Also curious about this. There seems to be a master password and a bunch of questions. Presumably (I looked around) one transfers these.
Now, there have been cases of seniors being conned into signing away power of attorney. If this is detected, how can the owner change the authorization?
And if used by seniors (I am one, OK) how can they remember the password/questions other than a password manager app (which requires a password) or printing them out and saving in a lockbox? And then there’s access to the key …
Anyway, granting access seems to be the entire point of this, and I didn’t see it addressed “job one” on a quick run through the website. Then again, I’m a senior …
Thank you for raising this — it's a deeply thoughtful perspective and you’re absolutely right: secure access control and ownership revocation are “job one” for a tool like EchoVaults. I'll try to address your concerns directly and clearly:
1. How the Owner Can Change or Revoke Authorization
EchoVaults is entirely offline and local to your device. That means:
You can edit your trusted contact, master password, or emergency instructions at any time from within the app.
All changes happen instantly, without needing to connect to the cloud or re-sync anything.
If someone you previously trusted becomes untrustworthy, you just open the app, change the vault password, the 5 identity challenge questions, or remove them entirely. No delay. No approval needed. You remain in control at all times.
Because there’s no external server, no one — not even us — can override or silently alter this.
2. What About Memory? What If a Senior User Forgets?
You’re right to say that remembering a master password + challenge questions can be tricky, especially for seniors. That’s why we built the system with multiple human-friendly backup methods:
You can print an encrypted PDF backup of your vault with your password + answers, and store it in a physical lockbox or with a trusted lawyer or child.
You can export a password-protected backup file and write the access code down on paper.
Or, if you use a password manager already (like 1Password or Bitwarden), you can safely store your EchoVaults credentials there.
We also strongly recommend setting a codeword-based lock screen message like:
"If I’m incapacitated, [Name] should use the code ‘River’ to open EchoVaults."
This gives helpful direction to trusted parties, without exposing anything sensitive upfront.
3. Preventing Exploitation (e.g. Power of Attorney Scams)
Because we don’t connect to servers or share data, no one can remotely access or tamper with your EchoVaults data.
The most important layer of defense is:
Your phone’s passcode (which protects the device itself)
Your EchoVaults master password
Your chosen unlock questions
If someone ever tries to pressure you or gain access improperly, you can silently update or revoke their access within seconds. They would never know until it no longer works.
You're absolutely right that this kind of product must earn your trust, not just ask for it. That’s why we’ve published a full transparency report https://echovaults.org/transparency, made the app open-source, and designed everything to work offline, privately, and at your pace.
If there are better ways we can surface this info on the website (e.g., clearer onboarding or an FAQ section just for seniors), we’d love your suggestions.
Thank you again for asking. Your voice matters, and it helps us build better.
You're welcome. Just make this info easier to find on your website. I may be old but I've been computing since Kim-1, and better than most at ferreting out info.
It's for all the others! I appreciate your reply.
P.S. I never used, but like the idea of a plausible deniability password, which unlocks nice looking but useless (or even incriminating) info, like the fake ID that came with a wallet, but I keep it the vulnerable back pocket in case someone lifts it. Unfortunately, it's very dated. I keep the real stuff in front.
Thank you for asking — this is one of the most important questions we get, and it goes to the very heart of how EchoVaults was designed: to remain private, accessible only by you, and—if needed—discoverable by someone you trust, without ever relying on cloud syncing or external servers.
We don’t use any "secret" internet triggers or remote unlock mechanisms, which are often vulnerable, difficult to test, or dependent on the existence of external infrastructure long after the user has passed. Instead, EchoVaults is fully offline and built on a human-first model of trust, clarity, and layered security.
Here’s how access works after death, step-by-step:
-1. Persistent Lock Screen Instruction (You Set This)
During setup, EchoVaults lets you write a permanent message that stays visible on your phone’s lock screen.
This message should guide whoever finds your phone — for example:
“If I’m no longer around, please contact [Name]. They know how to access EchoVaults. Use the codeword: ‘River’.”
This is how your intent survives you, in a form any first responder or family member can understand without needing to unlock anything yet.
-2. They Must Unlock Your Phone (First Layer of Defense)
EchoVaults doesn’t bypass or weaken your device’s native security.
The person you trust must already know your phone passcode. We don’t encourage storing or sharing this casually — but if you’re planning for emergencies or death, this is the only real-world viable method.
