On Sun, Jul 20, 2014 at 02:31:40PM +0100, Adam Spiers wrote:
> On Sun, Jul 20, 2014 at 02:17:10PM +0100, Iain R. Learmonth wrote:
> > On Sun, Jul 20, 2014 at 02:03:20PM +0100, Adam Spiers wrote:
> > > How do you ensure that your online data is handled correctly if you die?
> >
> > Encrypt a text file containing all passwords and instructions using GPG
> > symmetric encryption with the key derived from a passphrase. This encrypted
> > file can be left on a webserver safely.
> >
> > Encode the passphrase using ssss[1] and then share the parts around people
> > you trust. Instruct these people to never all travel in the same car
> > together.
> >
> > When you die, one of them has to be technically competent enough to
> > reconstruct the original passphrase from the parts and then decrypt the
> > instructions and the passphrase.
> >
> > The nice thing about this method is that you can keep updating the encrypted
> > file without needing to contact all the people every time.
> >
> > Iain.
> >
> > [1]: http://point-at-infinity.org/ssss/
>
> Awesome answer, thanks! Exactly the kind of thing I was looking for -
> I knew this list would produce something good :)
With a few minutes more consideration, it occurs to me that the
mechanism for sharing the encrypted file would need to be made a
little more resilient than "stick it on a webserver". For example any
number of things could go wrong with the webserver, and if the
deceased was the only one with access to the information required to
recover data from it (hosting account details, root password etc.)
then the information could become unrecoverable. However,
distributing it to multiple places with disparate geographical
locations and access methods should take care of that.
