Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Dead? Hope You Left Someone Your Passwords 562

A reader writes "Looks like if you die, Yahoo won't grant access to family members. I know I've enjoyed reading my grandfather's letters from WWII, this could be a huge loss of history if other ISP's have the same policy." MJK points out that Slashdot has explored the notion of what happens to your data after you die.
This discussion has been archived. No new comments can be posted.

Dead? Hope You Left Someone Your Passwords

Comments Filter:
  • Suggestion (Score:2, Funny)

    by Anonymous Coward
    They should try the password 'b00bi3s'
  • Anything of mine worth reading is already +5 Funny.
  • quick! (Score:3, Funny)

    by niko9 ( 315647 ) on Tuesday December 21, 2004 @05:37PM (#11152553)
    someone contact the BSD family and tell them to leave a post it note of their passwords!
  • by Rorschach1 ( 174480 ) on Tuesday December 21, 2004 @05:37PM (#11152559) Homepage
    My family members are welcome to keep all the emails I've sent them. But my personal mail? That'd incriminate way too many people still living...
    • by DeathFlame ( 839265 ) on Tuesday December 21, 2004 @05:40PM (#11152600)
      Exactly.

      Do I really want my parents seeing emails I've sent my girlfriend [or if you find that hard to believe... some 60 year old man posing as a girl]

      Knowing what I've written, I'm pretty sure I'm happy that they don't get to access such files when I die. Do you want to read erotic messages your parents send to each other?
      • by kenthorvath ( 225950 ) on Tuesday December 21, 2004 @05:55PM (#11152872)
        Do you want to read erotic messages your parents send to each other?

        Are you mature enough to understand that every person has a sexual side and recognize the beauty of such relationships? If so, then stumbling upon such correspondences can pose no permanent harm to you. You may even discover something that gives you insight into the inner workings of a dearly departed. Something that they had not the strength to disclose to you in life, or perhaps that they did not think worth mentioning.

        Those whom we truly love we will understand and accept for who they are/were. Learning about their private side can only help us to celebrate their life.

        I do understand the concern over the effect that such matters may have over the living (affairs, partners in crime, etc...), however criminal matters should likely be resolved anyway - regardless of one's relationship status of the criminal - and personal matters such as an affair can be treated delicately at the discretion of the loved ones who are discovering them.

        • by AviLazar ( 741826 ) on Tuesday December 21, 2004 @06:07PM (#11153040) Journal
          Thats touching, but two things come to mind

          1) Hey hot stuff, I am gonna ride you all night long like a dog in heat

          2) Yes my wonderful lover. Our 30 year relationship, cheating on my husband has been great. He doesn't even realize that my child is really yours.

          While this is worst case scenario - man it would definitly be throwing salt on the wound.
          • While this is worst case scenario - man it would definitly be throwing salt on the wound.

            No, the worst case scenario would be inadvertantly giving up financial information to a relative or acquantance who has no business receiving it. There are plenty of very ugly disputes over estates, ISPs with a total lack of integrity could do a lot of damage in some of those situations.

            Have a clear written policy and stick to it. Make sure the user can understand what will be done with their data if they die. That is

        • Are you mature enough to understand that every person has a sexual side and recognize the beauty of such relationships?

          Are you mature enough to understand that the personal details of somebody's life are for those who are personally involved in it?

          Let's say you're gay, your parents are hardline catholics and they don't know about it, and you get hit by a bus. Your parents go into your email and find out about your boyfriend, who calls two days later only to be called "satan's butt-maniac" who "drove our

          • I will be all too happy that my passwords will die with me. And that may well be before my parents since I have a life-threatening chronic illness. The people who need, or who I want, to know specific not-typical information about me already know that. I would not want an audience not intended for that information to all of a sudden become privy to it upon my death. I may be dead, but they do not have a right to that. That being said, this reminds me of a book I read in a Jewish studies class. I forgo
      • And yet you're prepared to send this stuff as a plain text email?

        A good guide for unencrypted email is *DON'T* send anything you wouldn't want your mother (or any sysadmin) to read.

