from alone in this. So if you rely on a Google account for anything... Well, good luck!
Zambyte 10 hours ago [-]
Google services are best treated as a liability.
tencentshill 10 hours ago [-]
Make Google Takeouts a part of your backup routine.
eljojo 10 hours ago [-]
my stomach turned into a knot just reading your story. I know that feel of waking up surrounded by nurses not knowing what happened. I'm so glad you had proper backups!!!!!!!!!!
this exact story is why i built my app, thank you so much for sharing.
my hope is to basically make a next version of your plan that's distributed among friends.
modeless 11 hours ago [-]
For this purpose Google offers "Inactive Account Manager" AKA a dead man's switch.
couchdive 10 hours ago [-]
3 months of non-use is the lowest term available before it will enact. That's too long for most situations except maybe probate court
eljojo 10 hours ago [-]
I don't use Google :(
bsza 7 hours ago [-]
Set up a Github action to send out the secret if you don't commit to a repo every x days? You could even combine it with secret sharing to make sure your friends can't access it unless you're really in trouble.
2color 10 hours ago [-]
I like that more people are thinking solving some of the problems of digital inheritance we face. These are problems that are so important now that so much of our lives are digital and tapping into ones actual social circle seems the best way to do this.
Also, kudos for packaging it as a static web app. That's the one platform I'm willing to bet will still function in 10 years.
lucb1e 8 hours ago [-]
As someone who still plays Windows games from 30 years ago and Flash games from ~20 years ago, I'd not be so pessimistic about other platforms, at least when there is no negative sentiment towards it and a good track record of stability. Not to say that the web is not among the best choices
kzalesak 9 hours ago [-]
Thank you for this tool. We have been looking at shamir schemes in our org for encrypting backup, and decided against it for the reasons of being too complicated. Maybe it is time to revisit it again.
rawgabbit 11 hours ago [-]
For my personal passwords, I use Apple's password manager. It lets me share passwords with my family. I also created a folder on Apple's iCloud that I share.
Despite the convenience factor, it isn't great to use a manager tied into your own ecosystem. It should exist outside, with the minor factor of lesser convenience.
eljojo 9 hours ago [-]
I've been so tempted to try out the apple password manager, I'm fully vested in their ecosystem, but the lock in is too big for me to feel comfortable with.
It also terrifies me. The best solution I can come up is to export out my passwords to a thumb drive every few months.
moltymolt 12 hours ago [-]
That's an interesting idea. It's a good solution to the problem of sharing all your passwords with your loved ones posthumously. Typically that'd involve keeping everything in a vault which will automatically be released to your person of choice if you failed to reset it. The annoying part is having to reset it indefinitely. I like your idea where you share it with multiple people in advance but they would have to collectively decide to unlock it.
eljojo 10 hours ago [-]
exactly! my hope is to offload some trust to the collective of my friends
11 hours ago [-]
mhb 7 hours ago [-]
Step 1. Get 7 friends
ShrootBuck 6 hours ago [-]
I have to say, this is a very cool project, and I love how everything you need is packaged up nicely for distribution
rektlessness 9 hours ago [-]
As our identities get more fragmented across devices, clouds, and cranial volatility, I expect digital wills that withstand real-world decay to become the norm.
i thought 3M had already invented the best password safe ;)
ddtaylor 10 hours ago [-]
I think 3M also sells a $5 wrench.
eljojo 9 hours ago [-]
lol i'm so neurodivergent i had to read this 5 times to understand 3M didn't just get into the encryption business
lucb1e 8 hours ago [-]
Want to clue a brother in?
Edit: wait, sticky notes maybe? I thought they were a tape company (I'm not sure they're active in my country) but it just occurred to me that maybe they sell other office supplies as well
0gs 5 hours ago [-]
sorry if i missed this elsewhere: how do you remind yourself this vault exists? do you have to explain the whole thing to your 7 lifelines?
lucenet 11 hours ago [-]
Write down the password, print out recovery codes. Store them in separate buildings.
Tell someone you trust about where you left these pieces of paper.
notepad0x90 11 hours ago [-]
a safe-deposit box at a bank works ok too.
JTbane 11 hours ago [-]
master password on paper hard copy
eljojo 10 hours ago [-]
that's so scary though! what if someone has access to it? or it gets lost when you need it?
seb1204 10 hours ago [-]
I think this is when you need to evaluate your thread scenario.
