Family friends son died unexpectedly and is out of options right?

[thecomputerguy]

Her son died recently at the dentist office at a very young age going under general anesthesia for some implants due to an undiagnosed heart condition.

She brought me her sons devices with the information that he was a software engineer or something of the sort ... she's in her late 70's. Her primary concern regarding her devices are his investment accounts.

She brought me a tablet, a phone and a laptop.

Laptop is attached to a Microsoft account which means it's probably BitLockered but I don't want to extract the drive and hook it up to a test computer just yet in case it sends it into BitLocker recovery mode and lose the other recovery options. At the moment the laptop does have reset options setup to his Phone and Email.

She does not know his email password, even if she did we wouldn't be able to fulfill 2FA.

She does not know the PIN to the phone. The phone does not show text message details on the lock screen.

His email is secured with Authenticator on his phone, and there are no recovery options outside of SMS or Authenticator.

She does not have a Password Manager Recovery sheet (and not sure if he used one).

His Microsoft account can only be recovered by SMS or Authenticator.

His Tablet is locked via PIN and has basically the same recovery issues as his phone.

He had no significant other that would know this information.

She said she spoke with Verizon and since the phone is on her account they would be able to "get her into it" I don't see how that's possible but I told her to re-visit that before I potentially sent the Laptop into BitLocker recovery.

It sounds like he basically set everything up the same way I would if I never wanted anyone in any of my stuff except I do have a password manager recovery sheet for my Wife.

Pretty much not going to happen right? Any suggestions?

 

[britechguy]

Laptop is attached to a Microsoft account which means it's probably BitLockered

I wouldn't presume this, particularly if it's a Windows 10 machine or a Windows 11 machine that became one by upgrade from Windows 10.

 

[thecomputerguy]

I wouldn't presume this, particularly if it's a Windows 10 machine or a Windows 11 machine that became one by upgrade from Windows 10.

Yeah I suppose I could try the ease of use hack ... I'll give that a shot tomorrow

 

[thecomputerguy]

I just tried it an it looks like the only profile I have access to is a profile prior to migrating to an online account which has some data, but pretty minimal.

 

[britechguy]

BTW, if she is the account holder for the phone, she will have legal access to SMS history, at the very least.

Sadly, I think here chances of getting in to most of this is very small. I do not know if Microsoft has any policy that would allow an executor access to a Microsoft account, but some entities do.

This reminds me that I really need to put the master password to my password vault into a form that can be directly passed to my executor.

 

[timeshifter]

Her primary concern regarding her devices are his investment accounts.

While it might make it easier to sort all that out if she can gain access, I'd presume his money could be recovered through the legal process. If he didn't have a will, a spouse or any offspring then I'd think she'd be the de facto heir to his estate. It may take time and be expensive through the proper legal process.

You may run into ethical or legal boundaries trying to get in to his systems. But, if it were me in your situation I'd be helping anyway, assuming it's a relatively close friend.

 

[sapphirescales]

It sounds like he basically set everything up the same way I would if I never wanted anyone in any of my stuff except I do have a password manager recovery sheet for my Wife.

Do you also have the 2FA recovery codes saved somewhere? I keep all my passwords as well as all my 2FA recovery codes on an encrypted flash drive that you can unlock with a finger print (because the people in my life are terrible with passwords and would never remember what it was if I put a password on the flash drive). Even if they have access to your email/phone you can't rely on that. Setting up people's accounts so they can be accessed by loved ones if they die is something I do on a regular basis.

Regarding your particular situation, if the accounts aren't set up to be recovered from the beginning, you're SOL unless she can contact the companies and get access to his account through there. A lot of companies don't have the ability to reset passwords/2FA anymore though. It's just too big a security risk. If Verizon says they can bypass the lock on the phone that's one option to consider, but they might just be talking about erasing it for her which wouldn't help. I don't know the procedure for getting access to a Gmail account if you don't have the 2FA or password but you might want to contact Google and see if they have a specific procedure/requirements for getting access to the account. Maybe all they'll need is a death certificate.

 

[Markverhyden]

Is there a will? Who is the executor? If there is no will it goes to probate. Investment accounts usually have beneficiaries listed so they can gain access after proof of death is sent in. If she doesn't know who they are there might be documents in his belongings to find out who the investments are with. Unfortunately the fact that she is his mother is meaningless unless she is the executor or a beneficiary.

At the end of the day everything is working exactly the way it should be. With one major exception. The hit by a bus scenario which is what appears to have happened.

 

[britechguy]

At the end of the day everything is working exactly the way it should be.

Well, I guess that depends on how you define "the way it should be." In "the paper days" if you were someone's executor, that pretty much forced open all doors for you. In the digital age, it does not unless companies have a provision to allow it.

I was very lucky that the two estates I was recently executor for both were, by and large, on paper and for the one that wasn't I had been "the keeper of the keys" (that is, passwords) for quite some time.

