What is the best way to give access to someone I trust

mdc1022 · October 14, 2020, 10:24pm

I am trying to figure out the best way to give someone I trust access to my bitwarden in the event I am not available. They are a bitwarden user & I suppose IF I can teach them my master password, they can log into my bitwarden via their web vault on their laptop I have 2fa set up & they are not computer savvy so the easier the better… Any ideas?

Pulsar · October 15, 2020, 10:03am

Hello @mdc1022,
short answer is, it depends. Cases (long answer):

Trust

This mostly goes to risk analysis but it can be simplified like this:

Person

How much do you trust the person?
Will the person be trusted in the future?
How much accountable the person is?
… etc

Please think also about a trust chain, you trust A, A trusts B. Sometimes people think, yes he trusts me, but It is ok if I give them to a person I trust, because … . Then B might do the same .

Access value

What kind of passwords do you have inside?
Are there any very important passwords like bank account, primary email account, etc?
What is the damage you potentially can get if the passwords are leaked?

Practical solutions

Depending on what you evaluated into you can do the following:

Give him/her your password by either directly or saving it into bitwarden and sharing it with their account through an organization.
Could just share the passwords they might need instead of all.
If you mean by availability (ex. passed away) then you could create a message that will be sent to someone after some time has passed and you did not postpone it. Example is a service that will ask you each 30 or 60 days if you are still alive. You will have 60 days to take action, if no action taken, it will send you a waring. If no action taken then it will send your original message to that person you wanted to.

Cheers

dangostylver · October 15, 2020, 10:01pm

Get a safe or a place you can hide something in your home.

Write your master password down and seal it in a security envelope.

Hide that envelope in your safe or secure place in your home.

Tell the person you trust where they can find it if something were to happen to you.

As for 2FA, put your 2FA backup code next to your master password in the envelope with a note telling them to enter this code after the master password under the section “use backup code”.

lddubeau · October 16, 2020, 12:50pm

I’ve been hospitalized 3 times since June. After the first visit, I set things up in the same way that dangostylver expressed above. I gave access to my wife in case I become dead or incapacitated. This works for us. My wife does not have to learn new stuff to access my information. I had to move her to bitwarden but this specific part happened without trouble.