Author

Topic: [Postmortem crypto plan] : making sure my wife will know what to do ! (Read 591 times)

full member
Activity: 196
Merit: 295
W̔̆̌̏͂͑ͦͧ
When those will be ready I will get a few of them to add to my collection of items to store in my vault.
With those there would be  less risk of mistakes  and/or mismanagement for an inexperienced user (my wife !).
It could also allow her to sell some coins for a quick cash (to settle the estate for example)  without having to do any technical stuff or moving the bulk of coins.



What is Coldkey ?
It is a cold storage wallet card. Each Coldkey is denominated in crypto and comes with that amount loaded onto it's key.
Coldkey cards have several security features that makes them very difficult to counterfeit and tamper with.
Coldkeys cards are also collectibles. Each of them is serialized and authenticable in an unique way.


(an early working prototype)
Any cons about those ?
full member
Activity: 196
Merit: 295
W̔̆̌̏͂͑ͦͧ
Ok then, after a couple of months time to review my own set up.
I've been given amazing tips by this community.
I have decided to remove all the part that would be too hard for my wife  and go for an hybrid of solution.
I believe that i have a working solution.

It may not be perfect but it is a solution that works in the event of i die or become incapacitated.
This is not yet a solution that is "$5 wrench proof" yet.








Storage and transmission after my death or if my house is destroyed by fire

Where are my funds ?
They are on a nano S ledger.

Where is the nano S ?
in my home in a safe.

How much $ is stored  ?
just a few hundred $ that will becomes millions in 10 to 20 years (maybe)

(rule #1 of crypto  : you don't talk about crypto)

Does my wife know the safe's code  ?
Yes she does.


Does she know the ledger passcode ?
No she doesn't

Then, how does she get the funds ?
She waits for me to die or be incapacitated, then gain access to a safe deposit box in an underground vault that is on a different island.

When she goes to vault what will she find ?
She will find on a piece of paper the passcode of the ledger.
She will find explanation on how to use it, how to install all the wallets.
Alternatively her brother is now a crypto fan as well and owns one. He will be able to do everything.
And since he is family one can hope that she is not going to get conned/scammed.

What if the paper has been damaged ?
The paper is in a small sealed zip bag. I have written with a pencil. .... also read below, there is more Smiley

What else in that vault ?
There is a second ledger already working and set up (same seed).
It is kind of like a redundancy in the event that the one i have home is not working and that she can't find one.
There is the seed of the ledger, that seed is written on a piece of paper (in a zip bag).
I've been a little bit over the top and decided to "stamp" the seed on a copper sheet.

I inspired myself from this picture :




And i made my own stamped seed. For obviously for security reason i can't show you my piece of art.
But i can show you this "trial" i made  before doing my own.

Tadaaaaa !!! :


As you can see, there is some kind of patina, I like it this way.
I've reused some left over copper sheet from a mate of mine, he uses them for bespoke furniture.
See the back, it is so cool.


No risk of the copper to become rusty of get damages over time (well at least in our lifetime).



Ok then, what else in the vault ?
There is super long password that connects to my "lastpass account" (see below) - the password is on paper and on copper as well.

What is on last pass ?

I have secured notes written in plain easy english on how to connect to every single account i have (Binance, poloniex .....)
There is also the 2FA master key for each website / email / account.

Example of secured note :

Code:
NEW 

This address is 150euros received as a xmas present from my parent december 2018

Public key = 1K9utoAy3U2Mjqn9rYtzPQTj636EKW5EeZ

Check balance =  https://blockexplorer.com/address/1K9utoAy3U2Mjqn9rYtzPQTj636EKW5EeZ
----------
Private key (do not share)
key = Kwbiqhvvvvvvvvvvvvvvvvvvvv
END



How to update lastpass ?
Lastpass  is updated on a monthly basis using the super strong password ( something like this one : %$450i#43WELLY!JEMAPARO#1945@CAT)
That generate about 98bits of entropy or 144bits (depending if i check here : https://ae7.st/g/test.html  or here : http://rumkin.com/tools/password/passchk.php)

Where is that super strong password to connect to lastpass?
It is too hard to remeber it. So i have put it is on a hidden USB key somewhere on the property (no one know where it is).
That usb key is protected with a LUSK linux encryption ( a long password but easy for me to remember)
But technically on the Lastpass there is not that much money.
Tips to anyone :  never leave large sums on exchanges (Refer QuadraCX and others).



