How many logins and passwords do you have? You need them to use your bank ATM, access bank and brokerage accounts, your cell phone or PDA, your Facebook or Twitter accounts, your telephone and DVR accounts, your “My Health Care Provider,” or “My Airline Mileage,” or “My Whatever” (fill in the blank!), even your computer startup window, possibly your car’s entry system, your health club account, office computer—the list grows. Of course, precious personal security reasons, as well as not-so-precious vendor tracking and marketing reasons, explain the existence of these systems.
It seems like every new commercial or Web-based site we access requires us to set up a new online account with its own login name and “protected” password. We’re warned not to use the same logins and passwords on multiple sites, to change all this data periodically, not to write it down and definitely not to share these secrets with anyone. Understanding the rationale, the kicker question is: How does a reasonably intelligent person keep track of this growing body of confidential information? And does it need to be passed on to anyone?
I’m reminded of a favorite recent New Yorker cartoon: A lawyer is visiting her hospitalized client to oversee the signing of his will. The lawyer has the look of satisfaction for a job accomplished. Meanwhile, the client, propped up and looking feeble in bed, wears a sneer of malicious glee. The text bubble above him says, “Well, the will is done, but—they’ll never discover the passwords!”
I think of this cartoon every time I meet with a client and gather necessary financial information to implement personal financial and tax planning, all of which is highly confidential and kept under tight internal office controls. Baby boomers, especially, will be among the group whose secret logins and passwords are likely to cause problems, as this data needs to be uncovered by professionals, holders of powers of attorney, trustees and executors in emergency situations. Is it possible some important information will be lost? As an estate planning and probate attorney, the issue leads me to an uncomfortable juncture. What discussion needs to take place about these secrets, and what advice—if any—is appropriate for documenting the existence of the data and how to “break” the codes in an emergency situation? Is secure but emergency-accessible storage available? (I’m not advocating at this time that a law office safe is the appropriate receptacle.)
Should certain heirs or beneficiaries be given the right to access certain computer files, programs or online stored documents like journals, photos or family historical records? This data may be more important to heirs than certain financial access information.
The issue is present with or without consideration of estate planning and probate issues. While any of us is up and kicking, we users of all this online and computerized convenience face a constant, if not withering, fear of identity theft—a fear that someone will illegitimately crack our codes, discover our big secrets or, worse yet, clean out our financial fortune. Thus, we appropriately care about protecting this information. In the process, however, we should also be concerned about the double edge of putting too much secrecy in place in the event we need help (or just a way to organize and manage the data). Data loss can create delays that aren’t only inconvenient, but make management by a benevolent third party at least temporarily impossible.
On the long-term planning side, not only do clients regularly pass away with documents and financial records in a state of disarray—confounding even the most resourceful trustee, holder of power of attorney or executor, but now clients also have this added tier of important personal financial information to both protect and make accessible to the right people. We don’t want it totally lost, nor do we want it to fall into the wrong hands where it could be criminally manipulated.
Only a few of my more technologically astute clients have brought this issue up, but I know it lingers below the surface with others. Because of its secretive nature to begin with, many people are ambivalent, fearing ultimate loss of confidentiality. Most of us go to great lengths to actively hide our own information—to the point where we sometimes hide it from ourselves! But even when this happens and we are well, we know the secret questions and answers necessary to uncover a lost or forgotten password, or let us reset it. Financial institutions are no help in this process.
So what are the solutions? Not much beyond the old adage that knowledge of the problem is the first step to resolving it. Numerous sources are evolving: online password managers that purport to securely store login details; desktop-based password managers; or special software that helps organize passwords and PIN codes. Portable encryption devices such as PDAs, phone apps or use of a USB stick are also available. Each has advantages and disadvantages, and their usefulness ultimately depends on the user’s level of computer sophistication as well as his or her consistent use. As the information age continues to sweep us along, no doubt the methods will improve.
A clumsy “Google” search for “password manager” or “password protector” is a novice’s starting place for personal education. Also, check out the not-so-secret beginning option of OpenID or Microsoft’s Windows Live ID. These are accessible, stop-gap programs.
Whether you immediately jump into this fray or not, it behooves us to consider a safe and logical way to catalog this information for ourselves, and a “safe” or secure place for holding the data for later use by the trusted person(s)—like divulging where the key to the safe or safe-deposit box lies. No matter which type of system you adopt, you’ll need to routinely manage it and remain flexible to adapt it to ever-changing needs.
Susan M. Teel is senior counsel at Dickenson, Peatman & Fogarty in the trusts and estates department and a member of its wealth management group. She’s specialized in estate planning, trust administration and probate for more than 25 years. You can reach her at steel@northbaybiz.com.
