perfect is again the enemy of good. Instead of a technically superior backup with rotation and all, it may be better to have some arbitrary, incomplete old backup lying around on a disk at someone's place.

But... the lightning strike caused a fire. That shouldn't mean the fire is "extra hot" or something like that.

I'm disturbed, as I keep these kinds of thing in my fire safe for just such a reason.

For my bank from my country of origin that I maintain, I get a battery-powered RSA token. From that I can generate a mobile 2FA token in an app that I can use to log in for day-to-day transaction. If I lose the devices with the 2FA token, I have to pray that that CR2032 is still alive or I lose access to that account until I spend thousands of dollars on international flights (replacing the battery resets the device)

Not sure what the solution is?

In the past I've tucked away a piece of paper with recover codes on it at a family members house. So in such an emergency I could call them up and tell them where it is.

I should really do that again.

Perhaps what I should have done is stored all my backup codes and recovery keys on a USB stick and then given them to a friend?

If you're going to be that secure, put them on a USB stick and bury it in your yard or in the hollow of a tree. Easier to update and won't be destroyed when your house burns down.

* Your password vult is encrypted locally and stored on their servers (just an encrypted file!) * To unlock the vault, you need the password and the generated master code. * The master code is a PDF to print, which you can give someone you trust – they still only have half of the things to get access.

The losing of digital life is completely solved. Just print that damn PDF give it to your parents and remember your password.

"I used to store my backups in the garage and thought myself smart since they were physically separate from my desktop. Then ENTIRE NEIGHBORHOODS burned down and I realized I needed more physical distance"

That said, planning a strategy for offsite data storage or a secondary authenticator is of course wise. A safety deposit box or other offsite location that you can frequently refresh and keep up to date would be a good investment. If you’re worried about keeping a master key to your life in a single place, you could separate your data and your authenticator. The how likely depends on your threat model, several people on this site may find it insufficient. To whatever degree you obfuscate or complicate your recovery path, you also increase the risk of losing access to it yourself.

You might also consider it’s not necessarily the “thing you have” that might go MIA, but due to physical injury, age, or just forgetfulness, the “thing you know” could also be at risk. I realize this the older I get. Finding a secure way to store a master password in the event you cannot recall it, or perhaps in the event of your death, is something you may also consider. In this case, I would avoid a cipher or something else you’re likely to forget.

Officials will provide you with replacement/temporary documents in a relatively short time, when you have lost them due to a fire or sth. else.

With those you can start rebuilding your infrastructure. Get new credit/debit cards, buy a new phone, get a replacement SIM from your provider, that way get access to your 2FA system again...

Yeah, it's inconvenient and will take some time, but it's not hopeless.

I have an encrypted plain text file (just a .txt in an encrypted macOS disk image) containing all of the parameters (if any) to generate the passwords for each site, which I keep on Dropbox, accessible at public URL I have memorized. This lets me easily update my password parameters file (open the disk image on my computer, update the .txt file, close the disk image).

I have two sets of backup hard disks (each set is a current one, and an old one, both of which get synced; the old one only with the more important stuff since it is smaller). Both sets are LUKS encrypted. One set lives in the filing cabinet at the office (during the COVID lockdown it was at a friend's house). An automatic nag system bugs me if either set hasn't been updated for 40 days.

Updating them is semi-manual. Plug them in, enter the decryption code, run a script stored on the disk itself that gathers all the data - from all over my LAN - that needs backing up. When it's done, unmount and unplug the disk. Make sure one set is always offsite - update set A, take it to the office, store it there, bring set B home, update it.

It's not perfect. If the sort of disaster in this article were to strike, I'd potentially not have the last month's data. But I would have all my passwords (backed up on these disks) and if I had something that gives a last-resort recovery code, that too would be on there - in a separately encrypted sub-filesystem that I know the password to. This is so the super sensitive stuff isn't even decrypted fulltime on my home machine.

I should have readable copies of all the important physical documents and cards in this separately encrypted subfolder too, but currently don't.

This is also the incident that convinced me to NEVER leave my current bank: I am at a tiny, tiny local bank with perhaps 50 employees... so, they did know me and it was no problem to get money and a new set of cards. The funny thing is: Before that incident i was contemplating about moving to a more modern bank which offers an app...

Normally I’m quite good about these things, but this was too much.

I had to go to an AT&T store, port my phone number to a different iPhone, restore from an iCloud backup using the SMS 2FA, and then I could finally log into 1Password for my passwords and MFA.

If I didn't have a memorable iCloud password this would have been impossible without the 1Password recovery paper.

Devices are often lost/stolen on vacation where the myriad layers of protection are extremely hard — if not impossible — to penetrate.

It would have been a pain and we would have made you jump through all kinds of weird hoops and I would have to be personally involved… but we’d have gotten you in.

After 21 years of this we’ve seen all of this - customers die, people are in comas, admins get fired… we’ve helped everyone and treated them like human beings.

And yes - it does cost a bit more than backblaze.

