Digital Estate Planning for US Residents — A Long-Form Guide

Research date: 2026-04-21 Audience: VA / WV / AL residents and their fiduciaries (fornax primary initial-state focus); broadly applicable to all US residents. Legal posture: Educational-only. Nothing below is legal advice. No attorney-client relationship is created by reading this document. Platform policies and state statutes change frequently — re-verify before acting, and retain counsel licensed in the appropriate state for consequential decisions.

Part 1: The scope of "digital assets"

A digital asset is any record stored electronically to which the owner holds a right of access, use, or economic benefit, and for which access or transfer depends on credentials, cryptographic keys, or a platform's consent rather than physical possession. Digital assets fall into roughly twelve overlapping categories.

1.1 Cloud file storage

Google Drive / Google Workspace — consumer and Workspace tenancies differ sharply on post-death access. (support.google.com/accounts)
iCloud Drive / iCloud+ — Apple treats iCloud content as in-scope for the Digital Legacy program introduced in iOS 15.2. (support.apple.com/HT212360)
Dropbox — documented "account of a deceased user" process under Dropbox Help Center.
Microsoft OneDrive / Microsoft 365 — tied to the Microsoft Account; governed by the Microsoft Services Agreement.
Box, pCloud, Sync.com, Tresorit, MEGA — each with distinct death-claim workflows.

Practical hazard: a single cloud folder may commingle family photographs, tax returns, encrypted password exports, and minor children's records — each governed by different fiduciary-access rules depending on platform and state.

1.2 Email

Email is the single most important digital-asset category because it is the 2FA fallback for almost every other account. Losing inbox access often means losing access to everything.

Gmail — Google Inactive Account Manager + Google Takeout.
Outlook.com / Hotmail / Microsoft 365 — Microsoft Next of Kin process.
Yahoo Mail / AOL — Verizon/Yahoo "deceased user" request; Yahoo's historic policy (litigated in In re Ellsworth, Mich. Prob. Ct. 2005) has liberalized post-RUFADAA.
ProtonMail — zero-knowledge encryption; Proton cannot recover content without the user's password. (proton.me/support)
iCloud Mail — falls under Apple Digital Legacy.
Fastmail, HEY, Tutanota — independent policies; read each.

1.3 Social media

Facebook / Meta — memorialization + Legacy Contact are the canonical consumer-grade digital-estate tools.
Instagram — memorialization or removal (Meta).
X (formerly Twitter) — inactive-account policy; no legacy-contact feature; family-request removal or memorial.
LinkedIn — deceased-member profile hollowing or removal via the LinkedIn Help Center.
TikTok, Snapchat, Pinterest, Reddit — each with a separate process; documentation quality varies widely.
Threads, Bluesky, Mastodon, Nostr — newer platforms with sparse death policies; Nostr uses self-custodied key pairs (like crypto) so the key-management problem dominates.

1.4 Photos and video

iCloud Photos / Photo Stream — Apple Digital Legacy.
Google Photos — Google Inactive Account Manager + Google Takeout.
Amazon Photos — Amazon account policies.
Flickr (SmugMug) — deceased-member policy.
Shutterfly, Mylio, Adobe Lightroom cloud catalog — proprietary catalogs may be lost entirely without owner credentials.

Photos carry outsized sentimental value; their loss is the #1 source of surviving-family regret in the digital-estate literature.

1.5 Cryptocurrency and digital-asset wallets

Self-custodied wallets — Bitcoin, Ethereum, Solana, Bitcoin Lightning, and the full long tail of layer-1/layer-2 chains. Control = private key.
Exchange custody — Coinbase, Kraken, Gemini, Binance.US, Bitstamp, River. These are IOUs; the exchange holds the keys.
Stablecoins — USDC, USDT, DAI; custody identical to crypto but tax treatment (Rev. Rul. 2024-14) diverges.
Wrapped-token positions, DeFi positions — Aave, Compound, Uniswap LP; custody = key, but position is reconstructed from on-chain state.
Staked assets — ETH on Lido, cbETH, delegated SOL, etc.

1.6 Domain names and DNS infrastructure

Registrars: GoDaddy, Namecheap, Cloudflare Registrar, Porkbun, Dynadot, Google Domains (sunsetted; migrations to Squarespace).
DNS providers: Cloudflare, AWS Route 53, DNSimple, deSEC.
ICANN publishes the Registrar Accreditation Agreement (RAA), including the "Registrant Rights and Responsibilities" addendum every registrar must honor.

A domain name that hosts a business, a creator persona, or a spouse's email is potentially the single most business-critical digital asset. Letting the registrar account lapse can cost the business.

1.7 Loyalty points, airline miles, hotel status

Airlines — Delta SkyMiles, United MileagePlus, American AAdvantage, Southwest Rapid Rewards, JetBlue TrueBlue, Alaska Mileage Plan.
Hotels — Marriott Bonvoy, Hilton Honors, Hyatt World of Hyatt, IHG One Rewards, Wyndham, Choice Privileges.
Credit-card rewards — Chase Ultimate Rewards, Amex Membership Rewards, Capital One Miles, Citi ThankYou.

Policies vary: some carriers forfeit points at death; others honor transfer requests with a death certificate and an executor letter. Always check the current program rules — they change without notice.

1.8 Tokenized assets and NFTs

Art NFTs — OpenSea, Rarible, Blur, Magic Eden, Foundation.
Music / media NFTs — Royal, Sound.xyz.
Domain-name NFTs — ENS (.eth), Unstoppable Domains.
Tokenized real-world assets — growing category including tokenized Treasuries (Ondo, Superstate), tokenized real estate, tokenized private-fund LP interests.

NFT discovery is a hard problem: the wallet must be located first (seed phrase), then each chain explored (Etherscan, Basescan, Polygonscan, Solscan, etc.).

1.9 SaaS accounts and subscriptions

Productivity — Notion, Evernote, Roam Research, Obsidian Sync, Craft.
Design / creative — Adobe Creative Cloud, Figma, Canva, Procreate Cloud.
Developer — GitHub, GitLab, Bitbucket, Heroku, Vercel, Netlify.
Streaming — Netflix, Hulu, Disney+, Max, Spotify, Apple Music, YouTube Premium.
News / paid content — NYT, WSJ, Bloomberg, Substack paid subscriptions.
Fitness / health — Peloton, Strava, Oura, Whoop.

