Death and passwords: two things we cannot avoid. Nowadays, our lives are closely related to cloud services. If we die tomorrow, we have every reason to worry about what will happen to these accounts. For many of us, important documents, photos, financial information and other data will be locked behind the login prompt. Your payment method will also expire shortly after you use it. If it is not processed in time, data may be lost. The most obvious way to solve this problem is to provide trusted parties with access in an emergency.
A bad solution
Let’s start with the simplest solution: use the same password everywhere. Great, all you need to do is stick it on a post-it note, put it in an envelope, and let others know where to find it. Unfortunately, using a single password for many services is a bad idea. Password leaks happen from time to time. If you use a single password on the Internet, the consequences will be disastrous.
Password leaks are usually due to an attacker discovering a vulnerability that allows password data to be read from the application database. There is a high probability that your information will be leaked in one of these violations.You can check if your email is on the list of known violations Am i stolenDon’t be sad if you have been scammed, my email shows six different violations, and the service only indexes publicly known violations!
Depending on the capabilities of the compromised company, your password may be stolen in several different formats. In the worst case, the password is stored as is (ie, in plain text), and the actual password containing you is revealed. Nowadays, storing passwords in clear text has never been considered acceptable. Instead, it stores the hash value of the password.Attackers need to use similar tools Hashcat Try to recover the password by brute force hash cracking. This is slow for complex passwords, but as the GPU improves, it always gets faster.
So we really need to use a different password everywhere, otherwise our 2013 Tumblr account can access our bank account. Considering the large number of services we use and our inability to remember passwords, we will need to use a password manager.
You want a password manager
A password manager is any tool that allows you to store a large number of passwords safely. These will allow you to randomly generate a long and secure password that you never want to remember. This allows the use of unique passwords for each service, as well as passwords that are complex enough to be difficult to crack.
We also need to consider urgent access to these tools. How do you grant someone access to your password manager, and how do we protect the process? The goal is to create a backdoor for all your accounts and then make sure it is reasonably protected.
There are many password managers out there, this is not to compare them. In fact, security experts disagree on which tools are the best. In a nutshell, these tools fall into two categories: hosting and self-management.
Managed password manager
These are software as a service (SaaS) tools that handle storing passwords and provide cross-device access. Most will have desktop, mobile and web extension clients. Both Firefox and Chrome have built-in password managers, and they also belong to this camp. Other popular products include LastPass, 1Password and Dashlane.
These tools are often the easiest to use because all data is managed for you. Disadvantages include subscription fees and the need to delegate password data to a third party. Although most management services are designed so that only you can decrypt the password database, you still need to trust the software they provide. Generally, browser extensions for these services are considered insecure.For more information, see Tavis Ormandy’s Articles about password managers.
Many of these tools provide help functions when it comes to emergency access. Both LassPass and Dashlane allow “emergency contacts” who can request access to your account. If you do not deny access within a period of time, grant access. 1Password uses a low-tech solution to provide a printable emergency kit document that contains everything you need to access your account.
Self-managed password manager
Another password management option is to use local software to manage your own data. Pass (with KeePassXC) with go through Are two popular open source options. Using these tools, you can ensure that the password database is secure and synchronized between devices. You can also determine emergency access rights.
If you plan to use these tools, it may be worth considering who gets access in an emergency. Can they determine what software is needed, install it, access the database file, and decrypt it? Although the pass tool provides some interesting options through gpg, such as using a hardware token for decryption, this additional complexity may make emergency access more difficult.
If you use a self-managed solution, you will need to build your own version of the emergency kit for access. This should include everything needed to view the password data and instructions for accessing the encrypted password database.
Trust and storage
Needless to say, you need to trust anyone for whom you provide emergency access. Some hosting services provide features that minimize this trust by requiring a timeout before granting access. For services that allow emergency contact, this means trusting the contact you specify. For solutions that require storage of emergency kits, this means ensuring that only trusted parties have physical access.
Another problem is knowing that emergency access has been used. If an attacker accesses your password manager without your knowledge, they may maintain access indefinitely. The hosting service will provide notifications about new logins from unknown devices. For self-managed services, it’s up to you. Tamper-proof envelopes and boxes are an option, but none of these are perfect.
Don’t forget 2FA
Two-factor authentication (2FA) is enabled for your account, right? If not, go open it and we will wait here. If so, have you ever been unable to access your authentication code?
Certain services will allow 2FA to be reset via email. From a security point of view, this is not great, but it means that losing the 2FA code is a minor inconvenience. Other services make this process more difficult. For example, to lose all Google’s access to 2FA requires a manual support process that may take several days. It’s worth thinking about how someone can access your 2FA backup code, at least for key accounts.
There is no perfect solution
Providing emergency access will always reduce the security of password management, which is okay. In this case, we compromise security for specific and important reasons. There is no perfect solution here, but the goal is to balance safety and usability. Unfortunately, this delicate balance is inevitable when designing a safety system.