First, I’m so glad this turned out to be hypothetical, and you didn’t have to suffer through such a catastrophic loss. Second, if you had actually suffered such a loss, your digital life would hopefully be the last thing on your mind, and you’d just be glad to have your life and your family - the only real things that matter in this world.
That said, planning a strategy for offsite data storage or a secondary authenticator is of course wise. A safety deposit box or other offsite location that you can frequently refresh and keep up to date would be a good investment. If you’re worried about keeping a master key to your life in a single place, you could separate your data and your authenticator. The how likely depends on your threat model, several people on this site may find it insufficient. To whatever degree you obfuscate or complicate your recovery path, you also increase the risk of losing access to it yourself.
You might also consider it’s not necessarily the “thing you have” that might go MIA, but due to physical injury, age, or just forgetfulness, the “thing you know” could also be at risk. I realize this the older I get. Finding a secure way to store a master password in the event you cannot recall it, or perhaps in the event of your death, is something you may also consider. In this case, I would avoid a cipher or something else you’re likely to forget.
Can't agree more with the last paragraph. Not too long ago, due to my keyboard breaking, I was forced to type my password manager's master password on an unfamiliar keyboard with an unfamiliar layout, and I just blanked. I type it frequently enough on my phone, so I tried typing it there too, but probably due to a combination of mild distress and actively trying to think about what I was typing I couldn't do it there either. I eventually decided to try again later and later that day I managed to type it correctly.
Rest assured, this situation probably sounds as bizarre as it felt. Randomly forgetting something I type every day isn't something I had considered a possibility until then. Maybe a password without as many non-alphanumeric characters would've aided in avoiding this situation, but I get the feeling it could've happened with any muscle-memoried password.
> Second, if you had actually suffered such a loss, your digital life would hopefully be the last thing on your mind
It isn't though. Access to your digital resources is vital to recover from the loss. You need an e-mail address to arrange contractors, you need your contact list to reach out to friends for help, you need access to your bank accounts, your cloud-stored scans of your ID cards, ...
> or perhaps in the event of your death, is something you may also consider.
When my dad died we were glad that he had most of his passwords written down. There are a lot of things like the electric bill that we didn't know if he had paid yet or not, and other bills that are entirely paperless that we have have no idea about. Mom would hate to have something not paid just because we didn't know to pay it. There is a lot of paperwork to get access to accounts after someone dies and that takes time. (dad donated his body to science so that added a couple months before we could even start the paperwork)
Unfortunately there was one account we knew he had (because it showed up in quicken) and an IRA with most of his money, but it took us several months to figure out what bank it was at. Please don't do this to your family: write down all your accounts and their passwords in a safe place that someone trusted will look. (I need to take my own advice)
> the “thing you know” could also be at risk. I realize this the older I get.
Years ago, when I was in university, I had a couple of machines in my room running FreeBSD with full-disk encryption. These machines were powered on for a few months without reboots until one day when the power went out.
Having not typed in the password in months, and at the time using the kind of passwords consisting of long word with a lot of numeric and symbolic substitutions, I was unable to decrypt the disks of my machines.
I lost a fair bit of data that day, but it taught me a valuable lesson.
These days, any passwords that I use for full disk encryption I make sure to
1. Regularly use. Meaning I’ll reboot machines and retype the passwords on a regular basis. Likewise, I connect external encrypted disks on a regular basis and decrypt them with their passwords.
2. Use pass phrases with many words but without any numbers or special characters. See also https://github.com/ctsrc/Pgen
> Second, if you had actually suffered such a loss, your digital life would hopefully be the last thing on your mind
To note, our banking system is well part of our digital life. Europe has already a flurry of “real” banks that have no physical presence, and after a catastrophic loss you’ll need that access to your bank as soon as possible.
A firesafe in a friend or relative's basement is a much better choice. Safety deposit boxes regularly get lost, tossed, or sold and the banks have very little liabilty.
I have a recovery code for my iCloud written down on a piece of paper, in an envelope marked for my wife in case of emergency, in my office at work. There is nothing written on that piece of paper but the code.
It's not perfect security, but it's my security blanket in case my house burns down with my phone in it and I need to rebuild my whole house of cards.
