What Do I Do With All These Passwords?

Living in the digital age certainly has its advantages; weather, news, and restaurant menus are at your fingertips instantly. And yet, there is always a trade-off.

With more and more companies providing online billing and electronic statement options, we are all confronting the same dilemma: how on earth are we to manage all these passwords? Essentially, you have three options: (1) memorize them, (2) keep a handwritten list, or (3) use a digital password manager, sometimes referred to as a “password keeper.” In this article, we will address each of these options to help you figure out which is the best fit for you.

Option 1: Memorize Them

Even if a person has the time and energy to develop a memory palace for each password, the tendency in relying on memorization is to choose short and easy passwords, or use the same password across multiple accounts. Using easily guessable passwords for multiple accounts is an inherent security risk. Additionally, when you die, those passwords die with you, and your loved ones will likely have difficulty accessing, managing, or shutting down your accounts. This can have a significant impact on the administration of your estate. Your trust document should have a provision allowing your trustee to gain access to your digital accounts at your death. However, Generations clients with older trusts may not have this power included in their trust document. This is another reason why it is important to schedule a trust review.

Option 2: Keep a Handwritten List

Although a list can be securely located, such as in a safe or safe deposit box, there are two fundamental problems. First, if the list is lost, or unable to be accessed (the key or combination is unknown), the list really did not do its job. Second, and probably the more common issue, is a handwritten list is difficult to keep properly updated. If you reset your password from the office or while you are on a trip, but your list is in the gun safe at home, are you still going to remember to update that list as your first order of business when you get home? An outdated list is also unhelpful for family members.

Option 3: Use a Password Manager

Password keepers like Bit Warden, LastPass, etc. use one “master” password to unlock a digital password vault. The user can store an unlimited number of passwords and usernames for various accounts, then simply securely store the master password. Although there is always the concern of online security, companies like these have the advantage of putting considerably more resources toward security and defense against online security risks than individual users. They also provide random password generation to allow users to create absurdly complicated (and therefore less guessable) passwords, which can then be stored in the vault rather than needing to be memorized. The vault can easily be updated from anywhere in real time, should any passwords need to be reset. The general outcome is that the list is compiled of highly secure, up to date passwords, which are not duplicated across online accounts.

Putting it All Together

Our general recommendation, of course, is to use whatever method suits you best, taking into account all of these considerations, and to ensure that your agents will be able to have appropriate access to digital accounts in the event of your death or incapacity. If you have few passwords, memorization may work well. If you have several online accounts requiring passwords but prefer not to entrust your passwords to a third-party tech company, a handwritten list might be the best solution. If you prefer to organize things online, a password manager could be the answer. We also recommend that you check your Power of Attorney document to make sure it grants access to your digital assets and electronic communications, to ensure that your agent can access your online accounts in the event of your incapacity. If you have questions about whether that is listed in your Trust and/or Power of Attorney, just give us a call.