Were my partner to be hit by a bus, his daughter, who is his executor, would be in the midst of a living hell with all of his online accounts because he doesn't routinely record passwords or remember them. I do, though, in my password manager, because I'm the one invariably called upon to get him out of the, "I have no idea what my password is," messes.

In the cyber age, it's irresponsible not to have some mechanism in place to ensure that those who have to do "clean up" after your passing do not have easy (and I do mean easy) access to your online world in order to do so. And I'll be the first to admit that I have yet to ensure that's in place through granting access to my password manager via its password to someone who survives me (my executor, preferably). I don't even have a will yet, but should, but am waiting on my sister to set up the trust for my nephew. I'd rather not do this thing twice, and that's where anything that's left will go.

It wasn't until I was an executor 2 times in rapid succession back in 2021 that I realized just how difficult the law makes it, even for executors, when it comes to settling an estate. Banks can be a particular PITA, too.

 

[thecomputerguy]

Do you also have the 2FA recovery codes saved somewhere? I keep all my passwords as well as all my 2FA recovery codes on an encrypted flash drive that you can unlock with a finger print (because the people in my life are terrible with passwords and would never remember what it was if I put a password on the flash drive). Even if they have access to your email/phone you can't rely on that. Setting up people's accounts so they can be accessed by loved ones if they die is something I do on a regular basis.

Regarding your particular situation, if the accounts aren't set up to be recovered from the beginning, you're SOL unless she can contact the companies and get access to his account through there. A lot of companies don't have the ability to reset passwords/2FA anymore though. It's just too big a security risk. If Verizon says they can bypass the lock on the phone that's one option to consider, but they might just be talking about erasing it for her which wouldn't help. I don't know the procedure for getting access to a Gmail account if you don't have the 2FA or password but you might want to contact Google and see if they have a specific procedure/requirements for getting access to the account. Maybe all they'll need is a death certificate.

I personally store EVERYTHING in 1Password. I know that's not the correct air gapped, multi authenticator, everything in 3 different places method but 1Password has all my passwords 100% of which are 25 character randomly generated passwords. 1Password also stores my 2FA codes for that particular login (I know this is also not correct but it's a convenience I am not willing to lose). 1Password also has my recovery keys in the notes of each login if recovery keys are provided. 1Password also has the secret questions and answers in the notes for that particular login if offered.

The only thing 1Password doesn't have is my login information for 1Password or the 2FA code for 1Password (I use authy for my 1Password 2FA). I know I have a lot of eggs in one basket and I understand that.

For emergency access my wife has a physical emergency access kit (piece of paper) in a safe at my house that 1Password provides which includes my Login, Password, and Secret Key to gain access to the account. Everything is extremely neatly organized, and I place I high important on the cleanliness of my 1Password account. I have everything organized into Personal, Business, Personal Finance, and then every single client has it's own vault.

In the event of my death my wife would be able to to give the emergency kit to a professional like myself and they should be able gain entry into my account and my life's details in under 30 minutes.

As far as the carrier being able to hack a phone? I find that impossible but she said they "could do it" so I told her to explore that fully before I send the laptop into Bitlocker recovery mode. I know that even law enforcement has had issues in the past trying to get into devices in higher profile investigations.

 

[thecomputerguy]

Is there a will? Who is the executor? If there is no will it goes to probate. Investment accounts usually have beneficiaries listed so they can gain access after proof of death is sent in. If she doesn't know who they are there might be documents in his belongings to find out who the investments are with. Unfortunately the fact that she is his mother is meaningless unless she is the executor or a beneficiary.

At the end of the day everything is working exactly the way it should be. With one major exception. The hit by a bus scenario which is what appears to have happened.

That's basically what I told her ... hire an attorney, hire a forensic accountant, and go down that path.... She doesn't know if there is any money ... or ... maybe she's trying to get to it before his beneficiaries do for all I know.

 

[Blues]

Sounds like she can get the phone unlocked which as the account holder and family to the deceased is not an unusual or unreasonable thing for the carrier to allow. If the phone can get unlocked this may open options into the rest of the systems and if you can at least identify the investment accounts then with documentation as stated by @Markverhyden she should be able to effectively take ownership of the accounts and have access reset for her. That is the main thing to tie to her real concern is identifying the investments to identify what and how it may be accessed.

 

[NviGate Systems]

Even if the phone can't be unlocked, the SIM could be moved to another compatible device and SMS codes to unlock the MS Account could be then used. That will at least get you in what presumably was his main device, and from there you can explore further.

 

[timeshifter]

Even if the phone can't be unlocked, the SIM could be moved to another compatible device

Assuming it’s not an eSIM

 

[thecomputerguy]

Even if the phone can't be unlocked, the SIM could be moved to another compatible device and SMS codes to unlock the MS Account could be then used. That will at least get you in what presumably was his main device, and from there you can explore further.

Interesting idea ... this is foreign territory for me.

 

[fincoder]

I just tried it an it looks like the only profile I have access to is a profile prior to migrating to an online account which has some data, but pretty minimal.

So not bitlockered.

To access a Microsoft Account login you need to use a tool such as PCUnlocker.