      • by drunkenbatman ( 464281 ) <i@d r u n k enblog.com> on Tuesday December 21, 2004 @11:20PM (#11155521) Homepage
        When my significant other died, it would have meant all the world for her (much) younger sister to have access to her yahoo account, for two reasons:

        1. things happened suddenly, and suddenly everything left behind by that person was now precious. everything. imagine you're slipping over a cliff, and desperately grabbing at any sort of purchase you can find. it's sort of like that.

        2. she associated that SN with her sister, which they would talk on and email often because her family was in australia. the idea of somehow seeing it in use by someone else was... not sure how to explain this, except it wouldn't be something one would want to experience. yes you can take the person off your messenger, and you can block the list... but it's just the idea.

        I have to admit that I spent hours and hours late at night trying to guess her password, and some other things after yahoo said no, but will also admit i was one of many things I was doing to try to keep my mind busy and off of everything else.

        I do recognize that there is a right to privacy, and that aspects of things might not be healthy... but it doesn't work that way when you're going through it. Your world is upside down, and what is rational and what isn't doesn't really matter. Yes, not having it isn't the end of the world... but seeing one more piece of that person just slip away into the ether, while possibly romantic to a 16 year old, is just a horrid thing to contemplate.

        When you're living your life in your mid-20s, you don't think about throwing your yahoo password in your will for your significant other... or often a will at all. This isn't something I expect a typical slashdotter to understand, it's just how it is... I'll leave it at that, as I'm finding myself way outside of my comfort zone at the moment.
  • so (Score:5, Insightful)

    by ch-chuck ( 9622 ) on Tuesday December 21, 2004 @05:37PM (#11152563) Homepage
    don't keep anything you want to pass on stored on Yahoo! Next problem?
    • Re:so (Score:2, Insightful)

      by xstonedogx ( 814876 )
      Don't keep anything you don't want Yahoo! to own stored on Yahoo!
    • Yahoo! accounts don't lock you out on invalid password attempts do they?
    • Re:so (Score:5, Insightful)

      by SuperBigGulp ( 177180 ) on Tuesday December 21, 2004 @05:51PM (#11152816)

      Um, I think a little sensitivity is called for. The deceased account holder was killed in (I believe) Iraq and was probably too busy doing other things to archive his email to non-volatile storage. And even if he did have time, he was in a f* ing war zone...What in Iraq is not volatile? If you did find something, wouldn't you want to encrypt it somehow in case it was lost or stolen? What would you do with that password/key?

      Maybe wills should include language defining how this type of information should be handled, but for now it seems like Yahoo should step and do the right thing.

      • Re:so (Score:4, Insightful)

        by Buran ( 150348 ) on Tuesday December 21, 2004 @06:08PM (#11153065)
        And then you'll have tons of people begging for access to accounts, and then you have to deal with proof that they're dead, etc. etc.

        And then there's the fact that the guy AGREED to an agreement that says that once you die, no one else has any rights to the data.

        Seems to me if you're that worried about your data after you die, put a copy of the account password in a safe deposit box that your family can access via the terms of your will.

        You do have a will ... right?
      • Re:so (Score:5, Insightful)

        by GlassHeart ( 579618 ) on Tuesday December 21, 2004 @06:11PM (#11153103) Journal
        it seems like Yahoo should step and do the right thing.

        What's the right thing?

      • Re:so (Score:5, Insightful)

        by Jim_Maryland ( 718224 ) on Tuesday December 21, 2004 @06:25PM (#11153274)
        A possible solution would be to change the authentication process a bit. Just throwing out this idea sort of quickly...

        User creates an account

        User defines a secondary password

        Secondary password is only valid for authentication after 6 months (or some other reasonable time period) of inactivity (presumably death)

        Something like this would hopefully allow for accounts to be secure until a person dies while allowing access after a defined period of time. I guess the flaws could be that most ISPs don't necessarily keep accounts active after a couple months non-payment or after a "X" days of inactivity. ISP's could offer some protection like this for an addition fee if a person really wanted to leave access after they depart the world.

    • Re:so (Score:5, Insightful)

      by Marxist Hacker 42 ( 638312 ) * <seebert42@gmail.com> on Tuesday December 21, 2004 @05:55PM (#11152870) Homepage Journal
      An extension- since you never know when any given online service is going to go belly up, NEVER use one exclusively for everything. Keep local copies of anything important (what did you THINK that 80 GB hard drive was for, your music collection?) and multiple copies of anything you put online that you want to keep.

