Back to Blog

How to protect your family's documents with encryption

When I Die Files··7 min read
How to protect your family's documents with encryption

My mom keeps her important documents in a fireproof lockbox in her closet. Birth certificates, the deed to the house, insurance policies. She feels good about that setup, and honestly, for a long time it was the best option available.

But here's the thing she hadn't thought about: what happens if she needs to share those documents with me, and we live in different states? What happens if a flood takes the whole house? And what about the stuff that doesn't fit in a lockbox -- passwords, account numbers, the letter she wrote to my sister?

That's where digital storage comes in. And that's where most people's eyes glaze over, because someone starts talking about "encryption protocols" and "256-bit keys" and suddenly it feels like you need a computer science degree just to keep your family's paperwork safe.

You don't. Let me explain this the way I wish someone had explained it to me.

What encryption actually means (no jargon, I promise)

Think about sending a postcard. Anyone who handles that postcard along the way -- the mail carrier, the sorting facility, a nosy neighbor -- can flip it over and read what you wrote. That's what most digital storage looks like. Your files sit on a company's server, and technically, people at that company could look at them. Hackers who break into that server could read them too.

Now imagine you wrote that postcard in a code that only you and the recipient understand. Even if someone intercepts it, they just see gibberish. That's encryption.

End-to-end encryption takes it one step further. It means the message gets scrambled on your device before it ever leaves, and it only gets unscrambled on the recipient's device. The company carrying the message never has the key. They couldn't read your stuff even if they wanted to, even if a court ordered them to, even if a hacker broke into every server they own.

That's the difference. Regular encryption is like a locked mailbox where the post office has a spare key. End-to-end encryption is like a locked mailbox where only you and the person you're writing to have keys, and no spare exists.

Why this matters for your most personal documents

You might be thinking: "I'm not a spy. I'm not hiding anything. Why do I need this level of security?"

Fair question. Here's my answer.

The documents you leave behind for your family are some of the most sensitive things you'll ever create. We're talking about:

  • Financial information -- bank accounts, investment accounts, insurance policies, debts
  • Legal documents -- wills, powers of attorney, property deeds
  • Medical wishes -- advance directives, DNR orders, organ donation preferences
  • Personal messages -- letters to your children, your spouse, your grandchildren

If any of this gets into the wrong hands, the consequences range from identity theft to emotional devastation. Someone stealing your bank account numbers is bad enough. But imagine a stranger reading the letter you wrote to your daughter for her wedding day.

This is exactly why important information should be securely stored for your loved ones -- not just stored somewhere, but stored in a way that keeps it genuinely private.

End-to-end encryption means that even if the storage company gets hacked (and breaches happen constantly -- it's not a matter of if, but when), your documents remain unreadable to the attacker. They'd need your specific key to decrypt anything, and they don't have it.

The three things that actually matter when choosing where to store documents

I'm not going to give you a feature comparison chart. Instead, here are the three questions worth asking about any service where you're considering storing sensitive family documents.

1. Who can read your files?

This is the big one. If a company says they use "encryption" but doesn't specify end-to-end encryption, it probably means they encrypt your files on their servers. That's better than nothing, but it means the company holds the decryption keys. Their employees could theoretically access your files. A government subpoena could compel them to hand over your data.

With true end-to-end encryption, the answer to "who can read your files?" is: only you and the people you explicitly grant access. Nobody else. Period.

2. What happens if you lose your password?

Here's the trade-off with end-to-end encryption that most people don't talk about: if the company doesn't hold your keys, they can't help you recover your account if you forget your password. There's no "reset password" magic button when encryption is done right.

That means you need a plan. Write down your master password and keep it somewhere physically safe. Some services offer recovery keys -- long codes you can print and store in a safe deposit box. This is worth the small inconvenience, because the alternative is a company that can reset your password... which means they have access to your data... which means someone else might get access too.

3. Can your family actually get to the files when they need them?

Security means nothing if your family can't access your documents after you're gone. The whole point of planning and storing your legacy letters securely online is that the right people can reach them at the right time.

Look for services that let you designate trusted contacts or set up some kind of inheritance mechanism. The best systems let you decide in advance who gets access and under what conditions, without compromising the encryption while you're alive.