So let's sum up.
I die, she goes to the vault, she has a working ledger with the passcode. She has help/assistance for all steps (her brother). If the ledger is not working, she can use the copper seed to import in a new device. She also has access to my lastpass account where she can access my online life (facebook, crypto exchanges, encrypted laptop, email accounts, 2FA ....)



So, what do you think ?

No more usb that will fail long time, no more encrypted usb key, just a seed and a password in an underground vault.

Cons : In the very unlikely event of a war the vault may be compromised. But since i have access to a ledger with the same seed, i can just transfer the coins to a different seed.


full member
Activity: 196
Merit: 295
W̔̆̌̏͂͑ͦͧ
~snip~
Cheers mate.

I am trying to write a tutorial for best practice and also to check that my coins are safe from hackers but also safe from being lost if I die.
Well, very complicated stuff for your wife probably. This is biggest danger in solution number 1. So many steps involving linux, smartphone (which tend to fail often) i hope she knows what you saying and not pretending Tongue
Second solution is too risky also, you using some not known software that you don't understand for sure. Too risky for long term storage.
Third thing, "how to store a USB key for 10 years ?". You can't keep anything USB related for 10 years because flash memory can get unreadable in 8 years around without using it in that time.

See why this problem of long term storage is actually big? It can't be too complicated yet it must be safe in huge amount of conditions.


Thanks for the feedback. I was due to come and give an update on my solution.
You are right, the biggest risk is to make things too complicated.
I have made it simpler but nonetheless working.



The plan is incredibly elaborate what you now need is to find a way to put it down in writing so that your loved ones know how to execute the plan. You have discussed it with your wife and relatives, but would they remember it when the time comes?

Pamela Morgan is an expert in this area. Do check her posts out on Medium: Pamela Morgan

These are two posts which we found very relevant.

Letter to Loved Ones: a template for your crypto estate planning
Inheritance Planning for Cryptocurrencies: 3 Steps in 3 Minutes

Cheers

Thanks, this is good reading material.Cheers.

I will be updating my initial message
cheers to all
full member
Activity: 168
Merit: 214
WhoTookMyCrypto.com
The plan is incredibly elaborate what you now need is to find a way to put it down in writing so that your loved ones know how to execute the plan. You have discussed it with your wife and relatives, but would they remember it when the time comes?

Pamela Morgan is an expert in this area. Do check her posts out on Medium: Pamela Morgan

These are two posts which we found very relevant.

Letter to Loved Ones: a template for your crypto estate planning
Inheritance Planning for Cryptocurrencies: 3 Steps in 3 Minutes

Cheers.

legendary
Activity: 2296
Merit: 1014
I am trying to write a tutorial for best practice and also to check that my coins are safe from hackers but also safe from being lost if I die.
Well, very complicated stuff for your wife probably. This is biggest danger in solution number 1. So many steps involving linux, smartphone (which tend to fail often) i hope she knows what you saying and not pretending Tongue
Second solution is too risky also, you using some not known software that you don't understand for sure. Too risky for long term storage.
Third thing, "how to store a USB key for 10 years ?". You can't keep anything USB related for 10 years because flash memory can get unreadable in 8 years around without using it in that time.

See why this problem of long term storage is actually big? It can't be too complicated yet it must be safe in huge amount of conditions.
legendary
Activity: 2408
Merit: 1442
I link here a new thread, remaining in 'security' theme.

I thought it might interest op (cestmoi). This time, it is about protecting assets and passing on knowledge and instructions to relatives in case of disappearance. I hope this will not help anyone! : P

https://bitcointalksearch.org/topic/m.50077673
member
Activity: 700
Merit: 14
Try looking for a USB that is almost proof of anything like water-proof, magnet-proof and shockproof. I dont suggest you put them in a safety box because thieves are commonly attracted to it as it is mostly where all the goodies are stored.
legendary
Activity: 4354
Merit: 3614
what is this "brake pedal" you speak of?
      if you are going to be storing stuff like passwords, scans of important documents, things in any particular storage or encryption format in data files etc. i mean in addition to just paper/steel with seeds on them.

      somewhere in your vault you should include as much information about the format and version numbers of all software/encryption you used on any files she needs to access. also a cd/dvd of archive quality plus a usb stick and and actual usb hard drive of all software you used. that way versions match and she can load the actual software version you are using. maybe an operating system image too or at least the iso of the OS installation media. who knows what software will still be around and how backward compatible it will be when she needs it. there may be quirks specific to the particular version of the some software used.

