💾 Archived View for juliette.zone › gemlog › password-manager.gmi captured on 2024-12-17 at 09:35:12. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-08-24)
-=-=-=-=-=-=-
Posted on 2024-07-18
I grew up with several people in my life dealing with identity theft and online banking debacles, and frankly I wanted nothing of it. For several years now, I've been using a password manager (among other things) to raise the odds that my accounts stay mine. Not trusting online services that handle the complicated bits for me, I set up my own cloud server with my KeePass file synced between my various different devices. In that time, I haven't really had a problem. I can manage a server decently well, and new or reset devices can quickly be reconnected with credentials copied over from whatever else I have available in the meantime. From outward appearances, it's a system that works for me and has given me some peace of mind that a breach on one site doesn't mean a breach on everything else.
I've been thinking more and more, though, about how the ways this kind of practice will fail catastrophically. I don't mean technically, like someone gets the password database and cracks that (although it would be scary), but how big life occurrences could leave me in a situation where I wish I had a smaller number of passwords that could live in my head.
To start small, let's say there's a fire in my home and all my regular devices with the password database are destroyed. It would still exist on my server and in remote backups, but these are services I use my password manager for! I, frankly, do not want to think about how much of a nightmare it would be to reestablish access to those without my private keys or passwords handy. Thankfully, there's an easy solution: keep backups of all of those things in other trusted, accessible physical locations!
But access to a place isn't permanent, and it being one I do not directly manage opens up the door to well-intentioned errors. Let's say I rent a deposit box or ask a friend to keep copies of these things, just in case. Let's also say I have a life-altering event that takes me out of my routine for months or years, like a serious injury or prison term. This case is specifically motivated by those stories of people who complete prison sentences and find their email accounts have been deleted for inactivity. Anything I pay a regular fee towards, such as that box or my server rental, would have lapsed and been deleted. Trusted people easily could misplace physical storage or a digital file, especially if anything disruptive happens in their own lives, like a move.
That situation is a bit harder. I don't have amazing ideas for this, except to make multiple backups in hope that one makes it through and I don't find myself shut out from everything digital, or at least whatever is left after a period of inactivity and missed bills. Ideally, none of those things ever happen.
What happens when I die, though? I'm young and (to my knowledge) healthy, but those are extremely transient categories. Presumably, some of my digital stuff would be useful to my loved ones or next of kin. Photos, certainly. Emails, maybe. I don't know what would be useful, and the system I've set up to make sure all of these things can't be accessed by anyone who isn't me really clashes with the reality that some day I will not be around and someone else will need to dig into this. And what about the stuff that's not in the password manager? My devices are all encrypted and those passwords live in my head.
These are very solvable problems, but they're not the ones I thought about when I was in my late teens and early twenties. The password manager is extremely useful, but there are whole families of problems that it does not begin to address and may even aggravate. It's interesting to me how my perspective has changed over these years. Anyway, all of these are just new tasks for me to get into when I have the time and strength to think of all the morbid possibilities and certainties I should plan for.