A) self-made crypto accessible through web or browser that any cracker can find through www and use machine clusters to run on or AI to work on etc.
B) physical home invasion that are interested in one of your A4 papers with some random words that have only meaning to you and few trustees.
9x39 9 hours ago [-]
Well, there's power of attorney, which centralizes massive authority over your life with someone else, and yet people do so because when you pick right, it's a useful system.
I'm trying to think of how this survives friends (who come and go in your life) having to coordinate. Then again, some people really did have PGP key signing parties...
mikkupikku 10 hours ago [-]
I'm a firm believer in passwords on sticky notes.
(At home of course, people get pissy if you do this at work!)
0gs 5 hours ago [-]
sorry if i missed this question. how do you remember you have this vault?
registeredcorn 11 hours ago [-]
I explicitly make it so I cannot regain access to my computer in the event that my memory becomes faulty.
I would be in an impaired state, and cannot function in way that would be conducive to either work or pleasure in terms of computer use.
That is to say, the entire reason why I have password security at all is to keep out people who do not know the password. If someone does not know the password, they should not be able to access the system. That obviously and clearly applies to myself as much as any other person. "If you do not know it, then you do not need it."
saltcured 10 hours ago [-]
I agree in broad strokes. If I am incapacitated, that is when things like durable power-of-attorney, medical advance directives, and living trusts come into play.
The important thing is to ensuring your computer is not a single point of failure. Instead of losing a password, you could have theft, flood, fire, etc. Or for online accounts, you are one vendor move away from losing things. None of these should be precious and impossible to replace. I've been on the other side of this, and I think the better flow is to terminate or transfer accounts, and wipe and recycle personal devices.
A better use of your time is to set up a disaster-recovery plan you can write down and share with people you trust. Distribute copies of important data to make a resilient archive. This could include confidential records, but shouldn't really need to include authentication "secrets".
Don't expect others to "impersonate" you. Delegate them proper access via technical and/or legal methods, as appropriate. Get some basic legal advice and put your affairs in order. Write down instructions for your wishes and the "treasure map" to help your survivors or caregivers figure out how to use the properly delegated authority.
catlifeonmars 11 hours ago [-]
What if you forgot your password but retained all other memories?
wavemode 10 hours ago [-]
Well see, that's why I keep my "password" memory stored snugly next to "breathing" and other such. If I'm walking around conscious, then I must still know my password.
eljojo 10 hours ago [-]
asking the real questions here
esafak 11 hours ago [-]
No family, eh?
seb1204 10 hours ago [-]
Maybe but does not want to share the pics or tax return.
Joel_Mckay 7 hours ago [-]
Dead man's switch doesn't necessarily mean the operator has expired
They are an important feature in autonomous systems, critical equipment, and deterrents. =3
rkagerer 10 hours ago [-]
Nice! Good to see some tooling in this space explicitly designed for simplicity and user-friendliness.
One practical problem to consider is the risk of those distributed bundles all ending up on one or two major cloud provider's infra because your friends happened to store them someplace that got scooped up by OneDrive, GDrive, etc. Then instead of the assumed <threshold> friends being required for recovery, your posture is subtley degraded to some smaller number of hacked cloud providers.
Someone using your tool can obviously mitigate by distributing on fixed media like USB keys (possibly multiple keys to each individual as consumer-grade units are notorious for becoming corrupted or failing after a time) along with custodial instructions. Some thought into longevity is helpful here - eg. rotating media out over the years as technology migrates (when USB drives become the new floppy disks) and testing new browsers still load up and correctly run your tool (WASM is still relatively new).
Some protocol for confirming from time to time that your friends haven't lost their shares is also prudent. I always advise any disaster recovery plan that doesn't include semi-regular drills isn't a plan it's just hope. There's a reason militaries, first responders, disaster response agencies, etc. are always doing drills.
I once designed something like this using sealed paper cards in identified sequence - think something like the nuclear codes you see in movies. Annually you call each custodian and get them to break open the next one and read out the code, which attests their share hasn't been lost or damaged. The routine also keeps them tuned in so they don't just stuff your stuff in an attic and forget about it, unable to find their piece when the time comes. In this context, it also happens to be a great way to dedicate some time once a year to catch up (eg. take the opportunity to really focus on your friend in an intentioned way, ask about what's going on in their life, etc).