      USB drives fade with age. hard drives not so much but are susceptible to magnetism/moisture. iow each has strengths weaknesses which is why i include both, as well as archive quality optical media.

      this strategy applies to any scenario where you need to preserve electronic data. perhaps she has access to data files later than whats in the vault. she needs to have all software needed to access it.


      Thanks for the feedback, I did purchase 3 USB key and wrote on them 1 / 2 / 3
      Number one was supposed to have a plein text with a tutorial.
      Number two was a live USB of linux mint
      Number 3 was LUSK encrypted (password on a paper / and or at the lawyer / Will) all the needed software, the wallets I have been using and the data base.

      I think I will stay away from the USB key storage, I will also pass on the DVD, looks better for long term storage but not as easy to use and update.
      I think I will move toward a could base encrypted data base.
      See my message below the line.

      archive quality optical media can be a pain. but it has attributes that both hard drives and flash drives lack: no moving parts and no electrical charges that fade.

      and if using any flash based media that can fade: may i suggest several usb thumb drives for each category for redundancy, ie three copies each of the one, two and three drives you mention above. so in your use case 9 thumb drives in total. use several different brands.

      i prefer all three formats as the odds of at least one of the three types surviving is obviously better than just one format.

      also, i typically have three levels of backups.

      • daily: done to local NAS via script. NAS is RAID 1 or better
      • weekly: done to local removable hard drive. manually initiated and the drive is otherwise unplugged to protect against virus and power surge/lightening strikes
      • monthly: manually done to several separate rotated removable hard drives with at least one always being off site. otherwise they are unplugged for the above reason. protects against your house being totally destroyed.

      i do the archive dvd whenever i get around to it but at least one initial copy is recommended. i just keep all the old ones, with several off site.


      • The master password will give access to my lastpass  password manager. On last pass I will have all my passwords, my 2FA keys and some general text for her to read.
      may i suggest not keeping passwords and 2fa codes in the same database. use separate databases with separate passwords. so if one is compromised it is more or less useless without the other, just in case one a database (a current local working copy) gets into the wild and is compromised. i have seen a thread here where access to one database with everything spelled doom to the owners crypto.
      full member
      Activity: 686
      Merit: 125
      Actually your problem could be arrange. You do not talk about legal matters? This is the best way for you to solve your problem. You can talk to your lawyer with your wife and other parties concern about your assets that includes your cryptocurrency. OP, you should not worry too much after your death or any situations that will affect both of your properties or any things that important to you. Life is just too short so enjoy it and spend quality some time with your wife and to your family and every thing else will going to follow.

      Just bring your problem to legal matters OP. Lawyers were very good at it and will definitely help you to solve your problem. Good Luck OP hope to see your problems solve.
      legendary
      Activity: 2338
      Merit: 10802
      There are lies, damned lies and statistics. MTwain
      <…> I already tested once my recovery system when I put 3 wrong pin in my ledger nano S. I used the paper seed to rebuild it.<...>
      <…> I know that she will be able to access those coins, without any fear of being hacked.<...>
      You’ve certainly taken it seriously, as you are obviously protecting more than 2 cents worth of assets. The only point other that may be interesting to test in addition, from time to time (in a fire drill sort of manner), is the actual recovery performed by your next of kin (to test the "here today gone tomorrow" scenario).

      Now ideally it would be done with a near to real set of elements that you have, in order to make sure that your next of kin knows how to go the whole way to recover all types of protected assets that you have. Some things could be emulated to simplify slightly the process (i.e. probably no need to go physically to the real vault to retrieve the assets, engraved seed can be a paper emulation for the drill, pointing to a test set of crypto assets), and even the assets could be real but a watered down version of the actual values.

      It would take some time to prepare, some cash, and care not to mix anything real with test case material, buy you do seem to be very into healthy safety standards, and the "full" recovery hands-on drill by your next of kin would be an interesting feature to add to the procedure.

