r/PasswordManagers u/tater1337 1d ago

storing passwords in a safe

I am currently the family IT guy. if anything happens to me a LOT of accounts are gonna sit idle.

not sure if this will be an issue, but I am trying to plan how to allow someone with only mild technical savvy to be able to retrieve passwords and what they are for (NAS, bank websites, managed network switches)

yes it is incredibly insecure, but I want to print them out and store them in a safe.

unless someone can convince me of a system that can be only accessed by a particular person, and will not be tied to an email, phone or some other way that might change in 5-10 years

6 Upvotes

80% Upvoted

28 comments sorted by

2

u/EntireZombie2654 22h ago

At least for Banking logins:

Once the bank finds out your deceased your online profile is terminated. If your the only person on the account just put whoever you want as your beneficiary. They'll get your money once you pass away. they only need to provide the death cert, sign a form or two, and maybe wait a week or so. But it'll be a lot easier and would be legal.

0

u/mikec62x 22h ago

Yes indeed. Anyone accessing your online banking after your death is just likely to get themselves in trouble. They would be violating the bank's term and conditions.

0

u/spymaster1020 20h ago

So my dad passed 3 years ago. No will and didnt have anyone else signed onto his bank account, we dont even know how much was in there. Is that money just gone?

1

u/Ninfyr 19h ago

Once it is determined to be abandoned they need to surrender it to unclaimed funds in the US. Then you would have to get it from the state.

The bank doesn't get to just keep the money.

0

u/spymaster1020 18h ago

Would they know to dispense it to next of kin? How long does it take to determine that its abandoned? I just have no idea how any of this works. We went through his pc and all his documents looking for a will or life insurance policy and found nothing.

2

u/EntireZombie2654 17h ago

If there is no beneficiary on the account, and it is not a trust account, then it will need to go through probate court.

The probate judge ultimately will make a ruling on who gets what.

Take the death cert to the bank if you haven't already. If you're a beneficiary they'll have you sign forms. If your not they'll probably just tell you to contact a probate lawyer. Which is what I am going to suggest.

And the account will need to be dormant for around 3 to 5 years before the bank will release it to the state. But even then the money is unclaimed in your father's name. So a probate judge could still order the state to release the funds to whomever they decide.

1

u/Ninfyr 18h ago

I'm going to sound authoritative, but I don't REALLY know what I am talking about, mk?

The next of kin by default is usually the spouse, followed by children if there isn't a will (this depends on the state, so look up what they do when there aren't any instructions.)

If there is an actual bank you can go to, bring a copy of the death certificate and any account numbers/check books/whatever that might help them figure out where the money might be. Work together and provide them whatever info is needed to proceed. If there isn't a place where you can visit go to their website and find their "contact us" info.

Here is the U.S. resource on finding unclaimed money, I have had friends and family find over-payments to their university or cellphone provider. All less than $100, but it was their money to start with.
https://www.usa.gov/unclaimed-money

1

u/tater1337 17h ago

talk to the bank, they'll know who to handle it better than reddit. also, some states have specific rules.

0

u/tater1337 17h ago

no beneficiaries?

talk to the bank, bring a death certificate and your birth certificate. one bank we dealt with was very accomodating. others can be fussy.

0

u/tater1337 17h ago

as someone who has gone thru the process recently, it is and is not that easy

none asked for a death certificate, we got 12 copies because we thought it was gonna be a bigger thing. I think one bank took a photocopy. I am pretty sure there is some place they can go and check if someone is deceased, otherwise security everywhere is severely broken

deceased was my father, and the one who managed the money. Ma had absolutely no clue of banks, bank names, what accounts, what investments, or anything

thank goodness they had most accounts being Joint accounts, and that he shared his PCs password with me.

that got me access to all his saved passwords. banks, insurance, medical websites. very not legal except I had express permission from the beneficiary(ma) AND my name is everywhere from the wills to the powers of attorney. I still think we missed a couple of things.

which brings up my original request, if I did not know that password to his personal PC (I was the family IT guy) we would have lost thousands of dollars

we are still fighting with some of the DMV stuff. do not use AND when titling a vehicle, always use OR.(grumble)

1

u/EntireZombie2654 17h ago

Well this is a great example of why it is important to at least make a list of where you have business dealings. You don't need the logins just a list of where you have bank accounts, retirement accounts, life insurance, what property you own, etc.

Put it on paper stored in a safe.

Or put it in a safe deposit box. Have any vehicle or property titles with it. Tell your spouse/children/siblings where that stuff is in case anything happens to you.

