When I pass away, can the recovery function be used to get access to my password vault?

jsetsaas
jsetsaas
Community Member

Will the password recovery function be able to do this?
Or would I have to do some preparations?
Could for example multiple family members in cooperation be able to recover somebody else's password vault?

If not already, there should be some way to handle the next of kin situation, without any preparations (which is not something people think of, until it is too late, or changes were made after the prep was done, and it was not updated)


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • soshiito
    soshiito
    Community Member

    For someone else to be able to use recovery to gain access to your account they would need access to your email address. A better solution might be to safely store your emergency kit somewhere that will be accessible when you pass, but isn't likely to be snooped on before.

  • I keep my Emergency Kit filled out and included with my Master Password in a floor safe along with important papers. It is also stored in a safety deposit box for additional safe keeping.

  • [Deleted User]
    [Deleted User]
    Community Member

    @jsetsaas If you want a paperless solution then you can make one of your family members a Family Organiser and give a second family member your email account credentials to store in their Private vault. So in the event that you were "unavailable" they could work together to recover your account. The only catch I can see is that any changes to your email account credentials would need to be communicated to the second family member outside of 1Password.

  • The only catch I can see is that any changes to your email account credentials would need to be communicated to the second family member outside of 1Password.

    Alternatively those credentials could be stored in a vault shared between you and that 2nd family member. The catch there is that the member who is an organizer would be able to add themselves to that vault if they decided to do so.

    Ben

  • jsetsaas
    jsetsaas
    Community Member

    Hi all

    And thanks for your replies. So all the proposed solutions require some sort of "preparations", right?
    And knowing people, they do not do this, or else the information is outdated when it is needed.

    Ben: Is this something you are looking into for 1Password? A way to recover access to a deceased family member?
    E.g. requiring a grace-period (i.e. the 1Password vault not accessed the last n days), and two family member confirming that they want to recover the account.

    John Erik

  • Ben
    Ben
    edited May 2021

    @jsetsaas

    It all requires some sort of consent while still living, yes. I don't imagine we would be changing that fact. I wouldn't want to assume that just because someone is deceased that they'd want their entire digital life and all of their secrets available to a family member.

    Ben

  • frapp
    frapp
    Community Member

    I don't imagine we would be changing that fact.

    Oh yes you should!! You can make it an explicit choice when they add a family member like "Should this person gain access to your personal vault in case you pass away/disappear for more than X weeks? YES / NO "

    When sync'ing passwords with 1password.com, the servers knows if a user has ZERO devices that connected for more that X days, e-g: 3 weeks.
    If opted in, in that case it should send an email to that user along the lines of "We haven't seen you for 3 weeks. If you do not log in to your 1password account within the next 2 weeks, we will initiate a procedure for member X Y or Z of your family to get access to your personal vault. Click here if you do NOT want this to happen."

    Passing along passwords should NOT be a hack (sharing email credentials, sharing an emergency kit) but a FEATURE of the "Family plan"!

  • Ben
    Ben
    edited May 2021

    @frapp

    Oh yes you should!!

    I respectfully disagree.

    I was saying I don't imagine we would change the consent piece... i.e. if you haven't intentionally set something up before passing your data won't be recoverable. :+1: The OP seemed to be implying that there should be some method to do so even if the person who passed didn't consent:

    So all the proposed solutions require some sort of "preparations", right?

    I wasn't saying that we're not considering building a more robust feature to support this need. Just that it would almost certainly still require consent / be opt-in.

    Ben

This discussion has been closed.