      Edit/Note: Ledger has unveiled Ledger Nano X, the new version to be available during March 2019 (see re: best wallet??).
      legendary
      Activity: 2310
      Merit: 2073
      Once you have answered all the questions and suggestions from forum members, I understand that you have provided everything. I liked your reasoning very much. This topic can be used as a guide.
      full member
      Activity: 196
      Merit: 295
      W̔̆̌̏͂͑ͦͧ
      Thank you all for the answers,
      Below the first line, I have quote each answer and replied to it.
      Below the second line, those are my next steps and further questions.
      Cheers




      Comments / reply to your messages :


      I can't comment on your cloud storage solution, because I keep literally zero data on the cloud. I simply don't like other people having access to my data, even if it is encrypted.
      Indeed it is not ideal, but I am yet to find a solution that allow me the flexibility of updating data, accessing it, and storing all being super safe.


      Storing the USB and the password together (obviously)
      Storing the seed on paper - ink fades, paper degrades, vulnerable to water, fire, etc. Consider changing to the seed inscribed/engraved on a piece of metal.
      Yes I will do that, I will also get a paper punch, good quality paper, and store it into a sealed bag.

      Regarding the metal plate, I did find this product, it appears to be the good versatile solution : Crypto key Stake . it is 70$, I will order one in the next few days.





      My wife has 0 knowledge about crypto / computers... I need to find easy solutions.
      Step 1: talk to your wife! Make sure she understands the important things, and doesn't instantly get scammed if she ever needs to recover funds.
      Yes, job done.
      The good thing Is that her brother (my brother in law) is quite tech savy and knows about bitcoins and wallets. He has a ledger as well and use almost the same recovery software as I do.
       (But he doesn't know my quantity of crypto, he doesn't know any of my password, and he is not approved to enter the vault to access my box, he is totally locked away from my coins... he is family but we are never too cautious).

      Quote
      Next problem, how to store a USB key for 10 years ?
      What if the guy above me (in the vault) is storing a huge magnet, or a meteorite that is highly  magnetic.
      As far as a know, a magnet isn't a risk for a USB stick. However, in 10 years, I wouldn't trust a single stick to still work.

      If you don't trust paper, ink and electronics, why not just get a letter punch?
      Yes I will get the metal engraved plate described above.

      I still haven't found the right balance between security and accessibility.

      Glad to see that i am not the only one Smiley
      Thanks heaps for the feedback.

      if you are going to be storing stuff like passwords, scans of important documents, things in any particular storage or encryption format in data files etc. i mean in addition to just paper/steel with seeds on them.

      somewhere in your vault you should include as much information about the format and version numbers of all software/encryption you used on any files she needs to access. also a cd/dvd of archive quality plus a usb stick and and actual usb hard drive of all software you used. that way versions match and she can load the actual software version you are using. maybe an operating system image too or at least the iso of the OS installation media. who knows what software will still be around and how backward compatible it will be when she needs it. there may be quirks specific to the particular version of the some software used.

      USB drives fade with age. hard drives not so much but are susceptible to magnetism/moisture. iow each has strengths weaknesses which is why i include both, as well as archive quality optical media.

      this strategy applies to any scenario where you need to preserve electronic data. perhaps she has access to data files later than whats in the vault. she needs to have all software needed to access it.


      Thanks for the feedback, I did purchase 3 USB key and wrote on them 1 / 2 / 3
      Number one was supposed to have a plein text with a tutorial.
      Number two was a live USB of linux mint
      Number 3 was LUSK encrypted (password on a paper / and or at the lawyer / Will) all the needed software, the wallets I have been using and the data base.

      I think I will stay away from the USB key storage, I will also pass on the DVD, looks better for long term storage but not as easy to use and update.
      I think I will move toward a could base encrypted data base.
      See my message below the line.


      this may sound too obvious but you'd be surprised how many people are caught with their pants down later on because unknowingly did something wrong. do a test recovery yourself and see if things work! try decrypting what you encrypted before, import the seed, try seeing if you can get the same addresses,... and see if it actually works. I have seen people that wanted to recover their seed (even the not encrypted one) and be unable to because they wrote down a word wrong.

      I also like the letter punch idea posted above, basically any form of engraving letters on metal. just remember to encrypt it first.
      Yes totally agree with you.
      I already tested once my recovery system when I put 3 wrong pin in my ledger nano S. I used the paper seed to rebuild it.
      I have a second nano S in the vault that is already built with the same seed, the pin is on a paper next to it.
      I know that she will be able to access those coins, without any fear of being hacked.