The rest of my comments are overkill but maybe fun to discuss from an academic perspective.
Another edge case risk is of a flawed Shamir implementation. i.e. Some years from now, a bug or exploit is discovered affecting the library you're using to provide that algorithm. More sophisticated users who want to mitigate against that risk can further silo their sensitive info - eg. only include a master password and instructions in the Shamir-protected content. Put the data those gain access to somewhere else (obviously with redundancy) protected by different safeguards. Comes at the cost of added complexity (both for maintenance and recovery).
Auditing to detect collusion is also something to think about in schemes like these (eg. somehow watermark the decrypted output to indicate which friends' shares were utilized for a particular recovery - but probably only useful if the watermarked stuff is likely to be conveyed outside the group of colluders). And timelocks to make wrench attacks less practical (likely requires some external process).
Finally, who conducted your Security Audit? It looks to me as if someone internal (possibly with the help of AI?) basically put together a bunch of checks you can run on the source code using command line tools. There's definitely a ton of benefit to that (often the individuals closest to a system are best positioned to find weaknesses if given the time to do so) and it's nice that the commands are constructed in a way other developers are likely to understand if they want to perform their own review. But might be a little misleading to call it an "audit", a term typically taken to mean some outside professional agency is conducting an independent and thorough review and formally signing off on their findings.
Also those audit steps look pretty Linux-centric (eg. Verify Share Permissions / 0600, symlink handling). Is it intended development only take place on that platform?
Again, thanks for sharing and best of luck with your project!
Unless your work and life need to be very secretive, or involve matters of national or international importance, I personally think a simpler printed/written format that works without electronics/Internet would be a better option. Of course, the printed details can have simple encryption, which your family/friends can break using day-to-day quirks you shared, such as the family secret codes, the name of that pet in the town you grew up in, or the middle name from the story of your great-grandfather, etc.
Some time ago, my mother-in-law (erstwhile teacher) and my godmother-aunty (businesswoman) began to forget many things. Their kids have tried quite a few phone apps and whatnot with electronics. Finally, I have suggested enforcing just two things: a lot of Valet bowls around the house (at common places in all the rooms) and pocket notebooks with pens attached. They just write anything and everything, from money to kitchen items to anything they want. If they forgot something, refer to the notebooks. If a key is lost, try the Valet Bowl. Now, my plan is to train their muscle memory to drop/pick from the bowl (don’t try to remember) and write things down.
The idea of Valet Bowls comes from something someone mentioned on Hacker News.
(Funny how I can remember this comment from many months ago after never implementing the bowls, but I currently can’t remember where my car keys are. Should have implemented the bowls…)
For keys, there is only one place: the Keyholder wall-mounted near the main door, while still visible from the main Hall. Not easy to pick and go by “guests” without being seen by someone, but easy for residents to just walk out with one. I got the exact same ones from Amazon and wall-mounted them in all the homes where I serve as Printer-Repair Guy. 10+ years, I kinda have trained every family member’s muscle memory, “Keys go there and only there.” ;-)
Add/Edit: I also have a sticker I printed stuck to the Keyholder, in Monica’s words from Friends, “Got the Keys?”
Im also quite more practical - there are responsabilities that may go beyond a simple memory loss - eg. If one is in a coma or just hospitalized for a long period of time; trusted third parties may require access to your accounts even for simple stuff like paying bills/rent/cloud services.
A bank safe deposit box offers a different security profile that’s probably more robust against fire because banks burn less often than houses.
It’s probably not practical to really be robust against fire without being buried several feet deep.
While the fire resulted in the total loss of the house it was actually the water from the fire department not the heat that did proportionally more damage.
As a mental model you shouldn’t think of it as “what if my house burns down?” so much as “what if nice strangers roll up to my windows and chainsaw through my roof and spray 50,000 gallons of water in here?”
Yes everything in the mechanical room melted but everything in the rest of the house got hot, smoky, soaked and then moldy.
For root of trust materiel like social security cards, cash, passports put in a ziplock bag in a fireproof, waterproof safe. But for other storage I use clear “Ezy Storage” brand stackable 50L tubs labeled with Homebox QR codes. In the US, Target and Home Depot frequently stock them. I am very anti black and yellow tubs.
