PassMyWill Sends Out Your Passwords After You Die

After we die, our social networking profiles, bank accounts and email passwords are lost to anyone who might need them. If you want to ensure your digital identity is destroyed or passed on appropriately, PassMyWill will send out emails with your passwords.PassMyWill is a free service that will check in with Facebook and Twitter to see if you're alive and posting updates, if you don't appear to be active, it will send you an email to confirm your death, then it sends out emails to everyone on your list if you don't respond. You can include whatever passwords you like, whether it's email, Facebook or anything else. It's not just wilfully giving out passwords though; recipients will need a key to unlock them, which you'll have to give to them before you pass on.

PassMyWill [via TechCrunch]


Comments

    My password?

    LOL

    Nothing would ever go wrong with this sort of sites. None. What-so-ever.

    Again. LOL.

      +1
      Lifehacker presented the perfect solution with the Master Information Kit
      http://www.lifehacker.com.au/2011/07/how-to-create-a-document-to-keep-your-loved-ones-informed-if-worse-comes-to-worst/
      which can be stored on a USB. Password protect it and let your better half know of its existence.

    What could possibly go wrong?

    I was prepared to slam the service, but they've thought it through quite well.

    1) They don't store your passwords on their servers, it generates an encrypted file that you store on your own computer. They do, however, keep a copy of your encryption key.
    2) If they decide you're dead (they don't give many specifics), they send an email to whoever you've specified.
    3) The email does not contain the key, it contains an explanation of how to generate the key. The examples they give are 'my credit card number' and 'my SSN', but you could use any text.
    4) The person who receives the key needs access to your encrypted password file, wherever you saved it.

    In theory, this is fairly secure. If you do it the recommended way, whoever the email goes to will still need your credit card number and physical access to your computer to get into those passwords. It's two-factor authentication where both factors should only be available to a loved one.

    Disclaimers:
    - I have no idea how they encrypt the filemanage their servers, so I have no idea about any security leaks that way.
    - It depends largely on how you use it. if your encryption key is '123456' or you include it in the text of the email, it gets way less secure.
    - You have to connect with them via facebook and twitter for them to see you're still alive, so they'll have access to a bunch of your account information.

    This good if we have big company online :)

    Any service offering to keep all your online credentials should be viewed skeptically. The site is supposed to only keep your encrypted data, but has a reputable third-party verified how this works?

    A quick glance at their website raises some security flags:

    The site does not use a secure connection, yet it's suggesting that users enter social security and credit card numbers.

    The site also suggest users use a social security number or credit card number as an encryption key.

    The site also asks you to save a plain text email body to send when you die and it again suggest using social security or credit card.

    Their intent may have been for users to actually enter "SSN" into the email, but they've made no attempts to tell users otherwise. Because of this, all these suggestions makes us wonder if someone is going to be harvesting these when users enter the numbers as part of a plain text email notification.

    What a great idea! I've often wondered about what would happen to all of my accounts...

Join the discussion!

Trending Stories Right Now