> First, I’m so glad this turned out to be hypothetical
I've only learned about this is hypothetical from your comment (yes, I'm guilty of not reading to the very end). I wish the author conveyed that a little more clearly.
Building on the last paragraph, I keep my root PGP key on an encrypted USB drive. There's several files that are encrypted by the root key, but they're mostly like password manager recovery phrases as well as things like my birth certificate, social security number, and various government IDs I've used. There are two copies of this USB, one travels with me at all times, the other is securely stored and accessed twice a year to ensure it's still performing. Both USB keys have fuses that will blow if opened up. This makes it so that for the rest of my life I will remember one password.
Passwords can also be made more memorable. For instance, because a password manager remembers the rest of my passwords, I made this one what I call a "pattern password". On a US keyboard I could type it in seconds without looking, but it would be too complex to guess.
> Finding a secure way to store a master password in the event you cannot recall it,
Currently my master credentials are on an old USB stick (a Yubikey device that I got in an offer, though I only use it to type the long password as if it were a keyboard) and printed (plain and as a QR to save typing issues) & stored well away from the things they secure. The printed copies have the lot, the USB version requires a prefix which I remember.
This may seem risky (the old on-a-post-it-under-the-keyboard issue) but for my online backing and other key stuff the key risk is my password store which is secured by one of those master keys, and its main risk is someone remote getting access to both the key DB and the passphrase and it is properly air-gap secure against that. Similar for the encryption keys for local storage and off-site backups.
> or perhaps in the event of your death
This is a concern I've not at all addressed in my plans. The basics will be putting details in my will for how things should be accessed, but those details need to be both secure from inappropriate access and easy for th eright people to access when the time comes. Though as I have nothing much to leave to anyone that isn't too big a concern yet…
The halfway point is a bigger matter that I (and many others) really should address: what if I'm incapacitated temporarily or otherwise? Someone may need access to my stuff to sort a great many things while I can't. We've had an issue with this with my mother who due to dementia can't even sign her name, so neither she nor my dad couldn't access an account that was only in her name without a huge rigmarole of paperwork and assessments to sort out power of attorney. We've since got things sorted in advance of further problems (myself and my brothers set up with joint PoA so if something happens to him too we can sort what needs sorting more easily) but I have nothing like that setup for myself for either life stuff or technical stuff (or the things that are both).
I'm in good health as far as I know, but I'm not getting any younger (this year I'm on the cusp of leaving "the low 40s") and I've seen unpleasantly final things happen to people who were similarly good health as far as they knew.
This is also very relevant for family or trusted access. We had a hell of a time after my father had a stroke (recovered now) even though I had access to his computers and KeePass database - he had plenty of things where phone access was needed but nobody knew his unlock pin and it was required to reactivate fingerprint unlock.
It took me about 30 seconds to ask the question: If he's locked out of his digital life, how did he post the story to his blog? From that point on I knew it was hypothetical, but it was still a good read and raises important issues.
I'm a big fan of all lower case phrases as passwords now for this reason. Something like "this is my password there are many like it but this one is mine my password is my best friend it is my life I must master it as I must master my life". Very easy to remember. Very easy to type. Very hard to crack. Cheers.
For my bank from my country of origin that I maintain, I get a battery-powered RSA token. From that I can generate a mobile 2FA token in an app that I can use to log in for day-to-day transaction. If I lose the devices with the 2FA token, I have to pray that that CR2032 is still alive or I lose access to that account until I spend thousands of dollars on international flights (replacing the battery resets the device)
I lost access to my bank account in UK because my token ran out of battery. The only way to fix this is to fly to London and show up in person. This is a pain because I can't even figure out my account balance - and this is something I must report for U.S. taxes.
2FA can be "backed up" by either using a 2FA soft token program that allows for backups, like 2faone or Authy, OR by the services themselves granting backup codes for emergencies. For my threat profile, I have no problem storing my 2FA backup passwords/codes in my master password safe. If that is compromised, I was doomed anyway.
If a service does not allow the use of "generic" TOTP ala Authy or Google Authenticator, AND it does not allow for one time use backup codes, then I do not use 2FA with that service unless required. My main bank forces the use of their own built in 2FA (Symantec VIP on the backend) which pisses me off. My work uses Okta and RSA. Oh well.