      <…> But if I want to buy a Trezor and send all my crypto from nano to Trevor, I then need to back up and put to a safe place the new seed of my trezor.<…>
      You can use the same seed of your current Ledger Nano S to restore to a Trezor device (or clone it on to another Ledger Nano S as I have). From what I’ve read, when restoring the Ledger Nanos S seed on to a Trezor device, there seems to be a fuzzy thing: The ETH in each device seems to use a different derivation path, being (m/44'/60'/0') on Ledger and (m/44'/60'/0'/0) on Trezor (it includes the "change" path of the BIP44 specification). MEW connected to the hardware wallet lets you change the derivation path, but not all Etherum based wallets do, so it looks like an awkward feature when importing the seed on one of the hardware devices into the other.

      I haven’t personally tried Ledger Nano S to Trezor migration though, as for now I prefer using my two cloned Ledger Nanos S devices.

      Wow !!! thanks so much for the info, I will do a little bit more research about it as this is very useful to know.
      I already clone my ledger (see answer below), but using it into a tremor and the other way around it good !
      It makes sense, but still it is cool to know that they rebuild the "wallet" the same way from the same seed.


      I liked the idea of engraving encrypted keys on a metal plate. But maybe your wife won't be able to recover the data if, as you say, she doesn't know anything about cryptography. Maybe you need to teach her cryptography. If she doesn't deal with the recovery, she can ask for the help of the scammers.
      She will have access to a good chuck of my coins on the ledger ( I have one at home in the safe, and a copy in the vault).
      the rest will be explained to her via data in the vault.




      My new thoughts, my new systems, my new questions :


      After reading comments and spent the night on it, here are my updates / thoughts.

      • I talked to my wife, she knows where the vault is, she knows where the vault key is (one hidden at home, one with a friend) and she knows that she can access the vault with a death certificate.
      • The vault will have the seed of my ledger on a metal plate (link to the product)
      • The vault will also have my lastpass master password (engraved), something with 70 to 100 entropy. That password shall only be entered once on each computer I own.


        I have tested a similar password to mine on this website : http://rumkin.com/tools/password/passchk.php
        This is the result : submarineTYGHVDSA2018
        Code:
        Length: 21
        Strength: Strong - This password is typically good enough to safely guard sensitive information like financial records.
        Entropy: 97.4 bits
        Charset Size: 62 characters
        => I am thinking of adding one extra word and a couple of special characters ( / ? ! @)
      • The master password will give access to my lastpass  password manager. On last pass I will have all my passwords, my 2FA keys and some general text for her to read. Basic explanation and stuff. Last pass will also have the ".data base" file from KEEPASS. This file will be updated from time to time (from my linux computer) with new seeds or sensitive info. I will also upload the correct software version.
      • the ".Key" file will be in the vault on a USB key (not ideal for long term storage). along with the software installer (same version).
      • I will also have the ".key" file somewhere hidden in the house (and also given to friend for safekeeping) on a USB key LUSK protected. That password will be in the vault.

      Testing of my system :


      • Case 1, I die.
      She goes to the vault with death certificate, she gets the ledger and the pin, it is still working, she has access to funds. It is not working, she has to buy a new ledger and use the engraved seed.
      Using the master password she  gains access to last pass and can read in clear some information about the coins, their value, where and how to spend (believe me, she will learn quick and spend the coins haha !). She gets access to various exchanges, my emails and stuff.
      Because she has access to last pass, she can get the encrypted database from keepass. Its master password is in the vault too.
      Option one, the USB key from the vault is still working, it is all good. She has access to super sensitive data as well (a recent seed that is not engraved in the vault... private keys to some addy for cold storage ...).
      Option two that USB key is dead, I shall write in Lastpass where the "hidden recent USB key" is in the house. No risk of anyone finding it, the password is in the safe. If I gave one to a friend, she can just get it of them.

      • Case 2, I don't die, my house is in Fire.
      Same as above, except that I could do some short cut, if I remember my  master passwords.


