Most people have somewhere between 70 and 150 online accounts. The passwords for almost all of them exist in one place: their head.

When that person dies, everything locked behind those passwords — bank accounts, email, decades of photographs, investment portfolios, messages they never sent — becomes inaccessible. Not temporarily. Often permanently.

The practical question of how to pass on passwords and account access to family after death is one most people have never seriously considered. This article covers what actually works, what doesn't, and how to do it in a way that is secure now and useful later.

Why this is harder than it sounds

Passing on a password is not simply a matter of writing it down. Passwords change — frequently, if you follow good security practice. An account that used a specific password six months ago may use a completely different one today. A static list of passwords becomes unreliable almost immediately.

Then there is two-factor authentication. Most important accounts — banking, email, investment platforms — require a second form of verification in addition to a password. That second factor is usually sent to a phone, generated by an authenticator app, or stored as a recovery code. Without it, the correct password alone is not enough to get in.

Biometrics add another layer. If your phone requires your fingerprint or Face ID, it cannot be unlocked by anyone else after you die — and the phone itself may hold the authenticator app that provides access to everything else.

A proper plan for passing on account access has to account for all of this. Not just the passwords, but the full chain of access that modern security requires.

What not to do

There are several common approaches that feel sensible but create more problems than they solve.

Sending passwords by email or text. Any password transmitted over an unencrypted channel is a security risk. Email is not secure. Text messages are not secure. Sharing passwords this way also creates a permanent record in inboxes and message threads that could be accessed by anyone who gets into those accounts.

Storing passwords in an unencrypted document. A Word document or notes file containing your passwords, saved to your desktop or emailed to yourself, is a significant security liability. If your device is compromised, lost, or accessed by the wrong person, every account you have is exposed.

Telling someone verbally. Memory is unreliable. Passwords change. The person you told may predecease you, or simply not remember the specific details correctly when they're needed under stress.

Leaving a sticky note. This is not a plan. This is a liability.

The notebook problem

The most common real-world approach is a notebook — a physical record of passwords kept somewhere at home. The instinct is right. The execution almost always fails.

Notebooks go out of date. Passwords are updated, accounts are added and closed, and nobody maintains the notebook with the same rigour they applied when they first wrote it. By the time it's needed, it's often 30 to 50 percent inaccurate.

Notebooks have no delivery mechanism. They rely on someone knowing to look for it, knowing where it is, and finding it quickly in an already stressful situation. If it's stored somewhere "safe" — which usually means somewhere not immediately obvious — there's a real chance it simply isn't found.

A notebook containing your passwords is also a security risk while you're alive. It can be found by anyone who enters your home. It cannot be encrypted, and it cannot be selectively shared — whoever finds it has access to everything.

Using a password manager's emergency features

If you already use a password manager, it is worth knowing that several of them include emergency access features that are specifically designed for this situation.

1Password offers an Emergency Kit — a printable document containing your account details and Secret Key, which can be stored physically and used to access your vault. It also supports emergency access through a trusted contact who can request access after a waiting period you define.

Bitwarden has an Emergency Access feature that allows a trusted person to request access to your vault. You set a waiting period — from one day to 90 days — during which you can deny the request. If you don't respond, access is granted automatically.

LastPass has a similar Emergency Access feature, though it requires both parties to have a LastPass account.

These features are useful but have limitations. They rely on the password manager account itself remaining accessible — which requires knowing the master password and potentially passing a two-factor check. And they solve only the password storage problem, not the broader question of account inventory, legal signposts, or personal messages.

If you use a password manager: enable its emergency access feature and document the master password and recovery codes somewhere your family can find. The password manager is only useful if someone can actually open it.

The legal side: who has the right to access your accounts

This is a question many people don't ask, and the answer is more complicated than most expect.

Under the Computer Misuse Act 1990, accessing a computer system without authorisation is a criminal offence. When you die, the authorisation you granted to your own accounts — by agreeing to the platform's terms of service — does not automatically transfer to your family. In strict legal terms, a relative who logs into your accounts using your password, without the platform's permission, is technically acting outside the law.

In practice, prosecutions for bereavement-related account access are essentially unheard of. But it explains why formal arrangements — rather than just handing someone a password — are the right approach. When a family member can demonstrate that access was explicitly authorised by the account holder in advance, the situation is legally cleaner and practically easier.

