1. Posterity Passwords - Transfer passwords to loved ones if something happens to you | Product Hunt

    Make sure some passwords can be found. Just in case.

    Keep essential passwords in an encrypted vault your loved ones can access if something happens to you.

    Create your plan

Why it matters

  • Make sure all your essential passwords can be found
  • Share passwords without compromising their safety
  • Change your plans without changing your passwords

What you can do

  • Store passwords in an end-to-end encrypted vault
  • Leave different passwords for different recipients
  • Set a cool-down period before passwords are revealed

The safest way to transfer password to loved ones.

One solution, all kinds of secrets.

Peace of mind is being able to leave all your essential passwords in one safe place, without worrying about whether your loved ones will be able to find them.


For your eyes and your recipients only.

Password and their metadata are encrypted on your device, so that only you and your recipients can see their content in clear, and no one else.


Hidden until needed.

Your passwords remain encrypted and hidden from their recipients, unless something happens to you and someone submits a death certificate we can verify.


How Posterity makes everything go according to plan.

Death certificates are manually and independently verified by our team before your plan is put in motion.

Learn more

A legally binding plan in 5 minutes.
No attorney needed.

  1. static/img/how-it-works/device.png static/img/how-it-works/slide-0-bg.png static/img/how-it-works/slide-0-card-0.png static/img/how-it-works/slide-0-card-1.png

    Start a plan.

    Create a plan covering all the basics in 5 minutes or less. No need to be an expert, Posterity will walk you through everything in plain english.

    Get started
  2. static/img/how-it-works/device.png static/img/how-it-works/slide-1-bg.png static/img/how-it-works/slide-1-card-0.png static/img/how-it-works/slide-1-card-1.png

    Make it official.

    Print and sign the the legal will generated for you to make your plan legally binding. You'll get a new one every time you make a change.

  3. static/img/how-it-works/device.png static/img/how-it-works/slide-2-bg.png static/img/how-it-works/slide-2-card-0.png static/img/how-it-works/slide-2-card-1.png

    Loop everyone in.

    Invite your family and friends to share the roles and arrangements you'd want them to see if something happens to you.

Free 15-day trial, then $29.99/year.

  • Support for a growing list of topics
  • Unlimited sharing with family & friends
  • Unlimited automations
  • Legal documents for all 50 states
  • Manual verification of death certificate
Start Planning

All the details

Transferring passwords

Passwords makes it incredibly easy to share passwords with friends and family, but with the explicit intent that they can only access them in the event something happens to you.

It uses state-of-art cryptography to keep your passwords private and safe, while being convenient and easy-to-use for your recipients.

What can Posterity see?

Passwords is designed so your data can never be revealed to Posterity, whether it’s before, during or after a recovery process.

What Posterity cannot see

Posterity and its employees can never see:

  • The actual password value;
  • The kind, label or description of a password.

What Posterity can see

Our knowledge is limited to:

  • Who the recipient is;
  • When a password was added or updated.

How is my data encrypted?

Below are some technical details on how your passwords are kept safe on Posterity.

At sign-up, an ECDH-P384 key pair is generated on your device and stored in your account. The private half is encrypted using a key derived from your account’s password1 using PBKDF2 with 100,000 iterations.

When you add or update a password, Posterity generates a random 256-bit key K, and uses it to encrypt the password you’d like to share with a recipient using AES‑256‑GCM.

For you, K is stored on your account after it’s been encrypted with a key derived from your account password using PBKDF2.

For your recipient, a copy of K is added on their account, but only after two distinct layers of encryption have been applied to it:

  1. First, using RSA‑OAP‑SHA512 with a 4096-bit key owned and maintained by Posterity2. The private half of it is only released if we can verify your death;
  2. Second, using AES‑256‑GCM with a key derived from the private half of the ECDH‑P384 key pair generated at sign up, and the public half of theirs.

The second layer ensures the data can only be decrypted by its recipient, and the first protects it from being revealed if the death condition is not met.

The benefits of this approach are the following:

  1. You can access your encrypted data by simply using your account’s password;
  2. The same applies to your recipients, but only after we’ve released the private half of the death verification key pair we’re responsible for;
  3. Posterity is never in a position to view the decrypted content of your data, because it neither has access to the password of your account, nor that of your recipients.
  4. If our infrastructure is ever compromised, the data we hold is useless to hackers; it’s fully encrypted with a password we’ve never seen.

  1. For authentication, we use SRP, a PAKE protocol which ensures that you can safely sign in without ever sharing your password with us, in any shape or form. ↩︎

  2. Technically, the key pair is unique for every user. ↩︎

How do you verify a death?

The recipients of your passwords will need to report your death by submitting a certified copy of your official death certificate. They’ll be able to do so directly from their own account, first created when you designated them as a password recipients.


Learn more about how Posterity handles death verification.

How can I deal with 2FA?

Two-Factor Authentication1 is a great way to protect an account from unauthorized access by requiring, in addition to a password, a temporary code which is generated on the spot.

If you leave a password for a 2FA-protected account, your recipient will also need instructions for the temporary code if they are to ever be able to gain access to it in the event something happens to you.

The instructions depend on the type of 2FA implemented on the account.


TOTP-based 2FA is when the temporary code is generated by an authenticator app, and often changes every 30 seconds.

In this case, you can leave one of the recovery codes that were generated for you when you enabled 2FA on that account, alongside your password.


SMS-based 2FA is when the temporary code is sent to you via SMS.

In this case, you need to make sure the device where you receive the SMS can be unlocked by the recipient. For that, simply add the passcode of that device to Posterity Passwords.

  1. It’s a good idea to enable 2FA on your Posterity account if you haven’t already. ↩︎

What about face and finger recognition?

The vast majority of devices that offer biometric unlocking (i.e. face or fingerprint) also require a passcode to be set as a fallback.

For example, after a few failed attempts to identify your face, iPhone will automatically offer you to enter the passcode for the device instead.

Leaving the passcode to unlock a device in Posterity Passwords is therefore enough to make sure it can be accessed if something happens to you, even if configured to use your face or fingerprint to unlock.

What if my passwords change?

Like any good emergency plan, Passwords should be reviewed and updated from time to time. Posterity will regularly send you reminders to that effect.

Can I use this as a password manager?

The short answer is you shouldn’t. While there are no technical limitations preventing you from doing so, Passwords is simply not designed for that.

Passwords managers are for personal use, and are optimized for quick access to all the passwords you use on a daily basis.

Posterity Passwords is for sharing a selection of essential passwords, and goes to great lengths to make sure their recipients can only access them if and only if something happens to you.

What countries are supported?

For the time being, Posterity is US-only.

Over time, we’ll be expanding to countries where our death verification process can be safely implemented.