One bank I have set up in a new country set me up with their mobile app and that mobile app is the only way to access the bank. They have a web-app, but login to the web app can only be authorized from mobile. At least an existing install can be used to authorize installs on new devices. Got it on 3 devices installed just in case.
It shouldn't. You can just use authy, which allows you to onboard devices using your phone number, and then a password to decrypt the existing entries. If you use 2fa with authy, remember that password, and remember your password Manager's password, something like this scenario won't ruin your life.
I would suggest keeping an eye on the voltage with a meter and when it starts to drop solder on a second battery while you replace the first, the same way people replace game cartridge batteries without losing SRAM saves.
This recently happened to me after my laptop and phone were stolen on vacation. Everything is in 1Password. I of course didn't have the recovery paper with me. I recently changed my iCloud password to be more secure, and luckily I remembered it. But I needed 2FA to log in still.
I had to go to an AT&T store, port my phone number to a different iPhone, restore from an iCloud backup using the SMS 2FA, and then I could finally log into 1Password for my passwords and MFA.
If I didn't have a memorable iCloud password this would have been impossible without the 1Password recovery paper.
Devices are often lost/stolen on vacation where the myriad layers of protection are extremely hard — if not impossible — to penetrate.
This is why some of my most important accounts (iCloud, Google) are passwords that I've forced myself to memorize. I've been stuck in the chicken and egg quagmire before and it really sucks. iCloud is particularly bad especially on the phone because none of the popups have password manager support so you have to manually go look it up, navigate back to whatever prompted for the password, and re-trigger the dialog.
If you (the Royal ‘you’, I’m not having a go at you) have 1Password and you do not have a printed, sealed copy of your recovery steps safely hosted at a best friend or relative’s house then I think you’re bonkers.
It’s so easy. Print it out. Write your password on it. Put it in an envelope and seal it. Give it to someone – suffice to say you trust this person with your life – who doesn’t live next door (otherwise their house burnt down along with yours).
You never need do anything ever again, other than not change your master password.
Yeah, I have a few key passwords (email and password manager being the main ones) memorised, and also stored written on paper in a safe place. Password manager also explicitly doesn’t have 2FA enabled so I should always be able to access that so long as I have an internet connection.
Now that I think about it, I might need to rethink my 2FA strategy for email to ensure that’s also accessible.
Something like this DID happen to me a few years ago... but really? If i don't regard the lost documents (ID, drivers license, ownership documents...) took me a few months to get newly issued and there is still a gmail and amazon account out there i will perhaps never be able to log in again there was really no big problem.
This is also the incident that convinced me to NEVER leave my current bank: I am at a tiny, tiny local bank with perhaps 50 employees... so, they did know me and it was no problem to get money and a new set of cards. The funny thing is: Before that incident i was contemplating about moving to a more modern bank which offers an app...
Protecting your password db with a physical key sounds pretty stupid. I was always wary of 2FA for exactly this reason. It's something that you can lose or damage. Actually, it's pretty common to kill your most used 2nd factor, your mobile.
The solution here is pretty simple: learn 2-3 strong passwords. Definitely learn the strong password for your password manager and a primary email account, that you can usually use to reset the password to all the other accounts anyway. And don't use 2FA for those. I only ever use 2FA if it is enforced by a service. The real danger of not using 2FA is in your password being stolen. (Using strong passwords protect against brute forcing them.)
Also, about the hypotheticals: offline IDs (like passport and ID card) should be relatively easy to get hold of and once you have those you can have your bank account back. You obviously don't need to know your bank account numbers (that's not a password) and you can't fake your mother's name when you submit your data to a bank (because that's part of your ID information and it's almost certainly in your ID document anyway). Otherwise yes, use a random string whenever stupid sites ask for 'password reminders' or security questions.
I noticed many people in this thread have the delusion perfect security can exist; perfect security is impossible; there are always drawbacks. You have a choice to make: it's either hard for you to unlock the relevant secret to the point of possibly being locked out yourself or: you make copies of secrets or use other redundances which makes the unlocking easier but the security lower.