The majority of work post-fire goes to itemizing your house inventory for insurance. Even cataloging all your bathroom’s soaps by brand name rather than generic can make $100 difference. Multiply that by 500x different things.
From a threat model perspective I look at rooms from a “what would be salvageable in here if I emptied a swimming pool’s worth of water from some fire sprinklers”. Furniture and TVs are easy to replace. Other stuff less so.
1500/piece for 20 junk windows I was building a greenhouse with that I dug out of the trash the year before. $250 for a bird feeder because they couldn't find one outside of specialty stores. $40k instead of 10k for a new roof on the shed because it was heavier gauge metal than standard.
Exact replacements can be expensive, but you need to make sure your insurance has 100% replacement instead of adjusted for age or like-kind replacements.
After that experience, we itemized EVERYTHING in the house with make, model, serial number, and color. It was a bitch to get set up, but took the value of our home contents from around 75k to over 250k for exact replacements.
Copies of these records along with our master password for our keepass database are in two bank deposit boxes about 45 minutes apart. For $50/year we can sleep easy.
If a key is lost, you go and prove your identity (easier if any bank employee is familiar with you) and ask for a new key. A date is set and a locksmith shall come, you are next to him and next to the bank employee while he uses the bank's key and lockpicks your lock. Then he configures it for a new key (or replace the lock).
It's cost you something like $300 or whatever.
Source: been next to locksmith opening a bank vault, twice, in two different countries. Once for a bank belonging to a deceased family member (we had the key but not the three-letters combination) and once not because I lost my key but because the bank's lock (on my vault) went defective.
So it's not "my key from the my vault at the bank melted during a housefire, so I can never access my vault at the bank anymore" nor is it "I forgot my three-letters combination, so until the end of the universe that bank vault shall stay locked".
Would you mind sharing more about these tubs and why you are against them?
In the event of a fire, the bag will melt and coat everything in plastic. This may be undesirable.
If your house and PC burn, restore from online backup.
If your brain burns, spouse restores from vault.
Something you keep in your home that no one knows about won't be inventoried.
In December 2025, items worth an estimated €30 million were stolen from a Sparkasse bank in the Gelsenkirchen suburb of Buer, Germany. The thieves used a large drill to break into the bank's underground vault and proceeded to crack over 3,000 safe deposit boxes.
The vast majority of these don’t make the news because there’s no proof there was even anything inside the box in the first place so anyone could be lying.
> Mr. Pluard, who tracks legal filings and news reports, estimates that around 33,000 boxes a year are harmed by accidents, natural disasters and thefts.
> Oddly, the bank returned to him five watches that weren’t his. “They were the wrong color, the wrong size — totally different than what I had,” Mr. Poniz said. “I had no idea where they came from.”
https://archive.is/j8e6x
My late wife had a safe deposit box in the Almaden Valley (San Jose) branch of US Bank. Her key to the box was nowhere to be found. So I had to get the box drilled open.
This would normally require a hefty fee. But the branch was moving to a new location, so they invited customers to make an appointment to show up a Saturday with proper ID for a lock drilling party.
I showed my ID and the death certificate, and we went into the safe to have the lock drilled.
But there was no real drilling involved. The locksmith had a little handheld gadget that she pushed into the lock, gave it a little twist, and the door came right open.
The ironic part? All that was in there were a few pieces of costume jewelry, worth maybe $50 in total.
She was paying more than that per year for the box rental, and if I'd had to pay for the "drilling" it would probably be more than that.
Including AGE keys (so you can encrypt arbitrary data), SSH keys, FIDO2 and passkeys.
Additionally you might want to store a hardware wallet in a deposit box instead of the seed (if you trust the security model).
ex: https://www.cbc.ca/news/safety-deposit-box-protection-1.7338...
https://archive.is/www.nytimes.com/2019/07/19/business/safe-...
Things we take for granted. When my father passed, I was digging stuff out of SDBs that he had for decades.
It's great if you want to store some documents. But don't expect _real_ security. It's guarded by a minimum-wage employee, and the keys are usually laughably insecure. Banks know this, so they cap their liability for the loss of the deposit box at around $1000.
So don't even think about storing gold bars there, like they do in movies.
There _are_ companies that provide safe storage for high-value items, but they are pretty exotic.
