Mac 911 has received a sadly unsurprising number of emails over the last four years from people whose loved ones have passed away and who are left with computers, mobile devices, and cloud accounts that contain memories, legal documents, and much more.
Here’s what you need to know to prepare ahead of your own (or someone else’s) passing and how to handle things when someone is gone.
Make a plan before it’s too late
Most of us feel macabre talking about death, but dealing with the fussy details ahead of time can solve endless problems later. It’s especially true with digital resources, as giant technology firms (including Apple) may not be responsive to your queries when someone’s gone.
What secrets do you need to have available?
- Device passcodes and macOS account passwords. Apple locks all its devices now with a passcode or account password that the company can’t provide or break. If you don’t leave this information behind, the data on the devices can effectively never be recovered. Related: if you use iCloud Keychain, only a device passcode or Mac account password can provide access to passwords, second-factor codes, and passkeys.
- Apple ID account name and password.
- Passwords for important accounts, primarily your main email access. Without these, someone may be unable to access email accounts to handle bills or reset passwords for other services.
- Hardware security keys. If you use hardware security keys for access to your Apple ID or accounts at other sites and services, you need a plan for your successors to gain access. This may be the only physical item you need to be sure someone gets their hands on.
Try to sort out with living relatives, partners, and the like a way for them to store their passwords and device passcodes so that you can have access if they die or are incapacitated. If you have enough trust in another person, you can exchange secrets in a secure way. My wife and I use 1Password and use its shared vault feature to store critical information each of us needs in case of emergency or the death of the other. For hardware security keys, you’ll need to tell them where to find the keys, such as in a safe or even a drawer of a desk.
You could also hire a lawyer or enlist a loved one, business partner, or another person you have a connection to. A lawyer can draft a simple document that would let them hold passwords in escrow for another party and release them only under particular circumstances. (It’s critical to share that with other people so they know how to reach this lawyer or law firm.) Lawyers have an obligation if they move or close their firm to manage handing off papers to another practice and have to make their own plans in case of incapacity or death. (Apple requires that you add two more hardware security keys to an Apple ID, so you could take an extra key and store that with a lawyer or other party.)
You can go one step further, too, and encrypt the information provided to the lawyer, providing the password only to authorized parties. That prevents your data being accessible if a firm had an untrustworthy employee or your files were stolen.
(An easy way to encrypt is to make an encrypted disk image on which you put files. Use Disk Utility: File > New Image > Blank Image, set a name and disk size, choose “256-bit AES encryption” from the Encryption pop-up menu, and enter and record a password. Only Macs can decrypt and mount such a disk image.)
A trusted party could fulfill that intermediary role instead of a lawyer, too, if there’s someone who could be relied upon to release the encrypted information under the same restrictions.
Enable Digital Legacy
While Apple’s Digital Legacy service (added to its operating systems in 2021), doesn’t solve all problems, it does provide a streamlined and authorized method for the legally selected representatives of an estate to gain access to most of a person’s iCloud-linked information.
Before your or someone else’s passing, they need to both add Legacy Contacts to their Apple ID account. (See “How to set up a Legacy Contact for your iCloud account.”) Apple offers a list of all the data a Legacy Contact will and won’t be able to access.
As an additional step, you or that person should specifically authorize one or more people to handle legal affairs for your estate. Macworld doesn’t provide legal advice, so ask an attorney you use to draft a will about what that language should be. This provides additional help in case something goes wrong with access via Digital Legacy.
When someone dies, and the Digital Legacy service is invoked for their Apple ID, that Apple ID can no longer be used with any device for iCloud and other services. All linked devices that had Find My enabled–and, thus, Activation Lock turned on–will have Activation Lock removed.
Apple notes that those devices have to be restored to factory settings after that point to be registered with a new Apple ID instead of just logging in with a new Apple ID.
If you relied on the Apple ID account of a partner or another person you know for purchases and media, enabling Digital Legacy wipes away all purchases. This is a good reminder that we license digital media–we don’t buy it or own it.
If you share an Apple ID with someone else, you should plan on continuing to use the account. Apple intends accounts to be used by a single person, but there’s little oversight about shared uses of a single account unless the account is registered in that other person’s name and Apple were to receive information about their demise directly.
What happens if someone hasn’t planned ahead?
Without a Legacy Contact enabled for Apple ID and without passwords and passcodes, there’s little that you can do.
Apple’s Digital Legacy offers one option to regain access to hardware but not data. You can follow a procedure at the Digital Legacy site if you don’t have a Legacy Contact Access Key–part of the process of someone adding you as a Legacy Contact–you can click “I don’t have an access key” and follow a number of steps.
The end result is that the Apple ID account is deleted along with all data, and all associated devices are wiped clean and have Activation Lock removed, allowing them to be restored to factory settings and reused.
This Mac 911 article is in response to a question submitted by Macworld reader Ian.
Ask Mac 911
We’ve compiled a list of the questions we get asked most frequently, along with answers and links to columns: read our super FAQ to see if your question is covered. If not, we’re always looking for new problems to solve! Email yours to [email protected], including screen captures as appropriate and whether you want your full name used. Not every question will be answered, we don’t reply to email, and we cannot provide direct troubleshooting advice.