The executor of an estate has legal authority to deal with a deceased person's assets, including digital ones. However, platform terms of service frequently conflict with this — technically non-transferable accounts remain non-transferable even to an executor, at least as far as the platform is concerned. What this means in practice is that the platform's cooperation is required, and that cooperation is much easier to obtain with documented authorisation and the right credentials.

What a complete handover actually looks like

Passing on passwords is one part of a larger problem. A complete handover of your digital life to the people you leave behind requires four things to be in place.

  • 01 An account inventory. A complete list of every significant online account — banking, email, investments, cloud storage, subscriptions, crypto, social media. For each one: the platform name, the email address used to register, and where the password can be found. This doesn't need to include every account — just the ones that matter.
  • 02 Access credentials. The passwords, two-factor authentication recovery codes, and — critically — instructions for accessing your authenticator app or the phone it lives on. The full chain of access, not just the first link.
  • 03 Device access. The PIN or passcode for your phone and computer. Without this, the device that holds your authenticator app, your photos, and potentially your password manager is a locked box.
  • 04 A reliable delivery mechanism. The information needs to reach the right people at the right time. A document that exists somewhere unknown, or that can only be found if someone already knows to look for it, is not a plan. The delivery has to be automatic, or explicitly pre-arranged with someone who will know what to do.

The delivery problem is the hardest part

Most people who think about this problem focus on the storage question: where do I keep this information safely? That's the easier half. The harder question is: how does it actually reach the right people?

Telling a trusted person where the information is creates its own complications. You have to keep them updated as things change. You have to trust them to act correctly when the time comes. And there is a meaningful difference between "knowing where to look" and "being in a position to act on it quickly, while also dealing with grief."

The most reliable systems are the ones that don't depend on someone remembering to do something in a difficult moment. They are automatic — triggered by a verifiable event rather than a human decision.

The problem with most plans isn't the plan. It's that the plan relies on a person who is already overwhelmed to remember something they were told years ago.

This is the gap that purpose-built tools like Holdfast are designed to fill. Not because the storage problem is complicated, but because the delivery problem almost always is.

A practical approach, step by step

If you want to sort this out today, without using any specialist tool, here is what to do.

  • 01 List your accounts. Start with banking and investments, then email, then cloud storage and photos, then anything else that matters. Don't aim for completeness immediately — start with what would cause the most difficulty if it were lost.
  • 02 Document access at every level. Not just passwords. Note which email address is registered, where two-factor authentication codes come from, and what recovery options exist for each account.
  • 03 Record your device PINs and passcodes. Your phone, your computer, your tablet. Without these, everything on those devices is inaccessible regardless of what else you've documented.
  • 04 Store it encrypted, not in plaintext. A password manager vault, an encrypted file, or a purpose-built service. Not a Word document. Not a notebook left on the kitchen table.
  • 05 Solve the delivery problem explicitly. Decide how this information will reach the right people. Either nominate someone with clear instructions — and tell them directly, not just mention it once — or use a service that delivers it automatically when it's needed.
  • 06 Set a reminder to update it. Put a recurring calendar reminder — once a year, at minimum — to review and update what you've documented. Passwords change. Accounts are added. The plan needs to keep pace.

The goal is not perfection. A plan that covers 80% of your accounts and is kept reasonably up to date will save your family an enormous amount of difficulty. Something done is worth far more than a perfect plan never started.

Why Holdfast exists

Holdfast is built around a simple observation: the people most affected by this problem are not negligent. They are organised, thoughtful people who just never had a good tool for it.

Your vault stores everything — account details, access credentials, device PINs, legal signposts, personal messages — encrypted on your device before it reaches our servers. AES-256. We cannot read it. Nobody can, except you.

Once a month, you confirm you're still here with a single click. If you ever stop confirming, Holdfast follows a careful escalation process — giving you every opportunity to respond — before delivering your vault to exactly the people you chose. Nothing goes anywhere until it's certain something has happened.

It is the delivery mechanism most plans are missing. And it means the people you leave behind receive what they need, automatically, without having to already know where to look.

One practical note on the people you nominate: you do not need to explain the system to them or have a long conversation about what you have set up. Just give them a key — a password or passphrase — and ask them to keep it safe. Tell them they will know what to do with it when the time comes. The vault explains itself on arrival. The key is all they need to open it. That handover takes thirty seconds, requires no awkward conversation, and is considerably more likely to actually happen than a detailed briefing you keep putting off.