      Do you guys have any feedback, comments, warning, improvements ?
      Once I have something I am confident will work, I will update the reserved post in second position and write up some tutorial / tips and give appropriate credit.
      legendary
      Activity: 2310
      Merit: 2073
      I liked the idea of engraving encrypted keys on a metal plate. But maybe your wife won't be able to recover the data if, as you say, she doesn't know anything about cryptography. Maybe you need to teach her cryptography. If she doesn't deal with the recovery, she can ask for the help of the scammers.
      legendary
      Activity: 2338
      Merit: 10802
      There are lies, damned lies and statistics. MTwain
      <…> But if I want to buy a Trezor and send all my crypto from nano to Trevor, I then need to back up and put to a safe place the new seed of my trezor.<…>
      You can use the same seed of your current Ledger Nano S to restore to a Trezor device (or clone it on to another Ledger Nano S as I have). From what I’ve read, when restoring the Ledger Nanos S seed on to a Trezor device, there seems to be a fuzzy thing: The ETH in each device seems to use a different derivation path, being (m/44'/60'/0') on Ledger and (m/44'/60'/0'/0) on Trezor (it includes the "change" path of the BIP44 specification). MEW connected to the hardware wallet lets you change the derivation path, but not all Etherum based wallets do, so it looks like an awkward feature when importing the seed on one of the hardware devices into the other.

      I haven’t personally tried Ledger Nano S to Trezor migration though, as for now I prefer using my two cloned Ledger Nanos S devices.
      legendary
      Activity: 1638
      Merit: 1163
      Where is my ring of blades...
      this may sound too obvious but you'd be surprised how many people are caught with their pants down later on because unknowingly did something wrong. do a test recovery yourself and see if things work! try decrypting what you encrypted before, import the seed, try seeing if you can get the same addresses,... and see if it actually works. I have seen people that wanted to recover their seed (even the not encrypted one) and be unable to because they wrote down a word wrong.

      I also like the letter punch idea posted above, basically any form of engraving letters on metal. just remember to encrypt it first.
      legendary
      Activity: 4354
      Merit: 3614
      what is this "brake pedal" you speak of?
      if you are going to be storing stuff like passwords, scans of important documents, things in any particular storage or encryption format in data files etc. i mean in addition to just paper/steel with seeds on them.

      somewhere in your vault you should include as much information about the format and version numbers of all software/encryption you used on any files she needs to access. also a cd/dvd of archive quality plus a usb stick and and actual usb hard drive of all software you used. that way versions match and she can load the actual software version you are using. maybe an operating system image too or at least the iso of the OS installation media. who knows what software will still be around and how backward compatible it will be when she needs it. there may be quirks specific to the particular version of the some software used.

      USB drives fade with age. hard drives not so much but are susceptible to magnetism/moisture. iow each has strengths weaknesses which is why i include both, as well as archive quality optical media.

      this strategy applies to any scenario where you need to preserve electronic data. perhaps she has access to data files later than whats in the vault. she needs to have all software needed to access it.

      legendary
      Activity: 3290
      Merit: 16489
      Thick-Skinned Gang Leader and Golden Feather 2021
      My wife has 0 knowledge about crypto / computers... I need to find easy solutions.
      Step 1: talk to your wife! Make sure she understands the important things, and doesn't instantly get scammed if she ever needs to recover funds.

      Quote
      Next problem, how to store a USB key for 10 years ?
      What if the guy above me (in the vault) is storing a huge magnet, or a meteorite that is highly  magnetic.
      As far as a know, a magnet isn't a risk for a USB stick. However, in 10 years, I wouldn't trust a single stick to still work.

      If you don't trust paper, ink and electronics, why not just get a letter punch?


      I still haven't found the right balance between security and accessibility.
      legendary
      Activity: 2268
      Merit: 18711
      I can't comment on your cloud storage solution, because I keep literally zero data on the cloud. I simply don't like other people having access to my data, even if it is encrypted. However, a few brief thoughts:

      Storing the USB and the password together (obviously)
      Storing the seed on paper - ink fades, paper degrades, vulnerable to water, fire, etc. Consider changing to the seed inscribed/engraved on a piece of metal.
      Your concern about magnetic fields - some providers offer vaults which are Faraday cages to protect electronic assets. If yours does not, you could look in to buying or building your own.
      full member
      Activity: 196
      Merit: 295
      W̔̆̌̏͂͑ͦͧ
      reserved for updates, credit, questions ...
      full member
      Activity: 196
      Merit: 295
      W̔̆̌̏͂͑ͦͧ
      So, after all the feedback, i have made updates to my system. They are on post #19 of this thread




      original message


      Hi everybody.

      I am trying to write a tutorial for best practice and also to check that my coins are safe from hackers but also safe from being lost if I die.



      This is the problem I am trying to solve :
      How to  transfer the ownership of my coins after my death and/or  recovery of my data/ coins  after a Fire / tsunami / burglary.