The long tail here is the main driver of post-death subscription drag — auto-renewing charges on a deceased person's payment method that can accumulate for months or years unless canceled.

1.10 Gaming accounts and purchased digital goods

Steam (Valve) — the Steam Subscriber Agreement historically prohibits transfer. Libraries are account-bound.
PlayStation Network, Xbox Live / Microsoft Gaming, Nintendo Account, Epic Games Store — similar non-transfer provisions.
World of Warcraft, Final Fantasy XIV, EVE Online, RuneScape — in-game assets bound to accounts.
Mobile game platforms — App Store / Google Play purchases tied to platform accounts.

In-game currencies, cosmetics, and character progression often cannot legally be transferred — a point RUFADAA does not override, because RUFADAA respects platform ToS in the "third tier" of consent (see Part 3).

1.11 Creator accounts with revenue

YouTube channels with monetization (AdSense) — Google's channel-transfer process with an Estate Transfer Request.
Substack paid newsletters — publication transfer via Substack support.
Twitch affiliate / partner — channel transfer policy.
Patreon creator accounts — page transfer policy.
TikTok Creator Fund, Instagram Reels bonuses, Facebook Ad Break revenue — each with separate continuity policies.
Kindle Direct Publishing / Audible ACX royalty accounts — Amazon's policy on estate transfer of royalty streams.
Etsy, Shopify, eBay stores — business-account transfer workflows.
OnlyFans, Fanhouse, Ko-fi — creator platforms with evolving estate policies.

Where monetization attaches to a channel, the channel is both a revenue-producing business asset AND a personal brand bound to a living individual's identity — the tension between those two often governs what survives.

1.12 Intellectual property (adjacent digital)

Copyrights — automatic on fixation; registration at copyright.gov optional but strengthens enforcement. (copyright.gov)
Trademarks — USPTO registrations; renewals required. (uspto.gov)
Patents — USPTO registrations; maintenance fees at 3.5, 7.5, 11.5 years.
Licensing contracts — publishing deals, music sync rights, software licenses.
Domain-name trademarks — overlap with domain-name succession above.

Part 2: Why the common-law framework breaks

Traditional probate law assumed three things that digital assets routinely violate:

Assets were physical or had a physical proxy (a stock certificate, a deed, a safe-deposit-box key). Physical custody transferred cleanly to the personal representative.
Third parties cooperated with proof of authority (a bank accepted Letters Testamentary and released the account balance; a county clerk recorded a deed).
Ownership did not depend on a private contract between owner and custodian. Consumer digital services invert this: ownership is a contract (the Terms of Service) between the user and a platform, and the platform's cooperation with a fiduciary is not automatic.

Three specific friction points:

2.1 Authentication barriers

Email, cloud, crypto, and social accounts are protected by passwords, two-factor codes, biometric locks, and hardware keys. Even where the law says a fiduciary has a right of access, the technical path to actually opening the account may be blocked. Apple's T2 / Secure Enclave chip and iCloud Keychain can make a locked iPhone essentially unrecoverable without the deceased's passcode plus Apple's Digital Legacy process.

2.2 Terms-of-service non-transferability

Most consumer ToS forbid credential sharing (often calling it a criminal violation — the Computer Fraud and Abuse Act, 18 U.S.C. § 1030, makes "unauthorized access" a federal crime, although the Ninth Circuit in hiQ Labs v. LinkedIn (2022) has narrowed the scope). Many ToS flatly prohibit account transfer at death. A fiduciary who logs in with the decedent's password without platform cooperation arguably commits a CFAA violation — one reason RUFADAA's "platform cooperation" structure matters.

2.3 Stored-Communications-Act lockout

The federal Stored Communications Act (18 U.S.C. §§ 2701–2712) forbids a provider from disclosing the content of electronic communications except in narrowly enumerated circumstances. § 2702(b)(3) permits disclosure "with the lawful consent of the originator or an addressee or intended recipient." RUFADAA is drafted to fit within that consent framework — state law specifies what counts as the decedent's "lawful consent" — but providers are cautious and routinely require a court order or specific statutory-form authorization before releasing content. This is why a generic power of attorney, without RUFADAA-compliant digital-asset language, often fails.

Part 3: The RUFADAA framework

The Revised Uniform Fiduciary Access to Digital Assets Act was promulgated by the Uniform Law Commission in 2015 and is the default framework in nearly every US state. (Uniform Law Commission — RUFADAA page)

3.1 Who is a "fiduciary" under RUFADAA

Personal representative of a decedent's estate (executor / administrator).
Trustee of a trust holding digital assets.
Agent under a durable power of attorney.
Conservator / guardian of a living protected person.

3.2 What a fiduciary may do

Request a catalogue of electronic communications (sender, recipient, date — no content).
Request content of electronic communications — but only if the user consented in the three-tier hierarchy below.
Access other digital assets (non-communication records — photos, documents, crypto wallets stored with a custodian) on a less-restrictive standard.
Require the custodian to produce a copy of the ToS if relied on as the access standard.

The custodian may charge a reasonable fee for compliance, may withhold contents unless the fiduciary establishes they fall within the permitted scope, and must act within a statutory time frame (typically 60 days after a proper request).

3.3 The three-tier consent hierarchy

RUFADAA § 4 establishes an ordered cascade:

Tier 1: Online tool provided by the custodian. If the user opted into a platform-provided tool (Google Inactive Account Manager, Facebook Legacy Contact, Apple Digital Legacy), the user's designation in that tool controls and overrides any contrary language in a will or trust.

Tier 2: Will, trust, power of attorney, or other estate-planning document. If no online tool exists or was used, the user's written direction in an estate document controls — provided the language specifically references digital assets and content of electronic communications where applicable.

Tier 3: Platform's Terms of Service. If neither of the above, the default platform ToS governs — which typically means the executor gets non-content metadata only, or nothing at all.