On both iOS and Android, over 90% of phone theft attempts fail precisely because this passcode layer is so difficult to break. In most jurisdictions, even Apple themselves can’t unlock a phone without a court order — and sometimes, not even then.
-3. EchoVaults: Status Check + Identity Challenge (Second Layer)
Once the phone is unlocked and EchoVaults is opened:
The app prompts: “Are you the original user?” or “Has the user passed away?”
If the responder selects “User has passed away”, they’re presented with a 5-question identity challenge, created by you during setup.
These are not generic security questions — they are deeply personal ones only someone close to you can answer (e.g. “What nickname did my mom call me?” or “Where did I hide my emergency note in 2023?”).
You can optionally give this trusted person an encrypted PDF containing these questions and answers in advance, stored safely offline or physically printed.
-4. Access Level and Delayed Vault Reveal
Once the correct answers are given:
The trusted person gains access only to the vaults you've marked as “Basic” — typically containing general guidance, will instructions, or useful information for your family.
For vaults marked “Sensitive”, access is delayed based on the wait period you choose — this could be 24 hours, or even weeks, months, or years.
For vaults marked as "Ultra-Sensitive" no one can see this except you, even when trusted person correctly answers your security questions, the vaults in this privacy level will never be visible to them.
After that wait period passes (and only if you don’t cancel the unlock, in case of false positive or mistaken access), the app reveals the sensitive vault.
The delay serves as a grace window: If you’re still alive and access was accidental, you can cancel it. If you’ve truly passed away, it proceeds in a dignified, secure, and planned way.
-Security Model
EchoVaults was built with the following principles:
100% offline: No cloud, no syncing, no tracking, no server dependency. Your data stays on your device.
Tamper-resistant encryption: AES-256-GCM with PBKDF2 key derivation, same used in secure password managers and military-grade systems.
Human-readable recovery: All instructions are visible, understandable, and usable by your family or loved ones without technical knowledge.
This is how EchoVaults answers the hardest question:
“If I’m gone, how will the people I love access what I left behind — and only them?”
Without compromising on privacy, encryption, or simplicity.
I have done both. Any agency worth their weight will provide you ownership of the app and IP. As long as your not using some closed source integration which the agency has developed.
Building out a team provides it own set of challenges as you need to find the right people, provide guidance on how the application should be designed/architected.
Drop me a line at cameron [at] bitformations.ca and we can chat we do app development.
Verifiably false. Godot's new community manager chimed in a mongolian horse-rider simulator discussion [0] that had nothing to do with it (but UE5), claimed the engine to have become "wokot" and immediately proceeded to block every single account expressing any criticism from questioning stirring useless drama online to fixing the engine, quoting its founder, or having never interacted with the account at all, and then proceeded to thoroughly lie in their official statement. The project has always been leaning into supporting such communities, and that was never an issue for the majority of people at large until this pointless tantrum that ultimately just brought worldwide attention to its community management issues.
oi. Crazy how I really haven't checked much into Godot's community since early pandemic but the exact same names always come up causing drama.
So the official Godot twitter fell for the lowest quality troll bait to start a flame war, and in the crossfire they banned several people who were in fact not harassing staff. On top of that, a particular unoffical discord moderator fanned the flames, causing a fallout of some devs, and then others in the crossfire. The CEO basically dug his head in the sand for all this.
Did I get that right? You'd think a proper CM would know that those "callouts" rarely end well. Especially on Twitter. More reasons companies won't be open about their creative works and instead live in an ivory tower.
To be frank this is all a bit stupid and disappointing. I knew for a while that Godot's contributions can be overly hardheaded and blocked a lot of useful optimizations, so I was expecting this fork to be more of a call to have the engine focus more on iterating faster and being more performant. But alas, Twitter continues to unjustify its own existence.
What does it mean to “block” developers from accessing an open source repo? I can go to https://github.com/godotengine/godot and clone it without even making an account.
If someone's knowledge of software licenses and distributed version control is so limited that they can't figure out a way to bypass this "block," then I'm not sure they're cut out for the rigors of video game development.
First, getting blocked on GitHub doesn't remove your access to the repository. You can still see and fork the code. You just can't comment in issues and discussions.
Second, no actual developer of Godot has been blocked. Random people harassing the contributors have been blocked.
I'm like the idea but the site does not let me know how it works after I die? How does the other person gets access to the vault?