Digital identity systems are built around a simple assumption: the user is alive, present, and able to approve the next step.
That assumption works beautifully right up to the point where it does not.
Passkeys, biometrics, authenticator apps, hardware keys, device binding, risk scoring, step-up authentication: all of this is useful while the account holder is alive. It makes impersonation harder. It reduces phishing. It gives platforms cleaner proof that the right person is at the keyboard.
Then the person dies.
Suddenly the same security model becomes a succession problem. The account is still there. The data is still there. The bills, business records, photos, domains, wallets, subscriptions, tax documents, and cloud archives are still there.
But the identity system has lost its subject.
That is the uncomfortable technical gap behind digital inheritance. It is not only a legal problem. It is not only a family-admin problem. It is a lifecycle problem in identity infrastructure.
Identity systems are good at the middle
Most digital identity work is concentrated on the middle of the lifecycle.
Can this person sign in? Can they prove control of a device? Can they present the right credential? Can they authorize a transaction? Can they recover access if they lose a password? Can a relying party trust the assertion?
That middle is important. It is where most fraud happens and where most money gets spent.
But a complete identity lifecycle has more states than "active user."
People are born. They become legally competent. They delegate authority. They lose capacity. They recover capacity. They appoint representatives. They die. Their estate continues to exist. Their obligations do not vanish because a biometric prompt can no longer be answered.
Modern identity systems are still much better at active authentication than at authority transfer.
That distinction matters.
Authentication answers: is this the account holder?
Delegation answers: who is allowed to act for the account holder, under which conditions, for which purpose, with what proof, and with what audit trail?
Inheritance needs the second question.
Death is not an edge case
The OpenID Foundation's Death and the Digital Estate Community Group has been unusually blunt about this. In March 2026 it published The Unfinished Digital Estate, a framework for digital assets, death, law, culture, platforms, and identity systems.
OpenID is not an estate-planning startup trying to sell urgency. It is identity plumbing. OpenID Connect is used across billions of users and millions of applications. When that world starts talking about death, the problem has clearly escaped the lifestyle-blog corner.
The group's framing is useful because it does not treat death as a sentimental exception. It treats it as a missing lifecycle state.
That is the correct lens.
A platform can memorialize a profile. A bank can ask for a death certificate. A cloud provider can send a support form. An estate lawyer can produce probate paperwork.
None of that creates an interoperable model for posthumous delegation.
Who is the authorized person?
Who verified them?
What exactly are they allowed to see, transfer, preserve, delete, or close?
How does the service know the original owner wanted this?
How do you prevent fraud in the window after death, when families are distracted and accounts may still be active?
How do you avoid turning every executor into a terms-of-service violator with a password list?
Those questions are identity questions.
Strong authentication makes the gap sharper
The password era was insecure, but inheritance was sometimes crude enough to work. A spouse might know the password. A printed emergency sheet might unlock the password manager. A shared family computer might still be signed in.
Messy. Risky. Often legally questionable. But possible.
The industry is moving away from that world, for good reasons.
Passkeys and hardware-backed credentials are better security. They bind access to devices, keys, local biometrics, and phishing-resistant flows. They reduce the damage caused by weak passwords and reused credentials.
But inheritance was not the design center.
If the only practical route into an account is a device-bound credential controlled by a dead person, the estate may have a problem. If the recovery path depends on an email account protected by the same device, the family now has a loop. If account recovery assumes the user can answer prompts, take selfies, approve push notifications, or produce a live biometric, the model has confused security with immortality.
Better authentication can make unauthorized access harder. Good.
It can also make legitimate access harder when the authority model has not caught up.
That is the part people skip when they say, "My family can just use my password manager." Maybe they can. If they know it exists. If they can unlock it. If the second factor works. If the recovery codes are current. If the legal authority is clear. If the platform does not treat the login as unauthorized access.
That is too many ifs for the week after a funeral.
The missing primitive is delegated authority
Digital estates need a boring technical primitive: verifiable delegated authority.
Not "someone has the password."
Not "someone uploaded a PDF and support will review it someday."
Not "the platform has a legacy contact feature, but only for this one service."
Something closer to this:
- The owner records an intent while alive.
- The owner names one or more trusted people and defines what they can receive or do.
- The triggering condition is defined: death, incapacity, explicit release, timeout, or legal event.
- The trusted person can prove who they are.
- The trusted person can prove their authority for a specific purpose.
- The service can verify that proof without receiving more data than it needs.
- Every step leaves an audit trail.
That is not science fiction. Pieces of it already exist in adjacent identity work.