The practical consequence: the online tool beats the will. A decedent who years ago named a Facebook Legacy Contact and later wrote a will naming a different person to inherit social-media accounts is stuck with the Facebook designation unless updated.

3.4 What RUFADAA does NOT do

It does not override the Stored Communications Act; it operates inside the SCA's consent framework.
It does not compel disclosure of content where the user never consented in any tier — ToS non-transferability in Tier 3 can shut the door entirely.
It does not override federal criminal law (CFAA, Wiretap Act).
It does not resolve cross-border disputes if the custodian is outside the US.
It does not give a fiduciary access to a password manager's master password or a crypto seed phrase — those remain physical-key problems.

Part 4: State-by-state RUFADAA adoption

As of 2026, all 50 states plus the District of Columbia, Puerto Rico, and the US Virgin Islands have enacted some version of RUFADAA. The one remaining historical holdout, Oklahoma, enacted its version in 2024. Louisiana has adopted variant digital-assets language inside its civil-law tradition but not the ULC model verbatim; Massachusetts adopted a modified version in 2024. Readers should verify current status via the ULC Legislative Fact Sheet for RUFADAA.

4.1 Comparison table: VA / WV / AL core digital-estate statutes

Dimension	Virginia	West Virginia	Alabama
RUFADAA citation	Va. Code §§ 64.2-116 – 64.2-132	W. Va. Code §§ 44-5C-1 – 44-5C-20	Ala. Code §§ 19-1A-1 – 19-1A-24
Effective date	July 1, 2017	June 7, 2018	July 1, 2018
Three-tier hierarchy	Yes (§ 64.2-119)	Yes (§ 44-5C-4)	Yes (§ 19-1A-4)
Content disclosure standard	User consent per hierarchy	User consent per hierarchy	User consent per hierarchy
Catalogue disclosure standard	Default unless opted out	Default unless opted out	Default unless opted out
Custodian response window	60 days (§ 64.2-120.C)	60 days	60 days
Electronic Wills Act (UEWA)	Yes — Va. Code § 64.2-414.1 (2021)	No	No
Remote Online Notarization (RON)	Va. Code § 47.1-2.1 et seq. (authorized 2011 — first state)	W. Va. Code § 39-4-14a et seq. (2020)	Ala. Code § 35-4A-120 et seq. (2021)

4.2 Virginia deep dive

Virginia enacted RUFADAA in 2017 without material deviation from the ULC model, codifying it at Title 64.2, Chapter 2.2. Key Virginia-specific features:

Definitions at Va. Code § 64.2-116 track ULC definitions.
User direction at § 64.2-118 — the online-tool/will-trust-POA/ToS hierarchy.
Disclosure standards at §§ 64.2-121 through 64.2-124 — by fiduciary type (personal representative, agent under POA, trustee, conservator).
Custodian compliance and immunity at § 64.2-130 — immunity for good-faith compliance with a qualifying request.

Virginia additionally adopted the Uniform Electronic Wills Act at Va. Code § 64.2-414.1 effective July 1, 2021 — electronic wills with electronic signatures and electronic witnessing (including remote witnessing via audio-video) are valid if statutory formalities are met. Virginia was the first US state to authorize remote online notarization in 2011 (Va. Code § 47.1-2.1 et seq.), giving it the deepest practitioner pool in RON.

4.3 West Virginia deep dive

West Virginia enacted RUFADAA in 2018 at Chapter 44, Article 5C. Structure mirrors the ULC template. Key WV notes:

User direction and three-tier hierarchy at W. Va. Code § 44-5C-4.
Personal representative rights at §§ 44-5C-7 and 44-5C-8 (content vs. catalogue).
Trustee, agent, conservator rights at §§ 44-5C-9 through 44-5C-14.
Custodian compliance at § 44-5C-16, with 60-day response default.

West Virginia has not adopted the Uniform Electronic Wills Act — a fully electronic will executed only online is not valid under current WV law; holographic and traditional attested wills remain the compliant execution paths (W. Va. Code § 41-1-3). WV did authorize remote online notarization in 2020 at W. Va. Code § 39-4-14a et seq., which permits remote notarization of many instruments (but note the statutory carve-outs — wills and codicils historically require physical witnessing in WV).

4.4 Alabama deep dive

Alabama enacted the Revised Uniform Fiduciary Access to Digital Assets Act at Ala. Code §§ 19-1A-1 through 19-1A-24 effective in 2018. Structure substantially tracks the ULC model.

Three-tier hierarchy at Ala. Code § 19-1A-4.
Personal representative content disclosure at § 19-1A-7; catalogue at § 19-1A-8.
Agent under POA at §§ 19-1A-9 and 19-1A-10 — AL is unusual in requiring that the POA specifically grant digital-asset authority for content (a generic POA is not enough).
Trustee, conservator at §§ 19-1A-11 through 19-1A-14.
Custodian compliance at § 19-1A-16.

Alabama has not adopted the Uniform Electronic Wills Act. A fully electronic will is not valid in Alabama under current law; the attested-will and holographic-will pathways at Ala. Code § 43-8-130 et seq. remain the compliant methods. Alabama authorized RON at Ala. Code § 35-4A-120 et seq. in 2021, but wills remain outside the authorized RON document list under § 35-4A-123.

Part 5: Platform-provided legacy tools (Tier 1)

Because Tier 1 controls, setting up platform tools is the single highest-leverage digital-estate step. A resident with no other estate plan but a fully-configured set of platform tools already has better digital-estate coverage than a resident with a sophisticated will but no platform designations.

5.1 Google Inactive Account Manager

URL: myaccount.google.com/inactive
Trigger: user-selected 3, 6, 12, or 18 months of inactivity (no sign-in, no Android-device heartbeat, no Gmail/YouTube activity). Google sends reminder emails and SMS before declaring inactivity.
Up to 10 trusted contacts may be designated; the user chooses which of their Google services each contact may access (Drive, Gmail, Photos, YouTube, Calendar, Contacts, Keep, etc.).
Option to have the account auto-deleted after the inactivity period, with or without prior notice to trusted contacts.
Covers: Gmail, Drive, Photos, YouTube, Calendar, Contacts, Keep, Chrome sync, Location History, Voice.

Setup steps:

Sign in to Google account → myaccount.google.com → "Data & privacy" → "Make a plan for your digital legacy" → "Start."
Pick inactivity timeout.
Provide a second phone and recovery email.
Add up to 10 trusted contacts with email addresses and which data each may access.
Optionally write a Gmail auto-responder message that fires once inactivity is declared.
Choose whether to auto-delete the account after.

5.2 Apple Digital Legacy

Available on iOS 15.2+ and macOS Monterey 12.1+.
URL for setup on device: Settings → [your name] → Sign-In & Security → Legacy Contact.
Official overview: support.apple.com/HT212360.
Mechanism: a unique access key is generated and shared with the designated contact (via iMessage, email, or printed). The contact redeems the access key together with the decedent's death certificate via digital-legacy.apple.com after death.
Grants access to: iCloud Drive, iCloud Photos, iCloud Mail, Notes, Reminders, Contacts, Calendar, Safari bookmarks/history, voice memos, device backups. Does not grant access to iCloud Keychain (stored passwords), Apple Pay / Apple Cash balances, licensed media (purchased music, movies, books), or Game Center data.

Setup steps:

iPhone/iPad: Settings → [name] → Sign-In & Security → Legacy Contact → Add Legacy Contact.
Authenticate with Face ID/Touch ID/passcode.
Choose one or more contacts from Contacts.
Share the access key (recommended: share via Messages AND print a physical copy for safe storage).
Repeat on every device if family members have multiple Apple IDs.

5.3 Facebook Memorialization + Legacy Contact

Setup URL: facebook.com/settings → Memorialization Settings (under General).
Help reference: facebook.com/help.
Memorialization converts a profile to a memorial ("Remembering" banner). No one logs in as the deceased. Tributes may be posted; privacy settings preserved.
Legacy Contact is a designated Facebook friend who can, on memorialization:
- Write a pinned post at the top of the profile.
- Respond to new friend requests.
- Update the profile picture and cover photo.
- Request a download of the deceased's posts and photos (if the user opted in).
- Cannot: log in, read messages, remove friends, edit past posts.
Alternatively, the user may pre-authorize deletion of the account upon death.

Setup steps:

Settings & Privacy → Settings → General → Memorialization Settings.
Choose a Legacy Contact from friends.
Optionally: enable "Your Facebook Information" download access for the Legacy Contact.
Optionally: check "Request that my account be deleted after I pass away."

5.4 Instagram

No Legacy Contact feature as of 2026.
Family may request memorialization or removal via the Instagram Help Center with a death certificate and proof of relationship.
Meta's unified account tooling (since 2022's Accounts Center) means Facebook-side designations can partially control Instagram for accounts linked via the same Accounts Center.

5.5 Microsoft Next of Kin process

No preset legacy-contact tool.
Microsoft Services Agreement governs the Microsoft Account (Outlook, OneDrive, Xbox, Microsoft 365).
The executor submits a Next of Kin request post-death via Microsoft Support with:
- Death certificate (certified copy).
- Proof of executor authority (Letters Testamentary).
- The account's primary email address.
Microsoft typically provides a DVD or download of the account data rather than handing over live credentials, and then closes the account.

5.6 X (Twitter)

No legacy-contact feature.
Inactive account policy — accounts inactive for 6+ months may be deactivated by X.
Family with a death certificate and ID may request account deactivation via X Help Center. X does not provide access to account contents.
Archive option: use Google's Wayback Machine or the user's own pre-death Twitter Archive export (Settings → Your Account → Download an archive of your data).

5.7 LinkedIn

Family may request memorialization (profile marked, visibility restricted) or removal (complete deletion) via the LinkedIn Help Center.
No legacy-contact feature; LinkedIn does not grant access to InMail content.

5.8 TikTok, Snapchat, Pinterest, Reddit

All support a family-submitted death-verification request for account removal or (varies) memorialization. None offer pre-death legacy-contact tooling as of 2026. Document retention varies — Snapchat's message-ephemerality means message content is typically irretrievable.

Part 6: Password-manager succession

Password managers are the functional keys to the digital estate. A fiduciary with authority but no passwords is stuck behind every platform's login screen.

6.1 Comparison table: succession features

Manager	Succession mechanism	Wait period	Data access level
1Password	Emergency Kit (printed PDF)	Immediate, requires kit	Full vault (kit-holder becomes owner)
Bitwarden	Emergency Access (built-in)	User-set (default 7 days)	View-only OR takeover
Dashlane	Emergency Contact	User-set (default 48 hours)	Full vault
LastPass	Emergency Access	User-set (default 1 week)	Full vault
Keeper	Emergency Access (Business/Family)	User-set	Full vault
Proton Pass	Account inheritance (account recovery + printed recovery kit)	Immediate with kit	Full vault
RoboForm	Emergency Access	User-set	Full vault
Apple iCloud Keychain	No native emergency access; rides on Apple Digital Legacy (Keychain excluded — see Part 5.2)	—	Not available via Legacy
Google Password Manager	Rides on Google Takeout via Inactive Account Manager	User-set inactivity	Export only

6.2 1Password Emergency Kit

The 1Password approach is paper-based by design. The Emergency Kit is a one-page PDF containing:

Account sign-in URL.
Email address used for the 1Password account.
Secret Key (34-character randomly generated identifier that pairs with the master password).
Space to hand-write the master password.
The 1Password icon for easy identification.

Process:

In 1Password apps: Profile → "Emergency Kit" → Download PDF.
Print physically. Do not save the PDF digitally with the master password filled in.
Hand-write the master password in the designated field.
Store: one copy in a safe deposit box, one copy with the named executor, one in a home safe.
Refresh the printed kit whenever the master password or Secret Key rotates.

6.3 Bitwarden Emergency Access

Built into paid Bitwarden tiers (Premium, Families, Business).

