Digital legacy
Posted on Dec 18 - 2021
Manage your digital life

There’re topics that many ignore or decide not to address. Among these is digital legacy.

What happens to all your data such as photos, videos, messages, emails, passwords, and many more if, one day, we can no longer access it. If we have important documents, bank accounts, essential information and we have no strategy to make them available to relatives, friends, companions, and trusted people.

Based on these considerations, below are some tips on how to make all your data recoverable to trusted people or those in charge.

 

 

Index

 

 

Password

They represent most of the essential information to be able to access everything we do on the internet. Whether they are passwords for social media, forums, e-commerce, or banking sites.
The best strategy is to use a password manager. I’ve already written something about it. Having passwords written on paper, post-its, or even worse how to remember them by heart will only make it more difficult for future people to recover.

By “future people” we refer to those people you trust and are convinced that it’s right and useful to leave your information.

If you aren’t yet using a password manager, a good alternative can be Bitwarden.

Despite I criticized some choices, Bitwarden represents the best compromise between durability over time and the simplicity of safely recovering data.
Being a completely open-source project, even if it should be discontinued in the future, it’s possible to rebuild it locally and try to recover the information you need.

Furthermore, Bitwarden facilitates any digital legacy process through the Emergency Access feature.

Betwarden web screen. It is selected in the bar at the top “settings” and in the screen that appears “Emergency Access” is selected. The screen obtained explains Betwarden’s emergency access functionality. This option can only be enabled if you are premium users.

Basically, you can delegate the role of emergency contact whoever you want. If you can no longer access the password manager, an emergency contact can apply to access your data in the password manager. This access does not happen immediately, but only after a certain number of days that you have established. For example, suppose you have chosen Toriel Dreemurr as your emergency contact and set up password access after 30 days. If I can no longer access my data then Toriel can send a request to get all the data stored in the password manager, but he has to wait 30 days after he makes the request.

This mode guarantees the best choice between safety and reliability. The whole process is illustrated in detail on the Bitwarden website.
Furthermore, using a password manager not only saves passwords, but we can also save important documents and notes, making it even easier for future people to access this information.

 

 

2FA

Defined as Two-factor authentication, it represents an additional authentication method after the classic password. What we focus on in this case is the 2FA of the OTP type (one-time password). The OTP is a set of numbers that change every few seconds.

If we trust all of our passwords, we will have to do the same with two-factor authentication.

If you use a password manager, the problem is solved simply because most of the managers offer to save OTP codes as well. This way future people will have all the information they need to access.
However, a security problem arises: if I store the username, password, and two-factor authentication in one place like a password manager, I am making it unnecessary to have an OTP. That is, I have in a single device (for example my mobile phone) all the information to access any service on the internet that I have stored. Instead, I would have to store the login credentials on the password manager while the OTP codes I store them in another application dividing the information. In this way, if an attacker somehow accesses my password manager, not having the OTP codes, he will not be able to access anything.

This speech is correct but not entirely correct. Here there is an article by 1Password that explains how actually dividing password and OTP into two different applications but present on the same device is useless for security purposes.

In case you decide not to store the OTP information on your password manager, there are alternatives such as:

  1. Use an external application such as:


The first two are completely open-source, the third has the plus that it has the Apple Watch app. If you want to keep the OTP separate from the password manager there are a lot of alternative applications that store the codes. In this case, it must be taken into account that the person to whom this information is to be allocated can access the smartphone and the application.

  1. Use a hardware authentication device such as:


In this case, it is necessary to consider how to manage the future physical access of the key. In addition, it may be useful to consider a backup of the key (so buy two instead of one) and to check compatibility with your password manager.

 

 

Email

Also in this case, if you use a password manager, all emails are stored inside it. Otherwise, despite supporting email providers who aim to offer a service in respect of privacy, such as Protonmail or Tutanota, the speech of digital legacy can be useful a feature offered by Google with Gmail.
Gmail offers several options to handle if the email is inactive.

Google Gmail Web screen. The screen has the title “Inactive Account Manager”. Explain the operation and a “start” button allows the user to start the process of managing his account if it becomes inactive.

In practice, it can be established that if after a certain time (for example a month) you no longer access your email, automatic action is performed such as sending an email to contacts of your choice. This way you can write an email containing all the information to access your email account, password manager, or any other information you want to share with trusted people.

A good strategy is to set up multiple trusted forwarding contacts and not just one. This is because, over time, it is possible that one of the chosen contacts changes email, deletes it, is no longer able to access it, or otherwise; thus losing the ability to recover all your data.

 

 

Media and documents

Photos, videos, and documents represent most of the important memories you want to bequeath. In this case, we have two stages:

  • Local

    Store this information on external media (possibly encrypted) and put it in a safe place. The safe place does not mean simply leaving the disc at home under the bed but valuing safer options such as a bank safe or a fireproof safe.
    The problem with this strategy, however, is that you have to keep the disk updated every so often and the saved information cannot be accessed everywhere.

  • Cloud

    It solves the problems related to the accessibility and updating of physical disks as thanks to the cloud everything we want to keep is automatically synchronized on the network and available on any other enabled device.
    Like the local strategy, the Cloud strategy can also present problems such as the payment of the storage space, any disservices of the company that provides the cloud infrastructure or servers, not to mention the privacy of the data we upload.

In this case, rather than prefer one or the other path, it is good to consider the contemporaneity of both. For example, you can choose to save part of the information locally and others in the cloud or, stronger, to have identical copies both in the cloud and locally.


Here, too, the choice of Cloud service is varied. But if you already have an email provided by Google then you can take advantage of the whole suite that includes drives and photos to make it easier to recover information rather than divide your data across multiple services.

 

 

My strategy

Based on these tips I have structured my digital inheritance management using:

  • Password manager

  • iCloud


The first one stores the login information, 2FA, documents, and more that I want to leave to future people. To access the manager I set up both an automatic email via Gmail and a printed sheet containing all the information to access.
With iCloud, however, I make all other information such as contacts, photos, videos, and more recoverable. The management of this data was introduced with iOS 15.2 and allows intended people to access your data on iCloud.

iOS 15.2 allows the management of hereditary contacts. They are shown three steps to set up an heir contact. The first screen explains what it is and how it works, the second allows the choice of contact, and the third confirmation that the chosen contact is set as a contact for the iCloud account.

With this strategy, using only a password manager and the Apple cloud, I solve all information inheritance management problems.
We must always keep in mind the worst possible scenario where the cloud is no longer accessible. Catastrophic situations like these can be solved by keeping a local backup copy of the data, for example, on an encrypted external drive.

Prev
Next

Let's connect

hello@simonemargio.im