alt Hacker NewsThis kind of thing, widely implemented, would be a game-changer for dealing with assets after someone's death! I maintain my family's IT infrastructure (Google Enterprise admin, webserver etc) and I've been tempted to write down 1/4 of my password manager root password and give it to each of my family members - but then we run into the problem where if any one of them loses their shard, it's unrecoverable. Some kind of ECC would be great - ideally where I could print it out onto various bits of paper with a user-definable redundancy, or better still, some kind of reciprocal system where (say) 8/10 members of a trusted friend group/family ring could unlock any other member's password...
Replies
Shamir secret sharing is the cryptographic thing that you want. You can can configure any M of N to be needed to recover the underlying secret.
(If you have a trusted third party, you can also enforce a cooling off period: e.g. that any attempt to access results in a notification to the account holder that if not denied within some time period, access is granted)
We care about this porblem and are actively working on it, like the OP we also settled on shamirs secret sharing with a time lock mechanism.
However, there is still the issue of the service provider going offline or out of business which we don't have a solution for yet.
We have started with a good password manager and will be adding digital inheritance/social recovery soon! [0]
Take a look, thoughts and feedback welcome.
You can give your password, or part of it, to your estate lawyer to attach to your will.
This is obviously more cumbersome, and probably costly, if you intend on changing your password. I guess you could change the part of it you don’t store with them.
yes! I am starting to do some planning on that myself, that's why I'm in that kind of mindset. If you know more people in this space, please share this with them! would love to get feedback
Something along the lines of reed-solomon codes could work for you:
If you want to share your password with M family members such that you only need N to agree to recover the original:
Split your password into ordered chunks.
Make a polynomial p, of power N where the p(1) = chunk1, p(2) = chunk2, ...
Evaluate the polynomial at M other points: p(N+1),p(N+2)...
Gives those M new points to your family along with their index (+1,+2,...).
If less than N family members get together, they will not be able to figure out the password much better than guessing. If N get together, they can interpolate their points to form the unique polynomial which will match p. Then evaluate p at p(1),p(2),... to get your original password.
If you put the whole password into 1 chunk, and pad the polynomial with random extra coefficients or points to make the polynomial of sufficient degree, then they get literally no information on the password without having at least N cooperate. If you make multiple chunks then they can do a little correlation between the chunks without knowing the whole thing.
This is sufficiently simple you can even work this out by hand without a computer, though it would be somewhat tedious.