Setup:

Bitwarden vault → Settings → Emergency Access → "Add Emergency Contact."
Enter trusted person's email + wait period (1 hour to 90 days).
Choose access level: View (read-only) or Takeover (recipient sets a new master password).
Recipient receives an invite; accepts in their own Bitwarden account.

On request, the contact initiates access; the user has the wait period to cancel. After the period, access activates automatically.

6.4 Dashlane, LastPass, Keeper, Proton Pass

All similar: designate one or more emergency contacts, configure a wait period, and the recipient gains access after the window elapses if the user does not cancel.

6.5 Paper-based approach (no password manager)

For users who refuse cloud password storage:

Hand-write a master sheet listing account names, usernames, and passwords (or clues to a mnemonic system).
Store in a fireproof home safe and a safe deposit box. Never in a desk drawer.
Update physically at least annually.
Pair with a separate sheet for 2FA recovery codes.

Tradeoff: extremely robust against digital failure, extremely vulnerable to physical loss / theft / fire without duplication.

6.6 Shamir Secret Sharing

Shamir's Secret Sharing (SSS, proposed by Adi Shamir, 1979) splits a secret into N shares such that any K of N can reconstruct it but fewer than K reveal nothing.

Split a 1Password Secret Key + master password into 3-of-5 shares distributed among: spouse, sibling, executor, family attorney, safe deposit box.
Reconstruction requires any 3 of 5 — no single person can unlock alone.
Tools: open-source ssss (CLI), SLIP-0039 (hardware wallets — covered below), in-browser tools from reputable projects.

Tradeoffs:

Pro: no single point of failure, no single point of compromise, survives partial loss.
Con: operational complexity; requires survivors to cooperate and each understand their share; shares can be lost over decades; rotation is a chore.

Part 7: Crypto inheritance — the hardest problem

Cryptocurrency has the most brutal inheritance economics of any digital-asset category: lose the seed phrase, lose the asset permanently, with no customer service, no court order, and no recovery mechanism. Chainalysis estimates over 3.7M BTC (nearly 18% of supply) are likely lost to forgotten keys — a meaningful fraction to death without succession planning.

7.1 Self-custody: sovereignty vs. loss risk

Self-custody grants full ownership (no exchange counterparty, no Coinbase freeze, no platform censorship) at the cost of perfect responsibility. A self-custodied Bitcoin or Ethereum position depends on one string of 12–24 words (the seed phrase, typically using the BIP-39 wordlist). That seed is all that the fiduciary needs — and all a thief needs.

7.2 Seed-phrase protocols

Rules that survive a century of practitioner experience:

Never one location. A single safe, a single safe deposit box, a single home office — all are single points of failure.
Never digital. Never type the seed into a computer, photograph it, store it in a cloud note, or email it. Any digital copy increases breach surface.
Metal plate backups. Stamp or engrave the seed into steel, titanium, or tungsten plates that survive fire, flood, and time. Vendors: Cryptosteel Capsule, Billfodl, Blockplate, Keystone Tablet Plus, Trezor Keep.
Geographic distribution. Keep two plates in separate secure locations (home safe + safe deposit box + trusted family member's safe).
Passphrase overlay (BIP-39 25th word). An additional user-chosen passphrase adds another factor on top of the 24-word seed. The passphrase must also be backed up; losing it loses the funds.

7.3 Multisig

Multisignature wallets require M-of-N keys to sign any transaction. Inheritance-ready patterns:

2-of-3 — self + spouse + trusted third party (attorney, family member, inheritance-service provider). Loss of any one key still allows access with the remaining two.
3-of-5 family council — larger families with multiple stakeholders; keys held by principal, spouse, two adult children, and a third-party service.
Services: Casa (casa.io), Unchained Capital (unchained.com), Nunchuk (nunchuk.io).

Benefits: no single seed-phrase theft compromises the wallet; structured inheritance is built-in; services provide key-management documentation and support.

Costs: subscription fees ($250–$5,000+/year depending on service tier), added operational complexity, requires all key-holders to understand the process.

7.4 Shamir backup on Trezor / Coldcard

Hardware wallets that implement SLIP-0039 (Shamir Secret Sharing for mnemonic codes) can generate the seed and directly split it into K-of-N shares with no third-party service required.

Trezor Model T and Trezor Safe 5 — native SLIP-0039 via "Shamir Backup" option during setup.
Coldcard Mk4 / Q — supports Seed XOR (different splitting scheme) and BIP-39 passphrase separation.

7.5 Exchange custody

Centralized exchanges (Coinbase, Kraken, Gemini, Bitstamp) hold keys on behalf of the customer. Pros:

Lower technical lift — the exchange has a death-claim procedure.
Accepts death certificate + Letters Testamentary like a traditional broker.
No seed-phrase risk.

Cons:

Counterparty risk — FTX (2022) wiped out custodied assets; Celsius, BlockFi, Voyager similar.
Freeze risk — exchanges can freeze accounts by policy or regulator order.
Partial proof-of-reserves at best — unlike bank FDIC insurance.

Most reputable exchanges publish dedicated bereavement or estate-transfer processes — consult each.

7.6 Inheritance-specific crypto products

Casa Covenant — Casa's dedicated inheritance-multisig plan. Built around a 3-of-6 multisig with one key held by a professional "inheritance advisor" who coordinates release upon death-documentation proof. Integrates with attorney-prepared trust documents.
Unchained Inheritance Protocol — structured key-handoff with Unchained as a collaborative custodian.
Nunchuk Inheritance Plan — free open-source alternative with self-administered key distribution.
Safe Haven (SHA / SENATE DAO) — smart-contract-based inheritance.
Sarcophagus Protocol — decentralized dead-man's switch using Ethereum + Arweave.

7.7 Trust-as-beneficiary of crypto

Where the self-custodied crypto position is large, a common pattern is to hold it in an LLC (single-member, disregarded for federal tax) owned by an irrevocable trust with a licensed corporate trustee. Operational access (the keys) can then sit with a crypto-native co-trustee or professional custodian without shifting beneficial ownership. This is a serious drafting project — bridge-to-pro applies.