In most cases the reasonable choice is to make it hard even for you to fully unlock all the secrets but not to the point that is nearly impossible because at the very least: you may want to have inheritance.
My digital life isn't as cloud-based. Most of it is in locally stored files. For example, my Gmail account is synced to a local Thunderbird instance and all my photo and video storage is local.
I have two sets of backup hard disks (each set is a current one, and an old one, both of which get synced; the old one only with the more important stuff since it is smaller). Both sets are LUKS encrypted. One set lives in the filing cabinet at the office (during the COVID lockdown it was at a friend's house). An automatic nag system bugs me if either set hasn't been updated for 40 days.
Updating them is semi-manual. Plug them in, enter the decryption code, run a script stored on the disk itself that gathers all the data - from all over my LAN - that needs backing up. When it's done, unmount and unplug the disk. Make sure one set is always offsite - update set A, take it to the office, store it there, bring set B home, update it.
It's not perfect. If the sort of disaster in this article were to strike, I'd potentially not have the last month's data. But I would have all my passwords (backed up on these disks) and if I had something that gives a last-resort recovery code, that too would be on there - in a separately encrypted sub-filesystem that I know the password to. This is so the super sensitive stuff isn't even decrypted fulltime on my home machine.
I should have readable copies of all the important physical documents and cards in this separately encrypted subfolder too, but currently don't.
I'm just as guilty as everybody for not doing this, but ...
perfect is again the enemy of good. Instead of a technically superior backup with rotation and all, it may be better to have some arbitrary, incomplete old backup lying around on a disk at someone's place.
* Your password vult is encrypted locally and stored on their servers (just an encrypted file!)
* To unlock the vault, you need the password and the generated master code.
* The master code is a PDF to print, which you can give someone you trust – they still only have half of the things to get access.
The losing of digital life is completely solved. Just print that damn PDF give it to your parents and remember your password.
For some reason, I did not appreciate this hypothetical. I spent my whole blog post feeling sorry for this person only for them to suddenly declare it was all fake, and then immediately ask for money.
Normally I’m quite good about these things, but this was too much.
Easy solution would have been to backstop your secrets in a cloud storage account run by a firm that you can call on the phone and talk to a Unix engineer in California.
It would have been a pain and we would have made you jump through all kinds of weird hoops and I would have to be personally involved… but we’d have gotten you in.
After 21 years of this we’ve seen all of this - customers die, people are in comas, admins get fired… we’ve helped everyone and treated them like human beings.
I don’t use a password manager. Instead, I have a formula in my head to generate a unique complex password for each site or online service based on its domain name and some other optional parameters, if the site has password constraints (eg. no special characters, short maximum length).
I have an encrypted plain text file (just a .txt in an encrypted macOS disk image) containing all of the parameters (if any) to generate the passwords for each site, which I keep on Dropbox, accessible at public URL I have memorized. This lets me easily update my password parameters file (open the disk image on my computer, update the .txt file, close the disk image).
It's almost comedic that the point of backups is to remove the single point of failure and then security paranoia creates new ones.
Perhaps what I should have done is stored all my backup codes and recovery keys on a USB stick and then given them to a friend?
If you're going to be that secure, put them on a USB stick and bury it in your yard or in the hollow of a tree. Easier to update and won't be destroyed when your house burns down.
While I've yet to have this problem, I've actually been mentally keeping track of my ability to bootstrap back up. LastPass is trying to get me to add TOTP or other 2FA, but even though it promises (for now) that my master password can still get me in, I've resisted, because the password manager is my linchpin, and I need to be able to get in there just with "what I remember", and I don't want another way in where I'm not continually practicing that and keeping the memory fresh.
I also every so often take a backup of the LastPass DB and put it on my local Nextcloud, which get encrypted backup to S3 every night.
2FA is a lot less scary at work, where I have administrators and coworkers who can vouch for me face-to-face and reset it if necessary. I feel like there isn't a widespread understanding that personal authentication is a much harder problem than corporate authentication for that reason. It is easy to end up accidentally webbing together all your personal authentication until your current phone is your one and only token. Heck, with all the 2FA flying around now it's probably possible to get yourself into a situation where the only way to authenticate is using something else you're already authenticated to and you can't bootstrap back up if that expires unexpectedly. If we're not there we're getting close.
