1Password Access after Death, Legacy Contacts

ooglek
ooglek
Community Member

I am not planning to die anytime soon, but sometimes things happen.

Beyond securing my 1Password details in an Escrow account, or with a lawyer, or in a bank lockbox, does 1Password offer any means of allowing one or more designated member of the 1Password Families account to access the 1Password account in case of the primary owner's passing?

Apple now offers the ability to add one or more Legacy Contacts so that in case of your untimely demise, an Access Key and a Death Certificate allows Apple to grant the holder of both of these to get a new Apple ID that has access to your Apple ID Account.

It may be something 1Password wants to consider, though I realize that reviewing Death Certificates may not be on the high list of priorities for the team!


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

«134

Comments

  • Powl49
    Powl49
    Community Member

    This is also an important topic for me. Thank you mentioning this subject to the team!

  • ag_tommy
    edited January 30

    I've got this one recorded too @Powl49 Thanks for being part of the community and sharing what matters to you.

    ref: PB-38042192

  • Saravs
    Saravs
    Community Member

    Hello! Just echoing this. I have been using LastPass because of their Emergency feature, and looking to potentially change to 1Password but this will be a blocker for me.

    Recently a close friend lost her husband unexpectedly and suddenly. She has had so many issues canceling subscriptions and having access to all the things he had access to. We don't want to think about these things, but I think inherently a Family account should be covering that for us. Knowing that my passwords are safe on a vault that my family can access if anything was to happen to me is really important. And the other way around!

    All the current solutions I see require a million things to setup and so many chances for frustration (no access to email, not sure which 2FA is enabled, etc.). Also, printing the page doesn't seem like a great idea considering 1Password principles: that basically gives access to anyone that finds the page very easily at any point.

    It's hard enough to deal with the grieve of losing a loved one, it would be great if products like 1Password prioritised making such a human and difficult moment an easier one.

    I'll remain hopeful to see a feature like this come into 1Password :)

  • ag_tommy
    edited February 16

    Thanks for joining the conversation @Saravs I'll pass on your thoughts to the team.

    ref: PB-38313197

  • Zorak
    Zorak
    Community Member

    Add me to the long list of people (judging by the number of search results in Google for this sort of thing) who are strongly in favor of some kind of time-delayed emergency/contingency access feature similar to what LastPass has. In previous discussions I have seen "security" cited as the reason 1P has not implemented such a feature, and granted there is always a tradeoff between security and convenience, but the "user story" I would like the product management team to consider is:

    • I have close family/friends I would trust to manage my affairs in case I am incapacitated or dead
    • In many cases I may already today be using Family product features to share secrets/creds with them
    • But only to a limited subset of accounts, because I do not necessarily trust them to have the same amount of tech savvy or paranoia etc. as I do, and I don't necessarily want to give them full access to all my financial data etc.
    • And when I say "them" I mean "them, or anyone who compromises their devices/accounts, or can be in a position to extort/coerce it out of them" -- this is why the time delay feature is crucial. If I am actually alive and functioning :) it gives me time to veto an unauthorized access. If I am dead or in a coma, then giving my loved ones access to my info becomes a priority and outweighs any concerns I might have about their security hygiene.
    • For the above/similar reasons, sharing the Emergency Kit and actual passphrase is a non-starter
    • The "recover accounts for family members" feature doesn't work either, because you can't (I believe) recover your own account, and in a scenario where I'm dead, it doesn't help if a trusted person can "recover" my account because they would need access to my email to complete the recovery.

    There are always tradeoffs involved; the goal is to make the consciously and knowingly. If 1P feels this sort of feature renders the product inherently less secure, it can still implement it and make it optional, with lots of warning dialogs and disclaimers that people have to click through to enable it, but they can still make that choice for themselves.

    If I'm missing something and/or there's an existing way to address the above concerns, I'm all ears!

    Alternatively, I would be much happier sharing my emergency kit with people if there was a "when your Emergency Kit is used from a new location, send a notification and require either 2FA or ___ days to elapse before it can be used" option available, which accomplishes the same thing.

  • @Zorak

    I didn't want you to think we missed you. I've been behind the scenes the last couple of days. I have passed your thoughts on to the rest of the team. Thank you for taking the time to share them.

  • aingerylspod
    aingerylspod
    Community Member

    @ag_tommy I fully agree with @Zorak, please pass my request along to the team as well.

    This feature so important, that I am almost willing to switch to some other product. I switched to 1password from LastPass because of the problems they had, but they kind of feel minor compared to the value of the "Emergency Access" feature.

  • glowndes
    glowndes
    Community Member

    I 100% agree that this feature needs to be developed. In 2022, I lost both my parents unexpectedly within 4 months of each other, and it was a nightmare having to deal with all of the admin involved in closing accounts, ending subscriptions, etc.

    There must be a way to implement such a feature without needing to print out a piece of paper with the relevant details on it. Say someone breaks into my house and manages to get into my safe—they then have access to my entire life. It seems silly of a company such as 1Password that values security so much just to say, 'Print it out and put it in a safe place'!

  • glowndes
    glowndes
    Community Member

    To add to my comment above - I just realised that there is no point printing out my emergency kit as I have 2FA on my account... So printing it out and my family using it after I pass away will be of no help as they will need the 2FA code...