In a lower trust scenario you could probably use a lawyer as a broker of the secret (potentially even as part of a will).
It would be nice if your Apple account could be unlocked with some other keys as well apart from the primary one, but I guess that is what Apple calls the “Legacy Contact Key”.
Edit: okay so the keychain is excluded from this. So back to storing each others passwords in eachothers keychain…
I like the idea of the lawyer, unlike normal people, they like sticking to their promises.
On the internet, it's either: Public for anyone in the whole world, or impossible to recover if anything goes wrong.
In hindsight, looking harder for the key would probably have been fruitful.
Maybe the NSA would be willing to brute force the infinite variations from that starting seed, but it is still effectively locked for mortals.
I used to keep a password card in my wallet and had a pattern I would use.
To clarify the hashing was to verify that the pages were indeed modified by me, to prevent tempering.
Damn, found it back, was in 2011!
in English https://fabien.benetou.fr/Slideshows/MemoryLoss
in French https://fabien.benetou.fr/Slideshows/MemoryLossPES
https://michael-solomon.net/keybearer
https://github.com/msolomon/keybearer
my zip bundles are 1-2 megabytes due to all the wasm, and you achieved this on so little. impressive job!
I'd love to hear what you think about mine, one of the differences is that it creates a ZIP file containing the recovery app in it, as well as a PDF with instructions for non-technical friends. Overall trying to make the recovery experience as smooth as possible.
but cheers, your version is the only one that I found that does basically what mine does, all the others fall short one way or another!
[0] https://web.archive.org/web/20230610235249/http://bash.org/?...
also RIP bash.org found out thru you :(
You can discard/modify part of a password before sending it to your backend. Then, when you log in the server has to brute force the missing part.
One could extend this with security questions like how many children pets and cars you own. What color was your car in 2024. Use that data to aid brute forcing.
The goal would be to be able to decrypt with fewer than 5 shards but make it as computation heavy as you like. If no one remembers the pink car it will take x hours longer.
The security questions are like extra shares of lower value.
My mental model is something like burying the password in your 100x100 yard. You give one friend the X and a different friend the Y coordinates both rounded down to a multiple of 10 meters. The security questions can be added to the X and Y coordinates.
X = 30 + 2 + 3 + 1
Y = ?? + 3 + 5 + 1
You only have to dig 9 holes now.
If you are to hand out files maybe it is wonderful to write them a letter that serves as their shard? They might actually store it some place safe and it wouldn't scream I'M A SECRET!
https://crypto.stackexchange.com/questions/20578/definition-...
https://bitwarden.com/help/emergency-access/
Would also cover banking details or whatever else you want to put in there.
While the motivation is similar this basically kills the feature. It requires that your friends not only use but continue to maintain their accounts.
From my understanding of OP's implementation, being completely offline they can basically just keep the key on a USB or file store of any kind.
Personally I think the most robust solution is single key access (a la emergency kit), distributed in one or more secure bank vaults for redundancy (many still do offer these for free or cheaply for small boxes). Put instructions in your (living) will and done.
I wonder who would not only have the passwords, but the know-how to manage the whole thing, at least to transition it to more managed services...
If you want someone to be able to access it after you’re gone, either put 1000 BTC in it or leave instructions. Paper instructions in a physical fireproof safe is way easier to deal with than any digital encryption with no hints.
You need to give people "a map" of where things are: https://github.com/eljojo/rememory/blob/main/internal/projec...
https://www.folklore.org/I_Still_Remember_Regions.html
Somewhat tongue-in-cheek, but if I lose my memory, how am I supposed to remember the 7 (or 5) friends who have my password...?
Somewhat less tongue-in-cheek, if you really wanted to be serious about your friends not being able to produce your password now for the lolz, then you'd actually want to ensure they were merely acquaintances who didn't know each other and couldn't find each other, e.g. not all Facebook friends. In which case the list of friends becomes essentially as important as the password, and then how do you remember where you've stored that list?
In reality, hopefully you can just entrust your master password with your closest family (spouse, parent, adult children), assuming they're not going to drain your bank account or read your private digital journal.
The bigger issue if I drop dead is all the nontrivial tech crap I have set up (self hosted Vaultwarden included…).