It doesn't even take a lightning strike to get into this type of situation. September rolls around and everyone gets a new iPhone. Many forget to migrate their password manager over before sending their old phone back. Unlike the author who clearly thinks a lot about disaster scenarios and redundancy and recovery, more casual users do not. Some get lucky and are logged in to their password manager on their desktop. Some not so much and are even locked out of their AppleID credentials. Even if you remembered to migrate your password manager, you might not have remembered to bring your MFA code app.
This is the entire impetus behind Uno's productized Shamirs Secret Sharing recovery scheme: https://www.uno.app/blog/replacing-passwords-with-people. Our bet is that, like the author questions in the OP, for most people with a trusted network of friends and family, the main threat vector is not hackers and nation states trying to take over their digital lives, but rather nature, age, and accidents, etc. And that social redundancy is an acceptable risk in order to mitigate the tendency we have to want to be our own single point of failure.
This is one of my great fears. I'm a nomad and all my possessions are in two bags I carry around with me from country to country. It's much easier for this to happen to me.
Not sure what the solution is?
In the past I've tucked away a piece of paper with recover codes on it at a family members house. So in such an emergency I could call them up and tell them where it is.
Time for my "carve your 2FA recovery codes into rock" startup to shine. I might even offer offsite backups: store your rock with codes in my back yard with public access, the trick here is - no one knows which stone is whose.
I remember reading a story about backups right after one of the California wildfires and the author said something like this:
"I used to store my backups in the garage and thought myself smart since they were physically separate from my desktop. Then ENTIRE NEIGHBORHOODS burned down and I realized I needed more physical distance"
Officials will provide you with replacement/temporary documents in a relatively short time, when you have lost them due to a fire or sth. else.
With those you can start rebuilding your infrastructure. Get new credit/debit cards, buy a new phone, get a replacement SIM from your provider, that way get access to your 2FA system again...
Yeah, it's inconvenient and will take some time, but it's not hopeless.
I don't 2FA my password manager and email because of the fear of being lock out of everything. I travel a lot and some country I can't received sms. What hapen if I got stole everything. Loose access to my email, bank account .. I don't event know people number because it's in my phone.
[+] [-] jzdziarski|3 years ago|reply
That said, planning a strategy for offsite data storage or a secondary authenticator is of course wise. A safety deposit box or other offsite location that you can frequently refresh and keep up to date would be a good investment. If you’re worried about keeping a master key to your life in a single place, you could separate your data and your authenticator. The how likely depends on your threat model, several people on this site may find it insufficient. To whatever degree you obfuscate or complicate your recovery path, you also increase the risk of losing access to it yourself.
You might also consider it’s not necessarily the “thing you have” that might go MIA, but due to physical injury, age, or just forgetfulness, the “thing you know” could also be at risk. I realize this the older I get. Finding a secure way to store a master password in the event you cannot recall it, or perhaps in the event of your death, is something you may also consider. In this case, I would avoid a cipher or something else you’re likely to forget.
[+] [-] mid-kid|3 years ago|reply
Rest assured, this situation probably sounds as bizarre as it felt. Randomly forgetting something I type every day isn't something I had considered a possibility until then. Maybe a password without as many non-alphanumeric characters would've aided in avoiding this situation, but I get the feeling it could've happened with any muscle-memoried password.
[+] [-] tgsovlerkhgsel|3 years ago|reply
It isn't though. Access to your digital resources is vital to recover from the loss. You need an e-mail address to arrange contractors, you need your contact list to reach out to friends for help, you need access to your bank accounts, your cloud-stored scans of your ID cards, ...
[+] [-] bluGill|3 years ago|reply
When my dad died we were glad that he had most of his passwords written down. There are a lot of things like the electric bill that we didn't know if he had paid yet or not, and other bills that are entirely paperless that we have have no idea about. Mom would hate to have something not paid just because we didn't know to pay it. There is a lot of paperwork to get access to accounts after someone dies and that takes time. (dad donated his body to science so that added a couple months before we could even start the paperwork)
Unfortunately there was one account we knew he had (because it showed up in quicken) and an IRA with most of his money, but it took us several months to figure out what bank it was at. Please don't do this to your family: write down all your accounts and their passwords in a safe place that someone trusted will look. (I need to take my own advice)
[+] [-] codetrotter|3 years ago|reply
Years ago, when I was in university, I had a couple of machines in my room running FreeBSD with full-disk encryption. These machines were powered on for a few months without reboots until one day when the power went out.
