What do you want advice about?
I am using a password manager, setup 2FA if possible etc. I lately though, what if in some case for example relatives need emergency access? What is a save way to setup this but still retain a decent level of security? I ofcourse don’t want to give relatives a hard time or make it even impossible to access my accounts.
What have you considered or looked at already?
I am using bitwarden so I suppose I can setup emergency access using their built-in features with some relatives who also use bitwarden. I think this is the easiest way to share access without having to share the password and some backup 2fs codes.
As for 2fa, this is a bit harder I think. I use Aegis and I ofcourse have backup codes for an account and an aegis back-up stored in the vault of my cloud storage (pcloud). As for my self, I have though of backup systems in case my phone dies (ranging from I still have access to another computer where I have already been logged in to my cloud to the point where I only have my wallet left in case of a fire or theft). But I know the passwords so I mostly only wrote some backup codes down.
In brief, tell us about your privacy threat model?
Moderate I suppose. I try my best to protect my accounts I don’t need to go of grid
Emergency Access for accounts which normally you would not give access.
Your Backup and Recovery is probably handled well. How you refine it to work with sharing and emergency access may change your set up.
Getting family on board with a password manager is an accomplishment in itself. For family not using a password manager when I change the password, if all devices are not kicked off, I look for that option. This is my opportunity to push the password manager, as well I push Signal as the only platform I will send the credentials. Most of my family members are adults, and can do what they want on their phones but they play by my rules with my credentials.
With family members who are onboard with password managers I have isolated shared accounts from non shared accounts into a separate keepass file and sync over NextCloud. Kind of basic.
The Emergency Access is something that I should consider. Someone needs to clear my browser history
I have some reasons to speak to an attorney concerning some land trust, I need to work on asking some good questions.
I don’t mean password sharing to share a services. That is outside my scope. I only want to share the passwords in case of emergency.
I think the password sharing can be done via BItwarden their emergency options. I had a look at it and it might be the best way.
Now for as for 2FA, I gave it some thought. I can leave some of the backup codes at my relatives house. Along side that, I should instruct them (written) how to to access my cloud vault, download the aegis backup and restore the 2FA app. From there they should be able to gain full access to all accounts.
I am also just interested in if and how other people though about this. It is easy to forget this when improving your account security. (written)
Just sharing the BitWarden page we are talking about.
This emergency access seems nice, I would probably prep an old phone and secure it with the trusted family member. The emergency access would be current where just a back up could be out dated.
Ah, good that you shared the support article I was refering to for reference. One thing to not forget is that the BItwarden account of the relative is also well protected with a strong password and 2FA.