OpenID for Verifiable Presentations 1.0 gives a way for a verifier to request credentials from a wallet. OpenID for Verifiable Credential Issuance 1.0 defines how credentials can be issued. These specifications were not built specifically for digital death, and they do not solve estate law by themselves. But they show the shape of a better route: issue credentials, present credentials, verify claims, minimize disclosure, and bind the proof to a transaction.
Imagine an executor credential that does not reveal an entire probate file to every platform. Imagine a trusted-contact credential scoped to "may receive continuity instructions" but not "may access all personal photos." Imagine a business-continuity release that gives an operations partner vendor and domain details without exposing private family documents.
That is the kind of granularity digital inheritance needs.
Estate access is not account takeover
The worst version of digital inheritance is just account takeover with family branding.
Someone dies. A relative logs into their accounts. They read messages, download files, change passwords, cancel subscriptions, and hope nobody objects.
Sometimes that is the only practical option. It is still a bad model.
It creates privacy problems for the deceased person, for people who communicated with them, and for family members who were not meant to see everything. It creates security problems because credentials move around informally. It creates legal problems because terms of service, communications privacy, executor authority, and local inheritance law do not line up neatly.
Estate access should be narrower than account access.
Your executor may need billing records, tax documents, business contracts, insurance details, domain ownership, crypto instructions, and a list of subscriptions.
They may not need years of private messages.
Your spouse may need family photos and household accounts.
They may not need confidential work files.
Your business partner may need server access, supplier contacts, and renewal dates.
They should not receive your medical records.
The technical model should make these distinctions possible. A password cannot.
AI makes posthumous identity harder
Digital identity used to be mostly about access. Now it is also about representation.
Voice cloning, image generation, video synthesis, and conversational agents make it possible to simulate a dead person from recordings, writing, photos, and chat history. That creates an ugly new question: who controls a person's likeness, voice, and conversational style after death?
This is not only a grief-tech issue. It is an identity issue.
If a platform can create a convincing version of a dead person, families need more than account access rules. They need intent, consent, provenance, and limits.
Did the person agree to this while alive?
Who can authorize it?
Can they revoke it?
Can the output be labelled clearly?
What data can be used to train or prompt the system?
What happens when the simulation says something the person never would have said?
This is where "digital estate" becomes more than a vault of files. It becomes control over posthumous identity. A person's data can outlive them. Their likeness can be recombined. Their words can be approximated. Their name can keep acting in the world after they cannot object.
That should make everyone slightly uncomfortable.
Good. Some discomfort is useful here.
Platforms cannot solve this alone
Platform-specific legacy tools are better than nothing. Apple's Legacy Contact, Google's Inactive Account Manager, and Facebook memorialization all recognize part of the problem.
But platform-by-platform planning does not scale to a real life.
People use banks, tax portals, crypto exchanges, email providers, password managers, domain registrars, cloud storage, messaging apps, SaaS tools, developer platforms, medical portals, social networks, government services, and business systems. Each has its own policy, jurisdiction, data model, support queue, and idea of what "authorized" means.
No single platform can see the whole estate. Most should not.
The family needs an inventory and instructions that sit above individual services. The platforms need a cleaner way to recognize legitimate authority without encouraging password sharing. The legal system needs estate authority that can be expressed in technical form. Identity standards need to cover the lifecycle states that active-login systems ignore.
This is why the OpenID work matters. The important part is not that one report fixes the problem. It does not. The important part is that the identity community is naming the right layer.
What a practical plan looks like now
Standards will take time. Laws will move unevenly. Platforms will improve at different speeds.
Families still need something usable before the infrastructure catches up.
A practical digital estate plan should answer five questions:
- What exists?
- Who should know?
- What should happen?
- When should access be released?
- How will the trusted person actually act?
That sounds simple. It is not.
The hard part is not writing "give my wife access." The hard part is maintaining the list of accounts, credentials, documents, devices, recovery codes, subscriptions, domains, wallets, and business-critical systems as life changes.
The hard part is separating what different people should receive.
The hard part is making release rules clear enough that nobody has to improvise under stress.
The hard part is giving trusted people enough information to act without turning your entire private life into a shared folder while you are alive.
That is the layer Trustbourne is built for.
Plan for the lifecycle, not the login
Digital identity is no longer just a sign-in problem.
It is becoming the control plane for money, memories, work, government access, healthcare, business continuity, and personal reputation. That control plane needs a lifecycle model that includes incapacity and death.
Until then, families are stuck between strong security and weak succession.
That is a ridiculous place to leave them.
Your identity system may know exactly how to prove you are you. Your family needs something different: a way to prove what you wanted when you are no longer there to answer.
Plan for that while the system can still ask you.
Trustbourne helps you prepare the digital layer of your estate: secure storage, trusted contacts, release rules, and clear instructions for the people who may need to act. See how it works.