Part 8: NFTs and tokenized assets

8.1 Discovery

Start with the wallet(s). Without access to seed phrase, the estate cannot locate NFTs.
On-chain tools: etherscan.io (Ethereum), polygonscan.com, basescan.org, solscan.io. Paste the wallet address and review the "NFT Transfers" tab.
Marketplace activity: OpenSea profile pages, Blur, Magic Eden, Foundation; account activity reveals holdings.
Wallet inventory tools: the native Rainbow / MetaMask / Rabby wallet UI, or consolidated trackers like zerion.io and debank.com.

8.2 Custody transfer

Because NFTs follow the seed phrase, transfer = moving the seed to a new owner's custody or transferring each NFT on-chain to a new wallet address.

Restore the seed in the heir's wallet software (single source of control).
Or: as trustee, restore the seed in a trust-owned wallet and transfer NFT-by-NFT to beneficiary wallets — each transfer is a taxable on-chain event that consumes gas.

8.3 IRS tax basis on inheritance

IRC § 1014 basis step-up applies to digital assets held at death. Fair market value on the date of death becomes the heir's basis. (IRC § 1014)
Substantiation — the heir must document the FMV of each NFT on the date of death. For illiquid NFTs with no recent trades, this is genuinely hard; retain a blockchain forensics specialist or appraisal firm for positions material to the estate.
Form 8971 — estates filing 706 must report basis to beneficiaries.
1099-DA reporting (Treasury Reg. § 1.6045-1, effective for sales on or after January 1, 2025 for custodied brokers) — exchanges must now issue 1099-DA for digital-asset sales. Self-custodied transfers remain user-tracked.

Part 9: Domain names

9.1 Registrar transfer policies

Every ICANN-accredited registrar must honor the Registrar Accreditation Agreement. Practical processes vary:

GoDaddy — "Account Change of Ownership" supports a deceased-owner pathway requiring death certificate, Letters Testamentary, and an affidavit.
Namecheap — documented executor-transfer process; requires notarized death documentation.
Cloudflare Registrar — tied to the Cloudflare account; must recover account access via Cloudflare Support.
Porkbun — small-registrar process; executor submits death certificate and ID.
Dynadot — documented process; longer turnaround.
Google Domains (sunsetted; migrated to Squarespace) — Squarespace's transfer process now applies.

9.2 ICANN's role

ICANN does not itself mediate disputes between registrars and estates; it enforces baseline accreditation rules. The Registrant Rights and Responsibilities document is the minimum floor.

9.3 Business-critical domain succession

When a domain hosts a business, a creator persona, or family email:

Pre-plan renewal billing on a corporate card or a card in the estate's name, not a personal card that may be frozen at death.
Consolidate registrar accounts with a single provider your executor can reach.
Document the registrar account credentials in the password manager AND in a sealed physical letter with the will.
Enable auto-renew AND set calendar reminders 90/60/30 days before expiration.
Set multiple WHOIS / ICANN admin and technical contacts so lapse notices reach more than one person.
For business-critical domains, transfer registrant to the business entity, not the individual; successor-in-interest of the entity then controls automatically.

Part 10: Two-factor authentication succession

2FA is the ironic reason most well-planned digital estates still fail: the executor has the password but no code.

10.1 Backup codes

Every serious platform issues backup codes (typically 8–10 single-use strings) when 2FA is enabled. Collect them all:

Print to paper.
Store in the same location as the 1Password Emergency Kit / safe deposit box.
Refresh whenever codes are consumed or re-issued.

10.2 Authenticator-app migration

Historically, authenticator apps (Google Authenticator, Authy) locked TOTP seeds to a single device. Modern practice:

1Password and Bitwarden support TOTP codes natively — the TOTP seed sits in the encrypted vault, so recovery of the vault = recovery of all 2FA.
Authy supports encrypted cloud backup + multi-device (with caveats).
Google Authenticator as of 2023 supports optional Google-account sync.
Aegis Authenticator (Android) and Raivo OTP (iOS) support encrypted exports users can keep on a USB key.

10.3 Hardware security keys

YubiKey (Yubico), Google Titan, Feitian, Nitrokey, SoloKey. Best practice:

Always two keys per critical account — primary carried, spare in a home safe.
Document the key's purpose — which accounts it is registered on.
Register the executor's key as a backup on the most critical accounts (email, financial, crypto) so the executor can sign in using their own physical key even without the decedent's.

10.4 SMS 2FA and inherited phone numbers

SMS 2FA on a carrier-deactivated phone number is the quiet killer. If the deceased's mobile account is canceled, any SMS-2FA-protected account becomes effectively locked — the code goes to a now-unassigned number.

Mitigations:

Keep the mobile line active for 90–180 days post-death under the estate's payment method until a full account inventory has been completed.
Before deactivating: systematically migrate SMS 2FA to authenticator-app or hardware-key 2FA on each account.
Notify carriers of the decedent's death to prevent SIM-swap fraud.

Part 11: Electronic wills and the Uniform Electronic Wills Act

11.1 What UEWA permits

The Uniform Electronic Wills Act (2019) authorizes:

A will executed, signed, and attested entirely electronically (no paper).
Remote witnessing via audio-video conference in adopting states.
Self-proving electronic-notary acknowledgment satisfying probate formalities.
Revocation by electronic act.

11.2 State adoption (VA / WV / AL)

Virginia — ADOPTED. Va. Code § 64.2-414.1, effective July 1, 2021. Permits fully electronic wills with two credible witnesses (who may be remote), and self-proving electronic notarization.
West Virginia — NOT adopted. Wills in WV must still satisfy W. Va. Code § 41-1-3 — writing, signature, two attesting witnesses in the testator's physical presence (or holograph under § 41-1-3's holographic-will recognition).
Alabama — NOT adopted. Wills in AL must satisfy Ala. Code § 43-8-131 — writing, signature, two witnesses in the testator's presence.

11.3 Interaction with Remote Online Notarization

RON permits remote-notarial acts for many instruments — but wills often have a separate witnessing rule that RON alone does not satisfy. In Virginia, UEWA + RON together permit a fully remote will-execution ceremony. In WV and AL, because UEWA is not adopted, RON does not rescue a purely-electronic will — traditional in-person witnessing of the paper document is still required.