  • @glowndes

    When you set up 2FA authenticator app there is a "can't scan code" a string of characters beside the QR code for the 2FA app. You can print that and include it on the kit. I typically write mine on the back of the Emergency Kit with the date and what the code is for.

  • ag_tommy
    edited March 12

    Thank you both. I've shared your comments with the team.

    ref: PB-38664805

  • glowndes
    glowndes
    Community Member

    @ag_tommy

    Do you understand that what you are suggesting completely makes the whole point of storing passwords in 1Password a complete waste. What happens if someone manages to find that piece of paper who shouldn’t have access to it?

    I might as well just have a notebook with all my passwords in it.

  • ag_tommy
    edited March 12

    Some of our users provide 1/2 of the password to another family member and another half to another family member.

    The use of the Emergency Kit is the only available option. Feel free to look around the community. You'll see varied suggestions from many folks here in the community. As with any important or legal document, you must take appropriate safeguards to ensure its safety. I lock mine behind a safe door, and only I know the combination, too. In the event of my demise, my heirs will need to access it. Outside of that, I also have it stored in a bank safety deposit box for disaster preparedness.

    It should never be left out in the open for anyone to find.

  • nNfEfRtqUHrmDWYdocjh
    nNfEfRtqUHrmDWYdocjh
    Community Member

    I believe that Bitwarden has found a good solution here and wanted to make this suggestion available for discussion in the development team.

    Bitwarden allows you to define so-called "trusted emergency contacts" via Emergency Access.

    They can then request access via their Bitwarden account in an emergency. The trusted emergency contact can then access the grantor's vault after a predefined period of time has elapsed.

    During this period, however, the grantor can also cancel this access request (if the request is not permitted and the grantor is still alive, for example).

    More information: https://bitwarden.com/help/emergency-access/

    I am curious to see whether we will soon see another option from 1Password. It has already been announced here and there that this topic is already being discussed internally.

  • ag_tommy
    edited March 26

    @nNfEfRtqUHrmDWYdocjh

    Topics like this are always open to discussion amongst the team. That does not necessarily translate to active work on any project. That said, I am but a single person in this large machine. There are many areas that my travels do not take me each day. We are aware of various methods and the team always looks at possibilities. Thank you for sharing.

  • glowndes
    glowndes
    Community Member

    @ag_tommy

    To your suggestion about locking it in a safe. You mentioned that you are the only one with the combination. I certainly hope that your family will be able to crack it open….

  • Yep, the local lock smith is a friend of the family. :)

  • pxlrbt
    pxlrbt
    Community Member

    Just want to add my 2cents. I think this is a crucial feature. Currently I stored my emergency kit with a service that encrypts it when I don't respond two an email in X days. But I'd rather have my password manager handle this than relying on another tool (which might not be around anymore when it's needed).

  • Thanks @pxlrbt I'll let the team know this is a concern you'd like addressed.

    ref: PB-39375148

  • cchuck
    cchuck
    Community Member

    Add me to the list. I have the stand-alone paid app, not a membership. I was hoping a membership would include a legacy feature. If 1Password competitors can do it...

  • ag_tommy
    edited April 23

    @cchuck

    Did you see one of our latest beta announcements? Does it help you? https://1password.community/discussion/145445/recovery-codes-for-individuals-beta#latest

  • amertner
    amertner
    Community Member

    Add me to the list of people who’d like this.

    My preferred solution would be to provide an email address that I can share with my heirs, along with instructions on what to do once I’m dead: send an email to the address with a predefined code in it.

    When this happens, it should notify me that an heir is asking for access to my account, and give me a configurable time period in which to object, maybe 48 hours. If I don’t do that, they get access to data that allows them to access my 1password account.

  • @amertner

    Does my posting above yours on account recovery help? Here's the link again.

    https://1password.community/discussion/145445/recovery-codes-for-individuals-beta#latest

  • amertner
    amertner
    Community Member

    @ag_tommy Unfortunately, it doesn’t. The crux is this sentence: “ Once created, make sure to store the code in a safe and accessible place outside of this account”

    Where should I store it? I don’t have a safe deposit box, and I tend to use 1Password to store my confidential stuff. A mechanism to release it to the right people after I’m gone is the part that’s missing for me.

  • Gotcha. I'll get that portion before the team. Thanks for clarification.

  • HudsonOH
    HudsonOH
    Community Member

    Emergency access is a huge glaring need. Please add this feature. I switched to 1Password from LogMeOnce for good reasons LMO was glitchy and has a clunky user interface. 1Password is so much better, EXCEPT I'm seriously missing the Emergency Access feature. Obviously a lot of users and potential users agree. Please get this done.

  • ag_tommy
    edited May 2

    Thanks for the feedback @HudsonOH and welcome to the community.

    ref: PB-39571460

  • GSK
    GSK
    Community Member
    edited May 7

    I have just moved from Bitwarden to 1Password. I find that 1Password is just a little more "polished". The emergency access in Bitwarden, previously mentioned by nNfEfRtqUHrmDWYdocjh is something that did give me some peace of mind. I don't need to rehash the points already made on this string - suffice it to say, printing the Emergency Kit for someone to find after my death poses too many obstacles.

    At $10 per year, I can hang on to Bitwarden for this functionality, and then just have my 1Password credentials within Bitwarden.

  • Thanks @GSK I've shared your comments with the team.

    ref: PB-39719592