Password Planning for the Digital Age

In life, passwords serve as the keys to our digital kingdoms, guarding everything from cryptocurrency accounts to social media profiles and personal media archives. In death, these same passwords can either unlock a seamless transition of digital assets or build an impenetrable barrier that frustrates family members and executors alike. The challenge lies in striking a balance between security and accessibility, ensuring that digital assets do not become digital liabilities when the inevitable occurs.

Given the complexity and novelty of cyber succession planning, we advise our clients to take these proactive steps to ensure the longevity and legacy of their digital assets. 


A digital legacy plan is a non-legally binding document that outlines how digital assets should be managed and accessed after death. The plan should include:

  • A detailed inventory of digital assets and their corresponding login credentials. This should include everything from news subscriptions to email accounts, accompanied by relevant dates.
  • Clear instructions on how each asset should be handled — be it transferred, archived, or deleted.
  • Designation of a digital executor.

It's crucial to work with legal professionals to ensure the digital legacy plan aligns with the overall estate plan and complies with existing laws. Remember to regularly review and update your document to reflect new assets, account closures, or changes in digital platforms or subscriptions. This also includes updating who has access to your password management solution software. 


Appoint a digital executor — a trusted individual tasked with managing and executing the digital aspects of the estate plan. This role involves accessing, transferring, or closing online accounts as per the estate plan's directives. The digital executor should be technologically savvy and fully briefed on your family's digital asset management strategy.


The paradox is clear: robust passwords are essential for protecting assets against cyber threats, yet the same complexity can render accounts inaccessible to intended heirs. Password managers like NordPass, LastPass, and 1Password are helpful tools for generating and storing encrypted passwords and access credentials. Yet, as useful as they are in life, they can be cumbersome in death. Make sure your password manager has been set up with emergency access protocols for designated individuals. 

The same goes for authentication methods. Hopefully, most of your sensitive accounts have multi-factor authentication (MFA) by now. It is crucial to store your backup codes somewhere safe, preferably in more than one location and medium. Aside from post-mortem preparations, this will be a lifesaver in the case of a lost or destroyed phone. Remember to include your phone and computer passwords too. 

Every week seems to bring a new data leak, which is why we recommend changing your passwords every three to six months. As long as the digital legacy plan provides access to your password manager, this shouldn’t be a problem. But if you prefer the traditional pen-and-paper method, we recommend keeping an up-to-date log sheet with login credentials, passwords, and detailed cryptocurrency instructions in a safety deposit box or home safe. 


For email, digital storage, social networks, and phone accounts, setting up a legacy contact is advisable. Facebook, Apple, and Google offer features to pass on account access to a proxy. The reality of death is not reserved for the retired, however, which is why it’s important that your children have an access roadmap too. Start the conversation by suggesting a non-intrusive memorialization process. Depending on the way it’s been set up, social media passwords can be sent to a proxy after six months of no activity, enabling family members to shut down the account or access treasured photos.


Inform all relevant family members and the appointed digital executor on the importance of digital asset management, your intentions and wishes, and the procedures to gain access to your cyber roadmap. Awareness and understanding are key to ensuring that the digital estate plan is executed smoothly and securely – without any frustrated shouts of “open sesame.” 

While it’s wonderful to have a detailed digital inventory stored safely in a fireproof box, your family must (1) know you have it and (2) how to access it. It’s advisable to have a “smash in case of emergency” instruction for heirs, especially if they need access to important accounts before the estate is settled. This can be etched on a piece of metal in your office or a QR code they can scan. Years ago, one of our clients followed a simple sticky note instruction to “Call Brent” and we got the ball rolling on the investment side. 


During all the talk about cybersecurity and digital risk management, we’d be remiss to leave out protocol around AI and deepfakes. How this will play out in the long run remains to be seen, but in the meantime, we suggest deciding on a family password or key phrase that will authenticate key individuals in sketchy impersonation scenarios. Try to avoid pet names and not to use any words that are easy to deduce from your online presence. 


In our increasingly digital world, proactive planning is essential to ensure your online assets and digital footprint are properly managed and transitioned according to your wishes. Failing to address this critical aspect of modern estate planning can lead to frustration, loss of valuable data, and unintended consequences for your loved ones.

At SANDSTONE, we have extensive experience guiding clients through the multifaceted complexities of financial planning. If you're interested in learning more about how we can help safeguard your digital assets and ensure a seamless transition for your heirs, we invite you to schedule a consultation and one of our portfolio managers will be in touch. 

Your Page Title