      Not even slashdot is forever, folks.
      • Re: so (Score:3, Interesting)

        by usurper_ii ( 306966 )
        When my father dies, there will be little left of him but pictures and my memories. If all goes as planned for me, when I die, there will be an e-mail trail going back decades. I already have e-mail stored going back probably 7 or more years (some of which dates back to BBS QWK mail packets, if anyone remembers those).

        For this reason, I have treated my e-mail as sort of a personal diary or blog, often e-mailing myself all sorts of things I want to keep. In them you will find my religious views, my politica
  • by Frymaster ( 171343 ) on Tuesday December 21, 2004 @05:37PM (#11152567) Homepage Journal
    yet another reason to make your passwords the names of your children!
  • by loteck ( 533317 ) on Tuesday December 21, 2004 @05:37PM (#11152569) Homepage
    you can all go ahead and list your passwords under this thread, so that your family can come back and find them when you bite the dust.

    This is slashdot, you can trust us.

  • Would you really want your parents reading all of your email? I wouldn't...

    If they want their correspondance with him, then they should have saved their copies of his emails!
  • i can't imagine the shame my family would experience if i were remembered by some of my slashdot comments
  • by Anonymous Coward on Tuesday December 21, 2004 @05:39PM (#11152590)
    My data is my data, and unless I stated otherwise in my will, it dies with me.

    Also, if my relatives would have something to see in my email, I would let them read it.
    After all the reason you use the yahoo mail is privacy.
    Why should my privacy die with me ? (sounds funny, though)

  • Do like me and just change your password to "password"...

    Problem solved.

  • by NotQuiteReal ( 608241 ) on Tuesday December 21, 2004 @05:40PM (#11152605) Journal
    Especially with Yahoo - and other free accounts. I'd hate to go thru my loved one's free email account and see all the "Welcome to Spanky's Love Goat - your login is..."

    I think keeping the contents private is prudent.

    It is up to you to archive your emails and other e-stuff in a a spot that it can be found, if indeed you really want it found after you are "gone".

  • pr0n (Score:5, Funny)

    by GoofyBoy ( 44399 ) on Tuesday December 21, 2004 @05:40PM (#11152608) Journal
    When I die, I wouldn't want any one to find my pr0n. Someone needs to create encrypted mpeg/divx.

    Or maybe I should request that I be buried with it to take to the afterlife. "Please bury me with the harddrive with the folder name 'Stuff'".
  • A lot of times it's fairly obvious, especially for family memebers - defaults are "What is your Mother's maiden name?" "What was your first pet called?" "What street did you grow up on?"

    A sibling or parent should know any of those - which is why you should always make up your own, by the way

  • by Nostrada ( 208820 )
    . . . that you can read today's Email in 60 years? I doubt it very much. This is just the way things are going, hardly any letters are written by hand and even the CDs and inkjet printouts last that long.
    • You really think 8-bit ASCII or even Unicode is going to be that hard to read in 60 years? Are we going to suddenly get stupid? We're not talking about no longer having a wire recorder to listen to all those spools of recorded wire your grandparents have in the garage. We're talking about digital data that's going to be copied to new storage media every time the server is upgraded.

      Today's email formats are pretty open. Unless your message is encrypted the plaintext is in there easy to see.
    • circa 1960:
      Geek1: We need to fit more data on these cards, lets trim out the first two digits of the year.

      Geek2: What about when it turns 2000?

      Geek1: What? No one will ever be using this system 40 years from now.
  • by FunWithHeadlines ( 644929 ) on Tuesday December 21, 2004 @05:41PM (#11152617) Homepage
    I've long thought that it makes sense now to have a rider attached to your will listing your various online personas and accounts, along with passwords, and instructions about notifying your online communities of your demise. Play in a fantasy sports league? Might be nice to let the commish know you won't be getting back to him on that trade offer. You're the talk of a discussion board? Might be nice to let your old friends know that you died but thought enough of them to have them notified of your death.

    Plus think of the flaming possibilities. You could instruct your surviving loved ones to flame as much as you want, knowing full well no one can touch you in return (unless you believe you are experiencing literal flaming after death, but that's just the risk flamers take).