11.4 Cross-state enforceability

A VA-executed electronic will probated in WV or AL runs into the domicile-state probate court's scrutiny. UPC § 2-506 (a place-of-execution validity rule) is generally adopted by UPC states, but VA/WV/AL are not uniform-UPC states. Practical risk: an out-of-state electronic will may face probate challenge in WV or AL. Bridge-to-pro for any material cross-state plan.

Part 12: Cryptocurrency tax-reporting inheritance implications

12.1 IRC § 1014 step-up

Digital assets held at death receive a basis adjustment to date-of-death fair market value under IRC § 1014. This can be a large planning upside on long-held, appreciated Bitcoin / Ethereum positions — if basis documentation is preserved.

12.2 1099-B / 1099-DA reporting

1099-B — pre-2025, exchanges issued 1099-B for crypto sales in some cases under Rev. Proc. 2019-18 and related guidance.
1099-DA — Treasury Reg. § 1.6045-1 (final rules, 89 Fed. Reg. 56480, July 2024) — effective January 1, 2025 for custodial brokers. Requires exchanges to issue Form 1099-DA with gross proceeds of sales. Basis reporting phases in starting 2026.
Inheritance timing — an heir who sells inherited crypto in 2025+ should receive a 1099-DA reporting gross proceeds; basis is reset to date-of-death FMV (heir's responsibility to document).

12.3 Form 8971 (estate basis consistency reporting)

For estates that file Form 706, IRC § 1014(f) and § 6035 require the executor to file Form 8971 and issue Schedule A to each beneficiary within 30 days of the 706 filing. Digital-asset basis reported here is binding.

Part 13: Data-broker removals and post-death privacy

13.1 Why removal matters

Identity theft using deceased persons' Social Security numbers — "ghosting" — caused an estimated $4B+ in annual US losses pre-pandemic. The Social Security Administration's Death Master File is imperfect; data brokers routinely retain profiles of deceased persons that facilitate credit applications in their name.

13.2 SSA Death Master File

The SSA reports deaths via the Death Master File (DMF) to the IRS, Veterans Affairs, and credit bureaus. Funeral directors typically file the initial SSA-721 notification. (ssa.gov)
Executors should confirm the DMF entry via the credit bureaus within 60 days.

13.3 Credit-bureau deceased-indicator

Equifax, Experian, TransUnion each accept an executor's request to flag a deceased individual's credit file. Send a certified-mail packet with:
- Death certificate (certified copy).
- Letters Testamentary.
- Executor's government ID.
The bureau flags the file "Deceased: Do Not Issue Credit."

13.4 Data-broker removal services

DeleteMe (joindeleteme.com) — ongoing subscription-based removal from 700+ brokers.
Optery, OneRep, Incogni (Surfshark), Kanary — competitors with similar scope.
These services can be engaged by an executor on the estate's behalf to mass-submit opt-out requests.

13.5 Major platform account-closure

Close accounts systematically:

Financial, email, social, cloud, subscription services.
The inventory template in Part 15 is the roadmap.

Part 14: Subscription cancellation post-death

14.1 The living-user approach

Tools designed for living users to audit recurring charges: Rocket Money (formerly Truebill), Trim, Bobby, Bills.com, native Apple Subscriptions and Google Play Subscriptions dashboards.

14.2 Post-death inventory

For a decedent:

Pull the last 12 months of bank / credit-card statements.
Identify every recurring merchant.
Cross-reference against the digital-estate inventory (Part 15).
Cancel through each platform's process. For unresponsive merchants, the estate may dispute future charges with the card issuer.
Close the underlying payment instrument (card / bank account) once all legitimate recurring charges are redirected to the estate.

14.3 Freemium traps

Services on a free-tier today may auto-upgrade after the card is updated or after a trial ends months later. Audit quarterly for the first year post-death.

Part 15: Digital estate inventory template

Every living adult should maintain a Digital Asset Inventory. Recommended fields per asset:

Field	Example
Category	Email / Cloud / Crypto / Social / Subscription / Domain / Creator / IP
Account name	Gmail primary
URL / access endpoint	mail.google.com
Identifier (username / email / wallet address)	[email protected]
Custody approach	Self (password mgr) / Platform (inactive-mgr) / Exchange / Multisig
2FA method	TOTP in 1Password / Hardware key YubiKey #1 / SMS
Backup-code location	1Password item "Gmail backup codes"
Platform legacy tool status	Inactive Account Manager configured w/ 6-month timeout
ToS override	None / Facebook Legacy Contact / Apple Legacy Access Key shared with spouse
Estate-document reference	Will § 7.3(a); POA § 4(b)
Notes	Primary inbox — recovery email for most accounts

15.1 Where to store it

Encrypted password manager — primary live copy. Organize as a vault section or a series of "Secure Notes."
Printed legacy packet — full-redacted hard copy that identifies accounts and custody approach but never writes out the actual passwords or seed phrases (those live only in the manager + metal plates + Emergency Kit). One copy in a home safe, one in a safe deposit box, one with the executor's attorney (sealed).
Trust or POA schedule — a schedule attached to the trust document listing categories of digital assets (not credentials) so fiduciary authority explicitly covers them under RUFADAA.

15.2 Review cadence

Annually at a minimum.
Event-driven: new account, account closure, new device, rotation of master password, change in 2FA method, change in executor or legacy contact, change in platform policy.

Part 16: Bridge to a pro

Consult a licensed professional when any of the following apply:

16.1 Estate-planning attorney (VA, WV, or AL licensed)

Trust-as-digital-beneficiary structures (trust-owned crypto, trust-owned creator revenue streams, trust-owned domain names).
Business-critical IP (domain portfolio valued > $10k, trademarks, patents, copyrighted software).
Large crypto holdings (> $100k as a starting threshold where the cost of a structured multisig + trust wrapper is clearly justified).
Cross-border digital assets (foreign exchanges, offshore wallet services, non-US creator platforms).
Second-marriage or blended-family succession for social-media personas, influencer accounts, family photo libraries.