(If you have a trusted third party, you can also enforce a cooling off period: e.g. that any attempt to access results in a notification to the account holder that if not denied within some time period, access is granted)
Shameless plug: I wrote a project a few years ago to create PDF-based backups with sharded keys which would do exactly what I suspect you want[2], unfortunately I got stuck at the "make a nice UI for it" stage (everything works but it's just a CLI tool at the moment). I guess I should take a look at using an LLM for that these days... (I used this to store my password manager root password and necessary keys to pull and decrypt the encrypted backups of my server.)
[1]: https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing [2]: https://github.com/cyphar/paperback/
Shamir's secret sharing scheme does not allow anyone to bruteforce it, no matter if they have 99 out of the 100 required pieces that unlock a 10-character password. If you want to do this sort of thing, I would recommend using a secret sharing scheme instead
If you want to share your password with M family members such that you only need N to agree to recover the original:
Split your password into ordered chunks.
Make a polynomial p, of power N where the p(1) = chunk1, p(2) = chunk2, ...
Evaluate the polynomial at M other points: p(N+1),p(N+2)...
Gives those M new points to your family along with their index (+1,+2,...).
If less than N family members get together, they will not be able to figure out the password much better than guessing. If N get together, they can interpolate their points to form the unique polynomial which will match p. Then evaluate p at p(1),p(2),... to get your original password.
If you put the whole password into 1 chunk, and pad the polynomial with random extra coefficients or points to make the polynomial of sufficient degree, then they get literally no information on the password without having at least N cooperate. If you make multiple chunks then they can do a little correlation between the chunks without knowing the whole thing.
This is sufficiently simple you can even work this out by hand without a computer, though it would be somewhat tedious.
This is obviously more cumbersome, and probably costly, if you intend on changing your password. I guess you could change the part of it you don’t store with them.
However, there is still the issue of the service provider going offline or out of business which we don't have a solution for yet.
We have started with a good password manager and will be adding digital inheritance/social recovery soon! [0]
Take a look, thoughts and feedback welcome.
[0]: https://saveoursecrets.com
for the time lock mechanism, how do you go about it? I'm interested in exploring using drand time lock, but that also relies on the service continuing to run (which is admittedly very likely) https://github.com/drand/tlock
[1]: https://github.com/cyphar/paperback
Thankfully my very long password I use for an encrypted Borgbackup I have was somewhere deep or untouched, but, otherwise I would have been fucked. Also, the backup codes Google told me they would always accept failed and it wasn't until I found a random unused Android device in a drawer that had been unused for a year was I able to get access back to my Google account of ~25 years.
Still, it's weird that Google doesn't accept a recovery code. Then again, I had a similar issue where I had nothing set up but a recovery email address and password (back when 2FA was rare), and after confirming both, Google said "well, we still think it's suspicious, why don't you use a device where you're already logged in" (my account had no active sessions that I knew of, besides that I was traveling). Luckily I didn't need it for anything as I had my email moved away already at that time. I still can't access that account today and I switched to throwaway accounts for things like youtube comments or app downloads from the play store (need to download that government authentication software somehow...)
Did Google specifically reject the recovery code as invalid, or did it accept all entries and then their algorithm rejected the login outright?
Security aspects of software should just work properly. Google should test this and, imo, people should make backups of data they care about. Google might ban you for any reason, no matter if the recovery drill worked 2 hours ago it might not work anymore now. Seems like a fool's errand to keep chasing it instead of making routine (or automated) backups of data when you update it
this exact story is why i built my app, thank you so much for sharing.
my hope is to basically make a next version of your plan that's distributed among friends.
Also, kudos for packaging it as a static web app. That's the one platform I'm willing to bet will still function in 10 years.
https://support.apple.com/guide/iphone/share-passwords-iphe6...
https://support.apple.com/guide/icloud/share-files-and-folde...
This is the sort of stuff that terrifies me https://hey.paris/posts/appleid/
Consider whether you really need this.
Doing 7-choose-5 separate multiparty encryptions is way harder to screw up. Is having to produce 42 ciphertexts really a dealbreaker?
Edit: wait, sticky notes maybe? I thought they were a tape company (I'm not sure they're active in my country) but it just occurred to me that maybe they sell other office supplies as well
Tell someone you trust about where you left these pieces of paper.
