Have you covered passwords in your estate plan?

The issue of “digital assets” has shown up again in the media, this time in the form of a blog entry at the Wall Street Journal. The question is very simple, yet often overlooked: When you die, how will your survivors get your password(s)? While some people worry about Facebook passwords, there is a more important concern: electronic bills.

It used to be that when someone passed away, survivors would know about outstanding bills based on what shows up in the good ol’ U.S. Mail. Today, however, many people receive their utility bills, credit card bills, and other bills via email. Most often, those email messages say “Your new bill is ready. Click here to review it and pay it.” After clicking on the link, the viewer has to log in to access the information. While we are alive, we can easily do this (especially if you use a password “wallet” like 1Password or LastPass). But after we shuffle off this mortal coil, it’s not so easy for those who survive us.

There are all sorts of basic pieces of information that your survivors will need. Account names and passwords are obvious ones, but don’t forget things like safe combinations or the location of the key to the safe deposit box (and which branch holds the box). All of this information should be collected together in one place. In addition, your survivors should know where to find it when it’s needed. (Your death may not be the event that triggers the need for this information: if you are in a coma after an accident and don’t come out of it for a few months, you’d like to know your credit rating hasn’t fallen through the floor because no one could pay your bills.)

Using a service like 1Password or LastPass makes it easy to ensure your information is accessible when you are not. (There are undoubtedly other services or applications like these in the market, but I am most familiar with these two options.) All you need to do is make sure that your survivor or appointed power of attorney (properly known as an attorney-in-fact) has the master password. Let’s walk through how this might be set up.

Both 1Password and LastPass track your online login names and passwords, as well as items like credit card numbers and other information you’d like to keep secure. The primary difference between the two is that 1Password is an app that lives on your computer (and smart phone, if you wish), and LastPass is web-based. This may be significant: if you use LastPass, your representative can access your information from anywhere (which may be convenient), but it also creates a hypothetical hole in your security. If you can completely trust your representative, it’s not an issue. But if your representative might be turned because of his or her own debts or other problems, then a web-based system could pose a problem. A computer-based app means that your representative has to have access to your computer. On the other hand, if your computer is lost or stolen…

Let’s get back to how these two services work. Both of them use web browser plugins to let you enter account names and passwords after you have unlocked the service with a master password. You can go to a web site to pay a bill, use your master password, and then just click on a button to enter the username and password. (This feature makes it very easy to use longer, random gibberish passwords for your online accounts—which you should be doing anyway.) As mentioned, both services also let you put information into secure notes, so you can store your kids’ Social Security numbers and other data. All you really need to remember is the master password (and to update the database whenever you change an online password—there’s nothing more useless than an old password). Similarly, all you need to give to your representative is a single master password.

If you’re like me, you may have some discomfort in giving out your master password to someone. I am fine with giving it to my wife, but anyone else not so much. It’s not that I don’t trust people, it’s just that I prefer to use good security practices at all times. Fortunately, there’s an easy solution to this issue as well: give one-half of your master password to one person in a sealed envelope and give the other half of the master password to another person in a sealed envelope. If disaster strikes and the master password is needed, the two people just need to touch base, open up their envelopes, and then the master password is assembled.

The other option, which is slightly less cloak-and-dagger, is to put your master password in a sealed envelope in a specific location—and tell your representative where it is. A desk drawer at home can be a good location—although if your house burns down you will quickly realize that a second backup location is a good idea.

Of course, good security practices means that you change your master password (and other passwords) every six months. So long as you remember to put the new master password in the envelope(s), you will be set. Remember: an outdated master password is useless to your representative.

If this seems like a lot of work, it is—at least at the start. The thing to remember is that when disaster has struck, your survivors or representatives will at least be able to say “thank goodness she planned for this.” Your loved ones will have enough stress at that time, and they will appreciate it if you have taken care of this important matter for them.


One thought on “Have you covered passwords in your estate plan?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s