When Disaster Strikes: Recovering Your Digital Accounts

Disaster Situation:

Traveling abroad for weeks (or months) at a time is a life changing experience. Even more so when things don’t turn out as planned. One of my biggest worries when traveling abroad is something like this:

You have just gotten off the train in your next European city and are on your way to your next hotel, on foot. It’s just you and your backpack. When you get to your hotel to check-in you reach into your pocket and realize both your phone and wallet are gone. You realize that person that bumped you in the street was also lifting your valuables as they were so kindly apologizing. Since you aren’t travelling with a laptop you are now completely cut off from the online world.

Let’s face it, most of our life while traveling is still online, including travel plans and the access to the funds we use to pay for our adventures. So when we lose our devices connecting us to the ether, we are left drifting in the open sea with a very leaky life raft.

But things get worse, like any responsible denizen of the digital age, we know how to protect ourselves online using the following tactics:

There is no question that the above tactics make your online life more secure. However, people don’t normally talk about how they also complicate recovery processes in the event of our hypothetical disaster-scenario. Since your password manager was on your phone, and you lost your phone you can no longer get to your passwords. Also, even if you happened to remember your 50-character password to your email account you still can’t sign in because your phone is still stolen so you won’t be getting any two-factor authentication codes from it.

Okay, enough doom and gloom. Luckily with some foresight and pre-planning it is possible to recover from this incident. Here are the steps you can take when traveling abroad to make sure you have a way to fix the above scenario:

  1. Create an encrypted archive (I follow these steps), of the following:
    • your passwords (most password managers let you backup your files)
    • copies of your two-factor auth backup codes for critical accounts (e.g., primary email, bank, apple-id)
  2. Give the encrypted archive to someone you trust (don’t tell them the password, you don’t trust them that much). Memorize both the password and the contact information of this friend.

That’s it, now if the disaster scenario above happens to strike you have a way out:

  1. First call your trusted friend, give them the password to your encrypted file archive so that they can open it and provide you with the password to your email account and any two-factor auth backup codes you need.
  2. Find a public internet café with computer, use it to log into your email account, using your backup codes to get past the two-factor auth.
  3. Now access the accounts you need to using the “forgot my password” feature to get a new password in your email, then use the backup-codes you printed out to gain full access.
  4. Do whatever is necessary to prevent any identity theft (e.g., cancel credit cards, reset your phone).
  5. As soon as you have access to a trusted computer again make sure to change the passwords for any account you happened to access from the internet café.