I'm trying to think of how this survives friends (who come and go in your life) having to coordinate. Then again, some people really did have PGP key signing parties...
(At home of course, people get pissy if you do this at work!)
I would be in an impaired state, and cannot function in way that would be conducive to either work or pleasure in terms of computer use.
That is to say, the entire reason why I have password security at all is to keep out people who do not know the password. If someone does not know the password, they should not be able to access the system. That obviously and clearly applies to myself as much as any other person. "If you do not know it, then you do not need it."
The important thing is to ensuring your computer is not a single point of failure. Instead of losing a password, you could have theft, flood, fire, etc. Or for online accounts, you are one vendor move away from losing things. None of these should be precious and impossible to replace. I've been on the other side of this, and I think the better flow is to terminate or transfer accounts, and wipe and recycle personal devices.
A better use of your time is to set up a disaster-recovery plan you can write down and share with people you trust. Distribute copies of important data to make a resilient archive. This could include confidential records, but shouldn't really need to include authentication "secrets".
Don't expect others to "impersonate" you. Delegate them proper access via technical and/or legal methods, as appropriate. Get some basic legal advice and put your affairs in order. Write down instructions for your wishes and the "treasure map" to help your survivors or caregivers figure out how to use the properly delegated authority.
https://en.wikipedia.org/wiki/Dead_man's_switch
They are an important feature in autonomous systems, critical equipment, and deterrents. =3
One practical problem to consider is the risk of those distributed bundles all ending up on one or two major cloud provider's infra because your friends happened to store them someplace that got scooped up by OneDrive, GDrive, etc. Then instead of the assumed <threshold> friends being required for recovery, your posture is subtley degraded to some smaller number of hacked cloud providers.
Someone using your tool can obviously mitigate by distributing on fixed media like USB keys (possibly multiple keys to each individual as consumer-grade units are notorious for becoming corrupted or failing after a time) along with custodial instructions. Some thought into longevity is helpful here - eg. rotating media out over the years as technology migrates (when USB drives become the new floppy disks) and testing new browsers still load up and correctly run your tool (WASM is still relatively new).
Some protocol for confirming from time to time that your friends haven't lost their shares is also prudent. I always advise any disaster recovery plan that doesn't include semi-regular drills isn't a plan it's just hope. There's a reason militaries, first responders, disaster response agencies, etc. are always doing drills.
I once designed something like this using sealed paper cards in identified sequence - think something like the nuclear codes you see in movies. Annually you call each custodian and get them to break open the next one and read out the code, which attests their share hasn't been lost or damaged. The routine also keeps them tuned in so they don't just stuff your stuff in an attic and forget about it, unable to find their piece when the time comes. In this context, it also happens to be a great way to dedicate some time once a year to catch up (eg. take the opportunity to really focus on your friend in an intentioned way, ask about what's going on in their life, etc).
The rest of my comments are overkill but maybe fun to discuss from an academic perspective.
Another edge case risk is of a flawed Shamir implementation. i.e. Some years from now, a bug or exploit is discovered affecting the library you're using to provide that algorithm. More sophisticated users who want to mitigate against that risk can further silo their sensitive info - eg. only include a master password and instructions in the Shamir-protected content. Put the data those gain access to somewhere else (obviously with redundancy) protected by different safeguards. Comes at the cost of added complexity (both for maintenance and recovery).
Auditing to detect collusion is also something to think about in schemes like these (eg. somehow watermark the decrypted output to indicate which friends' shares were utilized for a particular recovery - but probably only useful if the watermarked stuff is likely to be conveyed outside the group of colluders). And timelocks to make wrench attacks less practical (likely requires some external process).
Finally, who conducted your Security Audit? It looks to me as if someone internal (possibly with the help of AI?) basically put together a bunch of checks you can run on the source code using command line tools. There's definitely a ton of benefit to that (often the individuals closest to a system are best positioned to find weaknesses if given the time to do so) and it's nice that the commands are constructed in a way other developers are likely to understand if they want to perform their own review. But might be a little misleading to call it an "audit", a term typically taken to mean some outside professional agency is conducting an independent and thorough review and formally signing off on their findings.
Also those audit steps look pretty Linux-centric (eg. Verify Share Permissions / 0600, symlink handling). Is it intended development only take place on that platform?
Again, thanks for sharing and best of luck with your project!