    Seriously, put it in your will if it's important enough.

  • I can see it now, my mother saying "Wow. I didn't know my son had business partners in Nigeria." I know when I die, I don't want my family reading all the "Young sluts get fucked in the ass and drink cum while sucking a midget's dick!" emails that fill up my inbox. Believe me, there is nothing of value in my emails.
  • This is news? (Score:4, Interesting)

    by Neil Watson ( 60859 ) on Tuesday December 21, 2004 @05:41PM (#11152625) Homepage
    Leave the accounts and passwords in your will. Seal them in a saftey deposit box.
  • Karen's words. (Score:2, Insightful)

    by gandell ( 827178 )
    "While we sympathize with any grieving family, Yahoo! accounts and any contents therein are nontransferable" even after death, said Karen Mahon, a Yahoo! spokeswoman.

    Sympathize meaning couldn't care less.

  • by krbvroc1 ( 725200 ) on Tuesday December 21, 2004 @05:42PM (#11152632)
    Grandma: Oh my god, how many emails about viagra did he have?
    Ohhh, I better contact this poor Mr. Mbutu and see if I can help him out. I didn't realize pop had friends in Nigeria.
    Look at all these money making schemes? How come I never saw any of this money?
    Oh dear, I had no idea pop was into asian porn...
    My my, it looks like pop was corresponding with someone about Vicodin.

    Perhaps its better he died...
  • My experience has been that important accounts (e.g. webmail services, bank account numbers, etc) are shared between spouses. A lot of passwords are already on the auto-fill on the home computer too. This is a good safeguard against losing data suddenly (e.g. accidents).

    In case of grandma's and grandpa's... they would often ask others to check their emails for them. Their situation would be more gradual, and stuff can be backed up regularly.

    Also, the electronic medium has been relatively new (may be five
  • This sounds like a time when lawyers would be useful. A subpeona or court order should obtain the desired results, although it's pretty bad that family members would have to go through this hassle. Still, if it was one of my family members, it would be worth it to not lose that precious data. --Jacksonai
  • If it was private when I am alive, it is still private after I am dead. I might say things to a sister about my dad, that I wouldn't necessarily want him to read.

    I write stuff to a girlfriend I sure the hell wouldn't want my mother reading, even after I am dead.

    If I wanted them to read it, I would have cc'd them. Everyone here would sure bitch if they gave a copy of your email to your mom while you were alive, why is it OK when you are dead? I don't get the logic.

    I could see them resending all my emails
  • PGP (Score:3, Interesting)

    by wk633 ( 442820 ) on Tuesday December 21, 2004 @05:43PM (#11152659)
    All my important passwords (along with other information such as bank account numbers etc) are in a file I encrypt with my wife's public key. If we both exit together, well, hmm. Gone forever.
  • by Japong ( 793982 ) on Tuesday December 21, 2004 @05:43PM (#11152660)

    A lot of times it's fairly obvious, especially for family memebers - defaults are "What is your Mother's maiden name?" "What was your first pet called?" "What street did you grow up on?"

    A sibling or parent should know any of those - which is why you should always make up your own, by the way.

  • ...to all the spam I get.
  • by DiveX ( 322721 ) <slashdotnewcontact@oasisofficepark.com> on Tuesday December 21, 2004 @05:44PM (#11152689) Homepage
    Do privacy rights still apply? Let us say that you die in a car accident, should your medical records and all of your personal information be available to family members? Can this not, at some point be abused by providing fake information in order to gain access to an account? If I want my family members to have access to something, then I will either tell them now, or have that data in my will or other document to be distributed by my legal representative upon my death.

    If this family wants to keep the messages, then they should save them from their side of the chain. I think Yahoo is in the right in that they should not be made to give out password to those that do not control the account. They would have to deal with the expense of handling a lot of requests if even a single exception was acknowledged.
  • This is true. (Score:5, Interesting)

    by bannerman ( 60282 ) <bannerman@rocketmail.com> on Tuesday December 21, 2004 @06:02PM (#11152969)
    When my best friend died in a tragic hiking accident, I spent about 30 hours trying to hack his hotmail account for his family- after they found out that Hotmail was not going to give it up for us. I never did get in.