Having not typed in the password in months, and at the time using the kind of passwords consisting of long word with a lot of numeric and symbolic substitutions, I was unable to decrypt the disks of my machines.
I lost a fair bit of data that day, but it taught me a valuable lesson.
These days, any passwords that I use for full disk encryption I make sure to
1. Regularly use. Meaning I’ll reboot machines and retype the passwords on a regular basis. Likewise, I connect external encrypted disks on a regular basis and decrypt them with their passwords.
2. Use pass phrases with many words but without any numbers or special characters. See also https://github.com/ctsrc/Pgen
(For websites etc I use a password manager.)
[+] [-] makeitdouble|3 years ago|reply
To note, our banking system is well part of our digital life. Europe has already a flurry of “real” banks that have no physical presence, and after a catastrophic loss you’ll need that access to your bank as soon as possible.
[+] [-] dmm|3 years ago|reply
A firesafe in a friend or relative's basement is a much better choice. Safety deposit boxes regularly get lost, tossed, or sold and the banks have very little liabilty.
https://www.nytimes.com/2019/07/19/business/safe-deposit-box...
[+] [-] philistine|3 years ago|reply
It's not perfect security, but it's my security blanket in case my house burns down with my phone in it and I need to rebuild my whole house of cards.
[+] [-] M4v3R|3 years ago|reply
I've only learned about this is hypothetical from your comment (yes, I'm guilty of not reading to the very end). I wish the author conveyed that a little more clearly.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] kodah|3 years ago|reply
Passwords can also be made more memorable. For instance, because a password manager remembers the rest of my passwords, I made this one what I call a "pattern password". On a US keyboard I could type it in seconds without looking, but it would be too complex to guess.
[+] [-] dspillett|3 years ago|reply
Currently my master credentials are on an old USB stick (a Yubikey device that I got in an offer, though I only use it to type the long password as if it were a keyboard) and printed (plain and as a QR to save typing issues) & stored well away from the things they secure. The printed copies have the lot, the USB version requires a prefix which I remember.
This may seem risky (the old on-a-post-it-under-the-keyboard issue) but for my online backing and other key stuff the key risk is my password store which is secured by one of those master keys, and its main risk is someone remote getting access to both the key DB and the passphrase and it is properly air-gap secure against that. Similar for the encryption keys for local storage and off-site backups.
> or perhaps in the event of your death
This is a concern I've not at all addressed in my plans. The basics will be putting details in my will for how things should be accessed, but those details need to be both secure from inappropriate access and easy for th eright people to access when the time comes. Though as I have nothing much to leave to anyone that isn't too big a concern yet…
The halfway point is a bigger matter that I (and many others) really should address: what if I'm incapacitated temporarily or otherwise? Someone may need access to my stuff to sort a great many things while I can't. We've had an issue with this with my mother who due to dementia can't even sign her name, so neither she nor my dad couldn't access an account that was only in her name without a huge rigmarole of paperwork and assessments to sort out power of attorney. We've since got things sorted in advance of further problems (myself and my brothers set up with joint PoA so if something happens to him too we can sort what needs sorting more easily) but I have nothing like that setup for myself for either life stuff or technical stuff (or the things that are both).
I'm in good health as far as I know, but I'm not getting any younger (this year I'm on the cusp of leaving "the low 40s") and I've seen unpleasantly final things happen to people who were similarly good health as far as they knew.