      The coins are stored on a ledger Nano S, so I need to be able to save and share my 24 words seed.
      I may also have some coins on an exchange, so I need to be able to save and share my 2FA key, login, password.
      Finally I may also have some coins on random wallets on my linux computer.


      A few information about my situation :
      I live in a safe and developed country.
      I am married and there is no tax on inheritence (so, no I am not trying to dodge taxes, there won't be any).
      I have a small safe at home but I wouldn't store any sensitive information, because it is not water proof / fire proof. And any good thieve can open it in less than 2h.  But I can store in it a USB key, my passport, and some jewellery.
      I only use my linux for the  wallets that are not on the Nano S.
      And I use my Apple MacBook for the Ledger Nano S and accessing my Binance and other exchanges.
      I have a paid antivirus on my macbook
      My linux computer is clean.
      No one knows I own crypto.
      My ledger has 2 passcode, one with 15% of my coins and one with 85% of my coins (in the event of someone robbing me with a gun).
      My wife has 0 knowledge about crypto / computers... I need to find easy solutions.

      My current back up system / recovery  :
      • I have a deposit box in an underground, fireproof vault. Something top of the art that had never been robbed ever. imagine Fort Knox crossed with a Rothschild vault. My wife only gains access to the vault after my death.
      • All my 2FA are on my main phone and also backed up on a second phone in the vault. This works for now, but that phone may not wake up / work in 3 years if I need to access my 2FA again. The 2FA I use is Google Authenticator. I had in mind to switch to AUTHY but after contacting the support they confirmed my that their service is not fail proof and if a hacker clone my SIM card they can set up a new device and get all my 2FA. Well, in theory if they also find my login and password they could go my my Binance and other services.
      • The Seed of my ledger is on a paper in that vault. That paper is in a small sealed bag (to protect the ink).
      • The seeds of my software wallets, my email account passwords, some old private keys are stored on a USB key (in that vault) that has the following encryption:
      • the USB key can only be mounted by a linux and ask for a very long password (USB key encrypted with LUKS https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup).
      • this is dumb, but right now the password is on a piece of paper, with the USB key, inside that vault.
      • the USB key contain the ".key" file and the "data base" file  of my "keepass" https://en.wikipedia.org/wiki/KeePass. I use keep pass to write all the sensitive data I have.
      • the data on KEEPASS has been written from a fresh clean live linux.
      Problems :
      The Vault is not in the same city as me. Imagine 2h flight and $300 return.
      I intend to move away and will be 10 to 12h of this current vault. I could move everything to a new vault in the new country. But I would rather find a solution that let me update my info. With a central physical back up point.
      The distance is not much of a problem for the data that is "fixed" in time (my 24 words seed), old private keys, 2FA to existing accounts ....
      But if I want to buy a Trezor and send all my crypto from nano to Trevor, I then need to back up and put to a safe place the new seed of my trezor.  





      Alternative solution / thinking out loud :

      For a while now I have been using a software called Cryptomator https://cryptomator.org
      But I have just used it to make an encrypted folder on my computer with some random photos. Just to play around.

      I wonder if this could be a solution, using  cloud encrypted (with Cryptomator) storage of the "data base" file of my Keepass.
      Keeping the ".KEY" file as well as the master key  of the Cryptomator software in the Vault.

      I could also have the "data base" file on a few UBS keys protected with  LUKS Password. The password would be in my head and also in the Vault (for my wife). Those USB key would be given to family or relative. The USB keys are useless without the password and the ".KEY" file that is in the vault.

      I would hide somewhere in the house a microSD card  LUSK encrypted that contain the .Key of the keepass software. This is obviously needed every time I want to launch keepass and update the "data base" on Cryptomator as well as creating new USB keys for family and relative.

      Doing so, would allow me to store in the vault the ".key" of keepass and the Key of Cryptomator.
      Both would be needed to recover data from the USB key stored at friends or the data on my dropbox / google drive

      What do you think ?


      Next problem, how to store a USB key for 10 years ?
      What if the guy above me (in the vault) is storing a huge magnet, or a meteorite that is highly  magnetic.


      Do you see any flaw ? any improvement ? any way to make it simpler ?
      Any help would be much appreciated


      I'm calling the badass forum users that are quite tech savvy, any tips for me : @suchmoon  @LoyceV @Lauda (guys, you don't know me, but I've been reading heaps of your posts in META and you guys seems to be part of the helpful lot).


      I'm reserving the next slot for open questions, updates, credit .....


      Cheers
      Jump to: