AmberKey is in invite-only beta. Join the newsletter to request an invite and hear the moment it opens to everyone. Sign up ↓

Playbook

No password manager: browser-saved or on paper

Platform claims verified July 9, 2026

What this mechanism is

Most people don’t use a dedicated password manager. Their logins live in the browser (Chrome, Safari, Edge) or on a sticky note, a notebook, or in their head. That’s fine. AmberKey’s job is inheritance, not password reform, so this card gives you two honest paths. Pick the one you’ll actually do.

First, the easy win: browser-saved passwords usually inherit through an account you already have.

  • Chrome / Android saves to your Google account: those passwords come with the Google plan (Inactive Account Manager + escrowing your Google credential). Use the Google playbook.
  • Safari / Apple devices save to iCloud Keychain: but Apple’s Legacy Contact does not hand those over, so you must escrow your **device passcode

If your passwords are in one of those, set that account up and you’re mostly done. This card is for what’s left: a truly manager-less setup, paper lists, or the handful of critical logins you want escrowed directly.

Two paths: pick one

Path A. Capture the critical few here (fastest). Don’t try to escrow all 200 logins. Add a Layer 2 secret to this card for each of the accounts that unlock everything else, and stop there:

  • your primary email (the reset hub for the rest),
  • your bank / brokerage,
  • your phone account (it receives the security codes),
  • anything with money or that others depend on.

Five to ten entries covers what a survivor actually needs. A short, current list beats a giant stale one.

Path B. Move to a real manager first (better hygiene). Set up Bitwarden (free) or KeePass, import your browser passwords, and then configure inheritance once. Bitwarden’s Emergency Access, or KeePass’s file + master password. After that, a single card covers your whole vault. See the Bitwarden or KeePass playbooks. This is more work now and much less later.

Path B is the better habit; Path A respects that today you just want your family covered. Either is a real answer. Doing neither is the only wrong move.

What AmberKey stores

  • Layer 1 (metadata): that your passwords are browser-saved / on paper, and which accounts you chose to escrow.
  • Layer 2 (bearer secret): the handful of critical logins you captured (Path A), or a note pointing to the manager you set up (Path B).

What your survivors do

Open this card, retrieve the critical logins from the vault (Layer 2), and sign in. If a texted code is needed, it goes to the deceased’s phone number, which is why the standing rule is do not cancel the phone line yet.

Gotchas

  • Don’t dump a browser password CSV into the vault. Chrome and others can export every saved password to a plaintext file. Don’t. It’s the opposite of Layer 2’s job (a single-file compromise of everything), it goes stale the moment you change a password, and each export leaves a plaintext file on disk. Capture the critical few by hand instead, or move to a real manager.
  • Paper lists get lost or go out of date. If your passwords live on paper, escrowing the critical few here is the durable version. The notebook won’t be found in time, and it won’t be current.
  • Keep the escrowed few current. When you change one of these critical passwords, update its Layer 2 secret and re-export your bundle.