How to get started (practical steps)

Alright, enough theory. Here's what to actually do.

Gather your documents first

Before you worry about encryption software, figure out what you're protecting. Pull together everything your family would need if something happened to you tomorrow. That usually includes:

  • Government-issued IDs and vital records (birth certificate, marriage certificate, Social Security card)
  • Financial account information -- not just the balances, but the account numbers and how to access them
  • Insurance policies (life, health, home, auto)
  • Legal documents (will, trust, power of attorney)
  • Medical information and wishes
  • Login credentials for important accounts
  • Personal letters or messages you want delivered

Don't try to do everything in one sitting. Start with the stuff that would cause the most chaos if it disappeared, and work outward from there.

Digitize what isn't digital yet

For physical documents, scan them or take clear photos. Most phones today take photos sharp enough to capture fine print on legal documents. Save them as PDFs when you can -- they're more universally readable than image files and they preserve formatting better.

Make sure you're doing this on a device you trust. Your personal phone or computer is fine. The shared computer at the public library is not.

Pick a storage solution with real end-to-end encryption

This is where understanding why end-to-end encryption matters becomes practical. Not every service that advertises security is actually using end-to-end encryption. Some things to look for:

  • The service explicitly states "end-to-end encryption" (not just "encrypted" or "secure")
  • They explain that they cannot access your data
  • They have a clear policy on what happens if law enforcement requests your data (the right answer is: "We can't provide it because we don't have the decryption keys")
  • The encryption is applied before your files leave your device, not after they arrive on the server

Set up your access plan

Once your documents are encrypted and stored, think about the access question. Who needs to get to these files, and when?

For most families, this means:

  • Your spouse or partner gets access to everything
  • Your adult children get access to specific documents
  • Your executor or attorney gets access to legal and financial records
  • Maybe a close friend or sibling gets access to certain personal letters

Write this plan down. Store it alongside your documents. Make sure at least one person you trust knows the plan exists and where to find it.

This is really about making sure both digital and physical copies of important documents are covered -- because having encrypted digital copies and a clear physical note about how to access them is the combination that actually works.

Keeping things secure over time

Setting up encrypted storage isn't a one-and-done task. A few things to stay on top of:

Update your documents when life changes. New bank account? Add it. Got divorced? Update your access list. Moved to a new state? Your legal documents might need updating too. Set a reminder once or twice a year to review what's stored and make sure it's current.

Don't reuse passwords. Your master password for encrypted storage should be unique -- not the same one you use for your email or Amazon account. If another service gets breached and you've reused that password, your encrypted storage is now vulnerable. A password manager can help with this.

Keep your recovery information current. If you printed a recovery key two years ago and have since moved, make sure that key made it to your new home. If your trusted contact has changed, update that too.

Pay attention to notifications from your storage provider. If they notify you about a security update or a change to their encryption method, take it seriously. Update the software. Read the notification. It takes five minutes and could save you from a real problem.

The honest truth about all of this

No system is perfectly secure. Someone determined enough, with enough time and resources, can theoretically break into anything. That's true of your bank, your email, and yes, your encrypted document storage.

But end-to-end encryption raises the bar so high that for all practical purposes, your documents are safe. It's the difference between leaving your front door unlocked and installing a bank vault door. Could someone still break in? In theory. Will they? Almost certainly not, because there are millions of easier targets.

The real risk isn't that a hacker will crack your encryption. The real risk is that you never set this up at all, and your family is left scrambling to find account numbers, legal documents, and the words you meant to say but never got around to writing down.

A place to start

If this all feels like a lot, that's okay. You don't have to build a perfect system overnight. Start with one document, one letter, one account number. Get it stored somewhere safe, encrypted, and accessible to the right person.

When I Die Files was built for exactly this kind of thing -- a place to store your most important documents and personal messages with end-to-end encryption, so the people you love can access them when they need to, and nobody else can. It's worth a look if you're trying to figure out where to begin.

The documents you leave behind are a gift. Protecting them is part of giving that gift well.

one last thing

Close your eyes. Picture the person you love most. Now imagine they’ll never hear your voice again. What do you wish you’d told them?

Write Them a Letter