Don't Give One Person All Your Passwords: The Case for Secret Sharing
What if you could protect your digital legacy so that no single person could access everything alone—but your family could always unlock it together? Cryptographic secret sharing makes that possible.
The Password Problem No One Talks About
Maria was a meticulous person. A software engineer living in Amsterdam, she had strong, unique passwords for every account—her bank, her cryptocurrency wallet, her email, her encrypted document vault. She did everything right.
She also kept a master list. Written in a notebook. Hidden in a drawer.
When she had a stroke at 52, her husband Carlos found the notebook within two weeks. He emptied the accounts. Everything Maria had saved over a 20-year career was gone before her funeral.
Carlos wasn't a criminal. He was grieving, impulsive, and had access to everything. That's the real risk most people never see coming.
The Two Catastrophes of Digital Inheritance
When people plan for what happens to their digital accounts after death, they usually fear just one thing: their family won't be able to access anything.
But there are actually two ways digital inheritance fails:
Catastrophe 1: Nobody can access anything. Your passwords are too well-hidden. Your encrypted drives have no recovery key. Your family spends months in legal limbo trying to get court orders to access your bank account.
Catastrophe 2: One person can access everything. One angry heir drains the accounts. One compromised email account exposes your entire financial life. One bad actor—or one well-meaning person making bad decisions under grief—has unchecked power.
Most estate planning advice solves Catastrophe 1 and ignores Catastrophe 2 entirely.
What Cryptographers Have Known for 50 Years
In 1979, mathematician Adi Shamir published a solution called Secret Sharing. The core idea is elegant: instead of one key that unlocks everything, you split a secret into multiple "shares." You can define rules like "any 3 of these 5 shares can reconstruct the original secret—but 2 shares alone reveal nothing."
This is called a threshold scheme. And while it was invented for cryptography, the underlying principle is something humans have always understood: checks and balances.
Your bank requires two signatures for large transfers. Nuclear missiles require two officers to turn their keys simultaneously. Your HOA requires a quorum to change the rules. These aren't bureaucratic obstacles. They're protections against any single person having unchecked power.
Shamir's Secret Sharing brings the same protection to your digital estate.
How It Works in Practice
Imagine you have a master encryption key—one long string of characters that unlocks your entire digital estate. Instead of writing it down in a notebook, you split it into 5 shares and give one each to:
- Your spouse
- Your eldest child
- Your sibling
- Your lawyer or notary
- A trusted friend living in another country
You set the threshold at 3. That means any 3 of these 5 people must cooperate to reconstruct the key. No single person can access your estate alone. Your spouse and child can't do it without a third party. Your lawyer and friend can't do it without involving a family member.
But if you're incapacitated or dead, your family can gather any three of these people and unlock everything together—no court orders, no guessing, no locked accounts.
Why "Just Write It Down" Isn't Enough
The traditional approach—writing passwords in a letter with your will, or leaving a sealed envelope with your solicitor—has serious weaknesses:
Single point of failure: If that one piece of paper is found, lost, or stolen, everything collapses.
No revocation: If your relationship with your sibling deteriorates and you want to remove their access, you have to find and update every copy.
No verification: You can't know whether your family will actually be able to use what you've left without testing it. And testing it reveals the secret.
Temporal mismatch: What if your spouse dies before you? Your plan assumed a particular family structure that may not exist anymore.
Secret sharing handles all of these gracefully. You can add or remove shares by regenerating them. You can verify the scheme works without ever exposing the actual secret. And it degrades gracefully—if one share-holder dies or becomes unreachable, you still have enough other shares to meet the threshold.
The Expat's Specific Challenge
If you're an expat living in a country different from where your family is based, digital inheritance isn't theoretical—it's urgent.
Your financial life is split across countries. Your bank accounts may be in the Netherlands while your family is in the UK or Brazil. Your cryptocurrency might be in a hardware wallet at your apartment in Berlin. Your documents are in a cloud service based in Switzerland.
The people who need to access your estate after you're gone may be on different continents, speaking different languages, dealing with different legal systems. Getting a court order to access a foreign bank account can take 18 months. Getting a court order for a cryptocurrency wallet is currently impossible in most jurisdictions.
Secret sharing solves this with elegance: the shares can be held by people in different countries. Reconstruction requires cooperation across borders—exactly the kind of distributed trust that works for geographically dispersed families.
How LegacyShield Implements This
LegacyShield's vault architecture is built on zero-knowledge encryption with cryptographic secret sharing at its core.
When you set up your emergency access plan, you define your share-holders and your threshold. LegacyShield generates the shares and delivers them securely—encrypted, with instructions—to each share-holder. They don't need to understand the cryptography. They receive a sealed package that they keep safe, and instructions for how to cooperate with other share-holders if the time comes.
Meanwhile, you maintain a living vault of documents, accounts, and instructions. You can update it at any time. Add a new account. Change a password. Update your will. Nothing changes for your share-holders—they don't get a new share every time you update something. The shares unlock access to your vault, and the vault contains everything that matters.
The Conversation You Need to Have
Secret sharing only works if your chosen share-holders know they're holding a share.
This means having a conversation most people avoid: "I'd like you to be part of my emergency access plan. I'm going to give you a sealed share of a cryptographic key. You shouldn't ever need to use it, but if something happens to me, you'll know what to do."
That conversation is uncomfortable. But it's far less uncomfortable than the alternative—your family discovering that they can't access your accounts, or that one person has already drained them.
You can do this today. Your family is counting on you to get it right.
Place your documents in custody — free.
Zero-knowledge encryption, designated heirs, EU-only infrastructure.
Open a vault