16.2 Digital-estate specialist service

Cake (joincake.com) — end-of-life planning tools + digital inventory.
Everplans (everplans.com) — digital estate + document vault + sharing.
Trust & Will (trustandwill.com) — will/trust preparation with digital-asset clauses.
Lantern (lantern.co) — end-of-life organization.
GoodTrust (mygoodtrust.com) — consumer-focused digital estate.

Educational-only note: these are service providers, not law firms; outputs must be reviewed by counsel for UPL compliance and state-specific validity.

16.3 Crypto-inheritance specialist

Casa Covenant — formal inheritance-multisig plan for high-value holders.
Unchained Capital — collaborative-custody inheritance protocols.
Nunchuk — self-administered open-source multisig.
Bitcoin-native estate attorneys — a small but growing bar in Austin, Miami, Nashville, and Puerto Rico specializing in this niche.

16.4 Password-manager concierge

1Password Enterprise includes a recovery-kit review / concierge service for business accounts.
Bitwarden Teams offers similar operational support.
For large consumer portfolios, specialist IT-forensics firms (Secureworks, Kroll, Stroz Friedberg) can assist executors with recovery when in-house tools are insufficient.

Part 17: Concrete VA / WV / AL checklist

17.1 Virginia resident — do today

Configure Google Inactive Account Manager on every Google account (personal + Workspace).
Set up Apple Digital Legacy on every iOS device and share access keys with spouse and primary executor.
Name a Facebook Legacy Contact and, if preferred, pre-authorize account deletion.
Print a 1Password Emergency Kit (or Bitwarden Emergency Access designation) and store copies in home safe + safe deposit box + with executor's counsel.
Execute a RUFADAA-compliant power of attorney referencing Va. Code §§ 64.2-116 through 64.2-132 — Virginia's statutory POA short form does not automatically include digital-asset powers; a separate rider is essential.
Execute or update a will with a digital-asset clause citing Va. Code § 64.2-118. Optionally execute an electronic will under Va. Code § 64.2-414.1 using a VA-licensed remote online notary (RON) — Virginia is the deepest RON market in the US.
Enumerate crypto custody — exchange-held vs. self-custodied — and confirm either an exchange bereavement process is on file or an appropriate seed-phrase succession plan (metal plate + trusted third party + documented with the password manager).
Register two hardware security keys (one carried, one in safe) on email, financial, and crypto accounts.
Build and store the digital-asset inventory (Part 15).
Notify the executor that these designations exist and point them to the inventory location.

17.2 West Virginia resident — do today

All of 17.1 (the platform tools are federal / platform-level, not state-specific).
Use traditional paper-will execution — a fully electronic will is not valid in WV. Two witnesses in physical presence, per W. Va. Code § 41-1-3.
Execute a POA with an explicit digital-asset rider citing W. Va. Code § 44-5C-4. WV's statutory POA form does not include digital-asset authority by default.
Consider remote online notarization only for instruments other than the will (deeds, financial POAs in some cases) under W. Va. Code § 39-4-14a.
Because WV lacks UDTA and many HNW trust features, evaluate whether digital-asset-holding trust should be sited out-of-state (see the situs-selection matrix in docs/research/2026-04-20-situs-selection-matrix.md) — particularly for large crypto or creator-revenue positions.
Complete all inventory and platform-tool steps from Part 5, Part 6, and Part 15.

17.3 Alabama resident — do today

All of 17.1 (platform tools).
Use traditional paper-will execution — electronic wills are not valid in AL. Two witnesses in the testator's presence per Ala. Code § 43-8-131.
Execute a POA with explicit digital-asset authority — Alabama's RUFADAA at Ala. Code § 19-1A-9 requires the POA to specifically grant digital-asset powers for content. A generic POA fails.
Use remote online notarization for permitted instruments (not wills) under Ala. Code § 35-4A-120 et seq.
Consider an Alabama DAPT (AQDITA) for creator-revenue or crypto asset protection where amounts justify it — pair with out-of-state dynasty-overlay (SD/DE) if exemption-leveraged.
Complete all inventory and platform-tool steps from Part 5, Part 6, and Part 15.

Appendix A: Non-exhaustive primary-source index

Federal:

Uniform acts:

Virginia:

West Virginia:

Alabama:

Cases of interest:

In re Ellsworth, No. 2005-296,651-DE (Oakland County Mich. Prob. Ct. 2005) — pre-RUFADAA Yahoo Mail dispute.
Ajemian v. Yahoo!, Inc., 478 Mass. 169 (2017) — Massachusetts Supreme Judicial Court held SCA did not bar Yahoo from releasing decedent's email content to personal representatives.
hiQ Labs, Inc. v. LinkedIn Corp., 31 F.4th 1180 (9th Cir. 2022) — narrowing CFAA "unauthorized access."
FTC v. Affordable Media, LLC (Anderson), 179 F.3d 1228 (9th Cir. 1999) — offshore custody and duress-clause limits (broader asset-protection context, cited in situs matrix).

Platforms (official help portals):

Google: support.google.com — Inactive Account Manager, Takeout, account-of-deceased-user.
Apple: support.apple.com/HT212360 — Digital Legacy program.
Meta / Facebook: facebook.com/help — Memorialization, Legacy Contact.
Microsoft: Microsoft Support — Next of Kin request workflow.
X: X Help Center — inactive accounts and deceased-user requests.
LinkedIn: LinkedIn Help — deceased member process.
1Password, Bitwarden, Dashlane, LastPass, Keeper, Proton: each vendor's official security / emergency-access documentation.

Appendix B: Educational-only disclaimer

fornax is not a law firm. Nothing in this document creates an attorney-client relationship. Digital-estate law is evolving rapidly — RUFADAA amendments, state UEWA adoptions, platform-policy shifts, and IRS digital-asset guidance change the landscape annually. Before executing any plan that relies on a specific statute, platform feature, or tax treatment, verify the current state of the law with licensed counsel in the applicable jurisdiction.

End of research document. Draft status: for internal fornax use as a content-planning reference. Always re-verify statutory citations, platform policies, and IRS guidance before publishing consumer-facing content.