    I've been heavily into the MMORPG scene over the last few years, and some of my closest friends are folks that I don't have any other contact with. If one of them was to get hit by a bus, I'd never know what happened. That would be odd. I suppose that from my side of the monitor it would be exactly the same as if they had suddenly quit playing the game and never contacted me again. That's an odd concept.
  • by clickster ( 669168 ) on Tuesday December 21, 2004 @06:04PM (#11153003)
    First off, most soldiers who go to Iraq leave behind wills, letters , etc. that are to be opened in the unfortunate event that they don't make it back home. If you really want your family to have access to these kinds of things, leave your password in these documents. What if I died and didn't want my family perusing through my e-mail? Once you've passed away, you can't give consent OR deny requests. It shouldn't be assumed that everyone has no problem with their family having access to all of their stuff. I agree that reading a grandfather's letters from WWII is probably quite enjoyable and insightful, but he made a conscious decision to leave those behind. In this situation, we don't truly know what the soldier wanted. It's an easy problem to avoid. If you want people to have access, leave the passwords behind. Due to the sad nature of the topic, I will try to avoid the obvious sort of "Tell them to look under his keyboard" jokes.
  • by Kjella ( 173770 ) on Tuesday December 21, 2004 @06:07PM (#11153042) Homepage
    They die. Encrypted, personal and not for others, whether I die or not. Quite frankly, those I know and love should have more than enough without my data. And for the great posterity, I imagine that either a) There's more than enough people who didn't keep their data private or b) I've gotten important enough to actually set up some sort of dead man's switch in my will.

    It is not like this is just online. Many places in real life would also suddenly find me "missing", yet never actually go as far as to figure out what happened. Both on- and offline, those that are important enough to know would know. That'll do.

    Kjella
  • by Piewalker ( 777952 ) on Tuesday December 21, 2004 @06:08PM (#11153068) Homepage
    This actually happened to our family this past August. My 19 year-old sister died in a car accident. I think my mother wanted access to her email to spread the news to her friends since she was very active on the Internet and had international friends. My mother had purely altruistic motives. My sister had actually told my mother her password, but because of the trauma of the situation, my mother couldn't remember. My mother ended up remembering it a few days later when she could think clearly. I didn't realize it until it happened, but when your sister dies, you want people who loved her to know. There's this need to want people to know what happened, no matter how traumatic. We still can't reach one of her old friends. I understand the privacy issue, and I treasure my online privacy too, but I agree with other Slashdotters...when you're dead you're dead and the secrets you leave behind don't matter much anymore. There's not much use for it there. But if there's a use for the family, perhaps looking for things to hold on to even for momentary comfort, I think that's the right thing to do. I think the real issue is ownership. Yahoo owns the servers, and thus our web-based e-mail, no? When in that case, the analogy of say my father dying and me inheriting his car wouldn't work with e-mail since e-mail isn't owned like a car.
    • I'm very sorry. I lost my brother last summer as well. It isn't an easy thing to deal with, especially not this time of year.

      He left himself logged into AIM before he went to work the last day. Luckily I was able to pull the entire buddy list and I used it to get in contact with his college and high school buddies. That was the only way I had to find them-I didn't know any of them before his death. It was the saddest and most surreal experience of my life, sitting at his computer seven hours after I
      • by MKalus ( 72765 ) <mkalus@gma[ ]com ['il.' in gap]> on Tuesday December 21, 2004 @08:37PM (#11154475) Homepage
        This situation needs to be changed-when someone dies, those who are left behind have every right to access whatever they can, including their email. Everything left behind, no matter how minor, becomes invaluable in holding onto the memories of them.


        I am not sure I agree with this. If I really want people to have access to things I will make sure they can.

        A company like Yahoo cannot simply relinquish the login info just because you would like to have access to.

        It might be your desire to know everything about that person, but in essence it is their call to make sure that you have access to it. Put it in their will or find another way, but you don't have a (legal, and moral is debatable) right to see those informations.

        Yes, it sucks to lose someone and it is understandable that you want to have as much as you can, but at the end of the day shouldn't you respect the way they have lived, secrets and all?
    • My sympathies for your loss. We had deaths in the family this year, and we also
      • did everything possible to inform all of their friends and contacts, and
      • wanted "things to hold on to even for momentary comfort"

      In our case, email wasn't an issue, but there were certainly plenty of letters, accounts, photos, safe-deposit boxes and all that to go through.