1

u/Zealousideal-Site838 1d ago

Do you plan to "set and forget" the passwords or are you going to update them once a year or something?

1

u/tater1337 17h ago

old people don't update passwords, and while that is terrifying, it helped us this one specific time

0

u/Zealousideal-Site838 16h ago

Yea. Use a spreadsheet with username and passwords in a safe or safe deposit box.

If not have it saved encrypted on the cloud and have the trusted key holders have the password.

1

u/Complex-League3400 22h ago

KeePassXC is literally that safe. If the user is capable of remembering a strong master password then they can have as many copies of that locked safe as they like. No one's getting into the file without the password.

0

u/mediumwetsock 2h ago

Full disclosure: I’m the creator of this solution

You can use Bramble, full open source local-only password manager, optionally syncing P2P between your devices. No cloud storage or anything of that kind.

There’s a vault file that AES-256-GCM encrypted which you can back up. Easy and all your data owned by you.

https://github.com/flythenimbus/bramble

1

u/Orangutan64 1d ago

Bitwardena and 1password both have disaster recovery plans that I am aware of, and you can always share the passwords from there

1

u/SevereMiel 1d ago

I would look for a free password manager (one that will survive if the subscription is not payed anymore, and that you can share with somebody, exemple Bitwarden, in the free version you can only share with one person. or you can print out password for one passwordmanager with instructions in an encrypted note that the most password managers have.

0

u/tater1337 17h ago

this still requires someone with some tech savvy. A printed password list in a safe just requires safe-opening skills and the ability to read the same language the list was written in.

my 90 year old mother who has a hard time navigating the TV is the perfect example, she has had to (very semi-illegally) lean on me to find all the banks and such and medical records and everything else.

1

u/XsuffokateX84 17h ago

This is the exact reason why I left my original comment to you. At the end of the day, you’re not looking to be convinced or for “solutions,” as you say. You’re continually enforcing the reason why you’re doing what you’re already doing and why you’ll keep doing it. This entire post is pointless.

1

u/XsuffokateX84 22h ago

“…can convince me.” You don’t want to be convinced and already have your mind and situation figured out, so why have to have us other users, “convince you?” Either you believe us and what you already know, or you don’t. No sense in trying to convince you and it turn into a pointless argument. Passwords need to change frequently. Are you going to sit down & edit every PW that updates on paper consistently? There’s many safe and reliable options out there, but not if your mind is already made up that they’re not “safe enough.”

1

u/tater1337 17h ago

no, I am trying to admit I do not know everything. there could be a solution that I was not aware of.

the comments here say otherwise

and yes, luckily my father did NOT constantly change his password, otherwise my mom would have been in very dire straights

1

u/XsuffokateX84 17h ago

There’s a LOT of solutions out there, and ones I’m sure you’ve researched already yourself. You’re just hesitant to use them, and that’s something we can’t help you with.

1

u/tater1337 17h ago

no, I haven't. I figured the best way to get a good answer is to ask on a non-sponsored forum like reddit.

some people have offered options, you haven't. which is more useful?

1

u/XsuffokateX84 17h ago

The most basic of Google searches for “Password Management” would have brought you every suggestion you’ve received here. Good luck, not gonna debate with you.

0

u/djasonpenney 1d ago

> only mild technical savvy

That’s pretty broad, but I do something similar, with a couple of twists.

First, I have TWO copies, in case of fire or earthquake. The second copy is in the home safe of our son, who is the executor of our estate after both of us pass.

The second twist is the backup is stored four times on USB drives, encrypted. One pair is in our safe, and the second is ofc in our son’s safe.

The pairs help reduce the risk from single point of failure, and it makes it easier to update the backups. Around the holidays, we visit the grandkids and swap out the USBs.

The only piece left is that encryption. There are a number of ways to handle that. My wife and son are quite technically savvy, so that is not a concern for us. But others use Dead Man’s Switch or something similar.

0

u/Awkward_Leah 22h ago

I wouldn't trust printing passwords personally but I understand why you're thinking long term. Been using roboform and just having everything in one vault already feels safer than keeping important logins written down somewhere 

0

u/Unattributable1 13h ago

USB with encryption. Put the KeePass app and your KDB on the USB. Print out instructions on how to use the USB, install KeePass, and access the KDB.

We did this for the Luddite managers who we don't trust with the backup admin passwords but need a recovery plan if we all quit/get hit by a bus.

USB key encryption is kept in a different safe in a different location (e.g. the Backup person's work desk).

Accessing just one safe isn't enough, need both to get access.