This is the entire impetus behind Uno's productized Shamirs Secret Sharing recovery scheme: https://www.uno.app/blog/replacing-passwords-with-people. Our bet is that, like the author questions in the OP, for most people with a trusted network of friends and family, the main threat vector is not hackers and nation states trying to take over their digital lives, but rather nature, age, and accidents, etc. And that social redundancy is an acceptable risk in order to mitigate the tendency we have to want to be our own single point of failure.

The solution here is pretty simple: learn 2-3 strong passwords. Definitely learn the strong password for your password manager and a primary email account, that you can usually use to reset the password to all the other accounts anyway. And don't use 2FA for those. I only ever use 2FA if it is enforced by a service. The real danger of not using 2FA is in your password being stolen. (Using strong passwords protect against brute forcing them.)

Also, about the hypotheticals: offline IDs (like passport and ID card) should be relatively easy to get hold of and once you have those you can have your bank account back. You obviously don't need to know your bank account numbers (that's not a password) and you can't fake your mother's name when you submit your data to a bank (because that's part of your ID information and it's almost certainly in your ID document anyway). Otherwise yes, use a random string whenever stupid sites ask for 'password reminders' or security questions.

EDIT: fix typo.

- store important information - have human processes to get you access if needed

Imagining someday I go on vacation and valuables are stolen, including that disk. Now that friend’s supposedly personal data is compromised, as of course they would set a lower protection on something that is supposed to be used during emergencies.

Same if the disk gets corrupted because we didn’t realize it’s stored next to the fan, and 2 years were enough to have an impact.

Or we lose it when moving but nobody realizes the loss.

So many weird scenarios, I’d feel more confident if they gave me their kid to raise for 5 years.

I suppose your point is, nobody should live a life where they can’t trust someone to keep that pdf for them, but it feels to me like solving a technical problem through social means. That’s a fresh take, but it also relies on so many assumptions.

To note, our banking system is well part of our digital life. Europe has already a flurry of “real” banks that have no physical presence, and after a catastrophic loss you’ll need that access to your bank as soon as possible.

A particularly intense house fire could exceed the parameters of one's safe.

When my dad died we were glad that he had most of his passwords written down. There are a lot of things like the electric bill that we didn't know if he had paid yet or not, and other bills that are entirely paperless that we have have no idea about. Mom would hate to have something not paid just because we didn't know to pay it. There is a lot of paperwork to get access to accounts after someone dies and that takes time. (dad donated his body to science so that added a couple months before we could even start the paperwork)

Unfortunately there was one account we knew he had (because it showed up in quicken) and an IRA with most of his money, but it took us several months to figure out what bank it was at. Please don't do this to your family: write down all your accounts and their passwords in a safe place that someone trusted will look. (I need to take my own advice)

It isn't though. Access to your digital resources is vital to recover from the loss. You need an e-mail address to arrange contractors, you need your contact list to reach out to friends for help, you need access to your bank accounts, your cloud-stored scans of your ID cards, ...

I wish there was an exam you could take that would get you a "computing license" that you could show to bypass a lot of this stuff.

Rest assured, this situation probably sounds as bizarre as it felt. Randomly forgetting something I type every day isn't something I had considered a possibility until then. Maybe a password without as many non-alphanumeric characters would've aided in avoiding this situation, but I get the feeling it could've happened with any muscle-memoried password.

If you use Google as your identity provider and Gmail as your recovery (or registration) email for every online service you use, it's a big problem.

Remember: you don't remember all those passwords (if you do, they are probably weak) so you need the recovery email. But you cannot access your email, because you lost both your phone and 2FA to log in elsewhere. So it's not just Gmail, it's every online thing you use.

But maybe you don't use Google and Gmail like this. Maybe you have a separate username/password for every single online thing. Ok... what were those passwords again?

You might be doing everything right, but perhaps your vendor's database gets breached, and your plaintext password for Adobe gets posted on the darkweb. So if someone sees that your plaintext password is "1a2s3d4fAdobe5g6h!", they might then infer how you "construct" your password, and then go try logging into your Amazon account with the same email address and "1a2s3d4fAmazon5g6h!" as the password.

It activates the “I was just assaulted” empathy regions of my brain. Seeing that it was fake was like, oh, not assaulted, just lying for literary effect. Okay.

Like everyone else, I’m glad they’re ok, and didn’t have to suffer through this.

Years ago, when I was in university, I had a couple of machines in my room running FreeBSD with full-disk encryption. These machines were powered on for a few months without reboots until one day when the power went out.

Having not typed in the password in months, and at the time using the kind of passwords consisting of long word with a lot of numeric and symbolic substitutions, I was unable to decrypt the disks of my machines.

I lost a fair bit of data that day, but it taught me a valuable lesson.

These days, any passwords that I use for full disk encryption I make sure to

1. Regularly use. Meaning I’ll reboot machines and retype the passwords on a regular basis. Likewise, I connect external encrypted disks on a regular basis and decrypt them with their passwords.

2. Use pass phrases with many words but without any numbers or special characters. See also https://github.com/ctsrc/Pgen

(For websites etc I use a password manager.)

I use two tiny credit unions and each of them offers an app.