      In the case of letters, whether electronic or paper the writer generally is the owner of the copyright, even if she isn't storing them at home. Ownership then

  • Death cert, will (Score:3, Interesting)

    by the_rev_matt ( 239420 ) <<slashbot> <at> <revmatt.com>> on Tuesday December 21, 2004 @06:09PM (#11153071) Homepage
    I worked at a financial services firm for many years. As most of our clients were older, we had to deal with this kind of issue fairly often (several times per year at least). Get an official copy of the death cert and a notarized copy of the will (if there is one) or living trust (even better, paperwork wise) or durable power of attorney (best of all). That would be enough for us to provide account information without upsetting the SEC, who are fairly strict about privacy issues.

    Barring that, it shouldn't be terribly hard to get a court order, and we all know how eager ISP's are to comply with those when law enforcement come knocking. There's nothing of any particular interest on my machine that anyone other than me would care about (except the MP3s). My wife already knows my passwords, which makes this not a problem anyway.
  • by dshaw858 ( 828072 ) on Tuesday December 21, 2004 @06:09PM (#11153081) Homepage Journal
    I've left my close and trusted friends with a copy of DBAN [sourceforge.net] and had them swear to wipe all my boxen completely clean... I really don't want friends and family and the world to know all of my dirty little digital secrets. Frankly I agree with Yahoo's decision.

    - dshaw
  • Cron job (Score:3, Funny)

    by rlp ( 11898 ) on Tuesday December 21, 2004 @06:21PM (#11153221)
    Set-up a cron job on your desktop machine that periodically queries Google and looks for your obit. If found, it connects to your bank and sends a check for $1000 to your worst enemy. It then mails said enemy a (pre-dated) message (CC'ing yourself) saying: "I'm sending you the last FINAL payment. Don't try to blackmail me again!". Next it e-mails your mail ID and password to your family and finally the script erases itself. :-)
  • by netmask ( 8001 ) on Tuesday December 21, 2004 @06:27PM (#11153291)
    I support Yahoo's stance in this matter. While he's dead and really doesn't have a care in the world, because nothing about him besides a pile of flesh exists..

    Out of respect, what if there were things he never wanted them to know? What if he was gay and having an internet relationship with some man, and his parents were anti-gay? They would then be left thinking they never knew their own son, and all of this crap.

    If you want people to have access to that sort of thing, leave them access. Put your passwords in a safe or something if you MUST write them down.

    Yahoo and others should not be giving access to an individuals person email, dead or alive. I don't care if the family presents a death certificate or not. You should have a reasonable expectation of privacy and deceny even after death. Let your personal life die with you.
  • by jay2003 ( 668095 ) on Tuesday December 21, 2004 @06:54PM (#11153569)
    The email or other electronic records are property just as paper letters are. By default, you don't have privacy in death as your paper letters are inherited by someone unless you leave provisions in your will for them to be destroyed. If you are a famous person, your person letters are likely valuable property.

    I don't see why email should be considered any different. Yahoo's position really is that your email is not personal property. They "own" in the sense of controlling the property while it's on their servers. I don't think Yahoo's objection is really about privacy. They don't want your email to be considered property because they could then be sued when they accidently lose it, not to mention the administrative costs of dealing with probate transfers. If this was really about privacy, they could give make the disposition at death user controllable when the account is created.

    I doubt this issue will be fully decided by the courts until some famous author dies and the only copy of their unpublished work in on some server somewhere and worth a lot money. Then the family will sue for access to the valuable property which they've rightly inherited through the will and the courts will be forced to decide whether ISPs can destroy property on somebody's death.
  • by Builder ( 103701 ) on Wednesday December 22, 2004 @06:58AM (#11157177)
    I see a lot of people advising that you leave your password in your will. This is retarted! For starters, every time you change your passwords, you have to redo your will and have it witnessed again - that's not sensible.

    Rather keep your details separate to your will, but in your will advise people how to get to them. A safe deposit box at a bank, etc.

All extremists should be taken out and shot.

Working...