[+] [-] fmajid|3 years ago|reply
[+] [-] fencepost|3 years ago|reply
[+] [-] anonymousiam|3 years ago|reply
[+] [-] LazyEvaluation|3 years ago|reply
[+] [-] rambojazz|3 years ago|reply
[+] [-] kalleboo|3 years ago|reply
For my bank from my country of origin that I maintain, I get a battery-powered RSA token. From that I can generate a mobile 2FA token in an app that I can use to log in for day-to-day transaction. If I lose the devices with the 2FA token, I have to pray that that CR2032 is still alive or I lose access to that account until I spend thousands of dollars on international flights (replacing the battery resets the device)
[+] [-] BruiseLee|3 years ago|reply
[+] [-] unethical_ban|3 years ago|reply
If a service does not allow the use of "generic" TOTP ala Authy or Google Authenticator, AND it does not allow for one time use backup codes, then I do not use 2FA with that service unless required. My main bank forces the use of their own built in 2FA (Symantec VIP on the backend) which pisses me off. My work uses Okta and RSA. Oh well.
[+] [-] usrn|3 years ago|reply
I wish there was an exam you could take that would get you a "computing license" that you could show to bypass a lot of this stuff.
[+] [-] journey_16162|3 years ago|reply
[+] [-] tragictrash|3 years ago|reply
[+] [-] causi|3 years ago|reply
[+] [-] Whitespace|3 years ago|reply
I had to go to an AT&T store, port my phone number to a different iPhone, restore from an iCloud backup using the SMS 2FA, and then I could finally log into 1Password for my passwords and MFA.
If I didn't have a memorable iCloud password this would have been impossible without the 1Password recovery paper.
Devices are often lost/stolen on vacation where the myriad layers of protection are extremely hard — if not impossible — to penetrate.
[+] [-] joshstrange|3 years ago|reply
[+] [-] jen729w|3 years ago|reply
It’s so easy. Print it out. Write your password on it. Put it in an envelope and seal it. Give it to someone – suffice to say you trust this person with your life – who doesn’t live next door (otherwise their house burnt down along with yours).
You never need do anything ever again, other than not change your master password.
[+] [-] wintermutestwin|3 years ago|reply
Serious question: Once you have this, why bother with a password manager? Why not just keep a password spreadsheet in iCloud?
[+] [-] nicoburns|3 years ago|reply
Now that I think about it, I might need to rethink my 2FA strategy for email to ensure that’s also accessible.
[+] [-] doctorhandshake|3 years ago|reply
[+] [-] petesergeant|3 years ago|reply
[+] [-] RalfWausE|3 years ago|reply
This is also the incident that convinced me to NEVER leave my current bank: I am at a tiny, tiny local bank with perhaps 50 employees... so, they did know me and it was no problem to get money and a new set of cards. The funny thing is: Before that incident i was contemplating about moving to a more modern bank which offers an app...
[+] [-] atleta|3 years ago|reply
The solution here is pretty simple: learn 2-3 strong passwords. Definitely learn the strong password for your password manager and a primary email account, that you can usually use to reset the password to all the other accounts anyway. And don't use 2FA for those. I only ever use 2FA if it is enforced by a service. The real danger of not using 2FA is in your password being stolen. (Using strong passwords protect against brute forcing them.)
Also, about the hypotheticals: offline IDs (like passport and ID card) should be relatively easy to get hold of and once you have those you can have your bank account back. You obviously don't need to know your bank account numbers (that's not a password) and you can't fake your mother's name when you submit your data to a bank (because that's part of your ID information and it's almost certainly in your ID document anyway). Otherwise yes, use a random string whenever stupid sites ask for 'password reminders' or security questions.
EDIT: fix typo.
[+] [-] epigramx|3 years ago|reply
[+] [-] MarkusWandel|3 years ago|reply
I have two sets of backup hard disks (each set is a current one, and an old one, both of which get synced; the old one only with the more important stuff since it is smaller). Both sets are LUKS encrypted. One set lives in the filing cabinet at the office (during the COVID lockdown it was at a friend's house). An automatic nag system bugs me if either set hasn't been updated for 40 days.
Updating them is semi-manual. Plug them in, enter the decryption code, run a script stored on the disk itself that gathers all the data - from all over my LAN - that needs backing up. When it's done, unmount and unplug the disk. Make sure one set is always offsite - update set A, take it to the office, store it there, bring set B home, update it.
It's not perfect. If the sort of disaster in this article were to strike, I'd potentially not have the last month's data. But I would have all my passwords (backed up on these disks) and if I had something that gives a last-resort recovery code, that too would be on there - in a separately encrypted sub-filesystem that I know the password to. This is so the super sensitive stuff isn't even decrypted fulltime on my home machine.
I should have readable copies of all the important physical documents and cards in this separately encrypted subfolder too, but currently don't.
[+] [-] uniqueuid|3 years ago|reply
perfect is again the enemy of good. Instead of a technically superior backup with rotation and all, it may be better to have some arbitrary, incomplete old backup lying around on a disk at someone's place.
[+] [-] tpetry|3 years ago|reply
* Your password vult is encrypted locally and stored on their servers (just an encrypted file!) * To unlock the vault, you need the password and the generated master code. * The master code is a PDF to print, which you can give someone you trust – they still only have half of the things to get access.
The losing of digital life is completely solved. Just print that damn PDF give it to your parents and remember your password.
[+] [-] Aeolun|3 years ago|reply
Normally I’m quite good about these things, but this was too much.
[+] [-] rsync|3 years ago|reply
It would have been a pain and we would have made you jump through all kinds of weird hoops and I would have to be personally involved… but we’d have gotten you in.
After 21 years of this we’ve seen all of this - customers die, people are in comas, admins get fired… we’ve helped everyone and treated them like human beings.
And yes - it does cost a bit more than backblaze.
[+] [-] pass_throwaway|3 years ago|reply
I have an encrypted plain text file (just a .txt in an encrypted macOS disk image) containing all of the parameters (if any) to generate the passwords for each site, which I keep on Dropbox, accessible at public URL I have memorized. This lets me easily update my password parameters file (open the disk image on my computer, update the .txt file, close the disk image).
[+] [-] causi|3 years ago|reply
Perhaps what I should have done is stored all my backup codes and recovery keys on a USB stick and then given them to a friend?
If you're going to be that secure, put them on a USB stick and bury it in your yard or in the hollow of a tree. Easier to update and won't be destroyed when your house burns down.
[+] [-] jerf|3 years ago|reply
I also every so often take a backup of the LastPass DB and put it on my local Nextcloud, which get encrypted backup to S3 every night.
2FA is a lot less scary at work, where I have administrators and coworkers who can vouch for me face-to-face and reset it if necessary. I feel like there isn't a widespread understanding that personal authentication is a much harder problem than corporate authentication for that reason. It is easy to end up accidentally webbing together all your personal authentication until your current phone is your one and only token. Heck, with all the 2FA flying around now it's probably possible to get yourself into a situation where the only way to authenticate is using something else you're already authenticated to and you can't bootstrap back up if that expires unexpectedly. If we're not there we're getting close.
[+] [-] 369548684892826|3 years ago|reply
[+] [-] tpool|3 years ago|reply
But... the lightning strike caused a fire. That shouldn't mean the fire is "extra hot" or something like that.
I'm disturbed, as I keep these kinds of thing in my fire safe for just such a reason.
[+] [-] dcow|3 years ago|reply
This is the entire impetus behind Uno's productized Shamirs Secret Sharing recovery scheme: https://www.uno.app/blog/replacing-passwords-with-people. Our bet is that, like the author questions in the OP, for most people with a trusted network of friends and family, the main threat vector is not hackers and nation states trying to take over their digital lives, but rather nature, age, and accidents, etc. And that social redundancy is an acceptable risk in order to mitigate the tendency we have to want to be our own single point of failure.
[+] [-] kilroy123|3 years ago|reply
Not sure what the solution is?
In the past I've tucked away a piece of paper with recover codes on it at a family members house. So in such an emergency I could call them up and tell them where it is.
I should really do that again.
[+] [-] butz|3 years ago|reply
[+] [-] alexpotato|3 years ago|reply
"I used to store my backups in the garage and thought myself smart since they were physically separate from my desktop. Then ENTIRE NEIGHBORHOODS burned down and I realized I needed more physical distance"
[+] [-] martin_a|3 years ago|reply
Officials will provide you with replacement/temporary documents in a relatively short time, when you have lost them due to a fire or sth. else.
With those you can start rebuilding your infrastructure. Get new credit/debit cards, buy a new phone, get a replacement SIM from your provider, that way get access to your 2FA system again...
Yeah, it's inconvenient and will take some time, but it's not hopeless.
[+] [-] tomkaos|3 years ago|reply