U.S. markets close in 40 minutes
  • S&P 500

    3,846.03
    +16.69 (+0.44%)
     
  • Dow 30

    31,195.05
    -206.96 (-0.66%)
     
  • Nasdaq

    13,313.72
    +194.29 (+1.48%)
     
  • Russell 2000

    2,216.82
    +16.65 (+0.76%)
     
  • Crude Oil

    61.61
    -1.92 (-3.02%)
     
  • Gold

    1,727.60
    -47.80 (-2.69%)
     
  • Silver

    26.50
    -1.18 (-4.26%)
     
  • EUR/USD

    1.2079
    -0.0107 (-0.88%)
     
  • 10-Yr Bond

    1.4600
    -0.0580 (-3.82%)
     
  • GBP/USD

    1.3942
    -0.0071 (-0.51%)
     
  • USD/JPY

    106.5640
    +0.3340 (+0.31%)
     
  • BTC-USD

    46,839.15
    -2,704.79 (-5.46%)
     
  • CMC Crypto 200

    936.31
    +3.17 (+0.34%)
     
  • FTSE 100

    6,483.43
    -168.53 (-2.53%)
     
  • Nikkei 225

    28,966.01
    -1,202.26 (-3.99%)
     

Tip: How to Make Sure Someone Can Access Your Passwords in an Emergency

Rob Pegoraro
·Contributing Editor
image

Last week, the LastPass password-manager service added a feature you don’t want to have to use: an “emergency access” option that lets you designate a trusted person to have access to your saved logins. That way, if you’re on a long (or permanent) offline vacation, refuse to leave the holodeck, or are otherwise unable to get at your data, your trusted person can.

By adding this kind of worst-case-scenario option, LastPass is catching up to its competitor, Dashlane, which added its own “emergency contacts” feature in July of 2014. But I will bet that most users of these services have yet to implement these new tools.

Neither of these emergency-access features exposes your master password to your backup person or to anybody else. Instead, each uses public-key cryptography to generate an extra key exclusively for your emergency contact — even LastPass and Dashlane themselves won’t know it (just as they don’t know your primary password).

By providing an extra route into your data, emergency access does slightly weaken your account’s security; Edward Snowden might not approve. At the same time, it’s not as bad as just handing out your password to other people. Both sites let you set a waiting period before emergency access activates, during which you can revoke this permission. And Dashlane lets emergency contacts only read saved passwords; they can’t edit them. Unless a state-level entity is after your data, adding an emergency contact seems a reasonable compromise.

Ready to set up emergency access yourself? Here’s how to do it in LastPass, and here are Dashlane’s instructions.

Email Rob at rob@robpegoraro.com; follow him on Twitter at @robpegoraro.