If you died today, would someone you trust be able to access your accounts tomorrow to take care of bills, inheritance, finances, and more?
Older adults can forget how much of their financial (and often, social) life depends on the internet. After all, when their parents died, all they had to do was visit the local bank to take the will out of the safe deposit box, divvy up assets, go forward with a funeral and wrap up the estate. Today’s world is vastly different: if no one knows your passwords, settling your estate will be a nightmare.
Why Share Your Passwords?
Nowadays, one person might use an online-only bank for savings, a local bank to handle cash, and a credit union for its great rates on certificates of deposit. Bills may automatically debit several different accounts, and five or ten credit cards could be racking up points on everything from airlines to groceries. Venmo may pay friends, while the PayPal account could hold a refund from an online purchase. A digital wallet can be sitting on thousands of dollars in digital currency, while stocks and bonds are held in a variety of account types at a brokerage. And that’s just financial institutions.
You can imagine how stressed and resentful your executor will be if you fail to give him or her the key to handle your affairs: your passwords. First and foremost, never succumb to the temptation to use a single password, or two or three, for all your online accounts. If your 2013 email gets hacked and the code was stored in unencrypted cleartext, thieves have your password. To check if your email is listed as breeched, go to Have I Been Pwned.
Making a List
One way to handle the password problem is to make a list and send it (but never by email!) to your executor or attorney for safekeeping. If you are most comfortable writing out passwords to each of your accounts, that’s perfectly fine. You can also make a spreadsheet or put them on a Word doc, then print it out and send via snail mail. However, you’ll have to update the list as you add new apps and update passwords if they expire.
It’s a good idea to store this list by your will and other sensitive documents. Make sure someone knows where these are. You may have known someone who died unexpectedly, only to leave relatives searching for days to try and find the will. One way to avoid this unfortunate circumstance is to leave these documents with an attorney or financial advisor, letting several trusted contacts know who this person is and how to get in touch.
Password Managers
There are basically three types of password manager: Apple’s iCloud Keychain, hosted password managers, and those that are self-managed. We will concentrate on the first two, which are the most commonly used.
All password managers will automatically suggest password combinations that are random and difficult to compromise. They also allow you to fill in the password of your choice, and they don’t care how long you make it. You may feel more comfortable writing down the password to your brokerage accounts, for example, than having it be random. Having longer, more difficult passwords, different for every account, is the first step in online security.
Apple’s iCloud Keychain
If you use the Safari browser on an Apple computer, you are in luck. Known for privacy and security, Apple doesn’t disappoint on their free iCloud service dubbed Keychain. It automatically stores the user’s account names and passwords, credit card information, and Wi-Fi network passwords across all trusted devices, including your iPhone.
Give a trusted person the password to your Mac and he or she will be able to access all your accounts on your computer, simply by using Safari and clicking in the user and/or password boxes at any site you use. Banking, social media, brokerages, utilities and more can be accessed this way.
But is it really safe? As safe as using a hosted password manager? The answer is yes. The data is wrapped in layers of security and stays protected even if your iCloud account is hacked, either by an external attack or if a third party managed to access user accounts. In fact, Apple can’t even read your data — so use Keychain with confidence. See more information on Keychain encryption methods. Another great feature of Keychain is that it can sync with new Apple devices, such as an iPhone, iPad, or Apple Watch.
Hosted Password Managers
You can buy a service that will hold your passwords and make it relatively simple for an executor to gain access. 1Password has users create an emergency kit that enables someone else to log into your account. You can print it out or put it on a USB drive and tuck it somewhere safe and known to loved ones to access after your death. Keeper and Dashlane prompt you to set up an emergency contact within the app which grants the contact access after a certain waiting period if you don’t respond.
Check out some of the best password managers. You’ll note that one, the open source Bitwarden, is available for free. If you’re unhappy with the first service you choose, don’t worry. Most password managers will allow you to export saved data or import it from competitors, so switching is possible.
Self-Managed Password Managers
Self-managed password managers include the popular KeePass. Great for techies who will thrive on keeping their own database safe and synced between devices, the hitch can be emergency access. You may want to build it in to your system, but make sure your trusted contact can identify how to access your database file and decrypt it. It has to work for you in your lifetime, AND be available to someone else when you’re no longer here.
The bottom line is that we all need to use a password manager to secure our accounts, and we need to be able to pass on access for the day when we are gone. Pick one, set up your accounts, and sleep better knowing that you are protected now and in the future.
Sources:
Blog posting provided by Society of Certified Senior Advisors