February 6, 2026

Friends, foes & forgotten passwords

Article URL →HN comments →

Show HN: If you lose your memory, how to regain access to your computer?

Friends-as-keys spark trust drama as others swear by Google’s switch and paper-in-a-safe

TLDR: An offline tool splits a recovery key among friends so they can unlock your files if you forget. Commenters are divided between trust-circle keys, Google’s dead-man switch, and paper-in-a-safe, with a real TBI story highlighting why planning for memory loss matters.

A new “Show HN” tool lets you encrypt files and split the unlock key among trusted friends—think a modern treasure map with pieces scattered across your crew. It runs offline in your browser; no servers; recovery still works even if the site vanishes. It’s open source and leans on age encryption, with a demo that shows how friends combine shares using Shamir’s Secret Sharing.

The community’s hot take buffet: one camp cheers the “friends-as-keys” idea for posthumous access, calling it less annoying than dead-man vaults you must reset forever. Another camp shrugs and says just use Google’s Inactive Account Manager and be done. Meanwhile, the low-tech contingent flexes fireproof safes, printed codes in different buildings, and journals “hidden like pirate loot.”

A sobering twist: a commenter who endured a traumatic brain injury said memory can simply vanish—turning long passwords into locked doors you can’t open. Cue the trust drama: who gets a slice, what if friends feud or move, and will anyone remember where their share is? Fans praise the self-contained, offline recovery and the self-audit; skeptics warn it’s not a backup by itself and urge trying the demo before touching real secrets. Humor flew with “assemble-the-squad” memes and quips about paper never running out of battery while browsers sometimes do.

Key Points

  • The tool encrypts files and splits the decryption key using Shamir’s Secret Sharing with a configurable threshold.
  • Recovery is performed offline via self-contained bundles including recover.html; no servers or internet are required.
  • Encryption uses age; all operations run locally and files never leave the device.
  • It is open source (Apache-2.0) with code on GitHub and a self-audit document explaining cryptographic choices.
  • It is not a service or backup system; demo bundles are provided to practice the recovery process.

Hottest takes

"The annoying part is having to reset it indefinitely" — moltymolt
"Google offers 'Inactive Account Manager' AKA a dead man's switch" — modeless
"Low tech: I put my secret manager password in a physical journal" — bitexploder

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.