Missouri Estate Planning — Digital Assets

Digital Assets & Passwords: Protecting Your Online Life in Your Estate Plan

Digital Asset Planning · RUFADAA Missouri · Cryptocurrency · Password Management · Online Business Succession

Estate planning once focused almost entirely on physical and financial assets — homes, bank accounts, retirement funds, personal property. Today, a substantial and growing portion of a person’s wealth, identity, and memories exists online. Cryptocurrency wallets, online businesses, monetized content, financial accounts, irreplaceable photographs, and professional records all live in digital form — accessible only with the right credentials, on the right device, with the right legal authority. Without careful planning, families face a three-layer access problem after a death or incapacity: they may lack legal authority, technical access, and even knowledge that certain assets exist. This guide explains how to solve all three — through proper trust language, access documentation, and a practical digital inventory.

The Core Problem

Digital assets are fundamentally different from physical ones. A house cannot be lost because no one knows the combination to the safe. A bank account cannot be permanently destroyed because a password was forgotten. But a cryptocurrency wallet with no backup seed phrase can contain hundreds of thousands of dollars that becomes permanently inaccessible the moment the holder dies. A profitable online business can collapse within days if no one has the credentials to maintain it. Decades of family photographs stored in a cloud account can disappear when the account is closed by a platform that doesn’t know the holder has died.

The legal framework exists to authorize fiduciaries to manage digital assets — but authorization alone isn’t enough. Your trustee needs legal authority, technical access information, and knowledge that the asset exists. Most estate plans address none of the three.

What Counts as a Digital Asset: A Four-Category Taxonomy

The term “digital assets” covers a wide range of accounts, records, and property with very different planning implications. Understanding the categories helps ensure nothing important is overlooked:

💰 Financial Value

Financial Digital Assets

Online bank and investment accounts
Cryptocurrency wallets (Bitcoin, Ethereum, etc.)
NFTs and blockchain-based assets
PayPal, Venmo, Cash App balances
Retirement accounts with online-only management
Brokerage and robo-advisor platforms
Domain names with commercial value
Digital reward points, miles, and store credits with real value

📸 Sentimental / Personal

Personal & Sentimental Assets

Cloud photo and video libraries (iCloud, Google Photos)
Email accounts and correspondence archives
Social media profiles and message histories
Personal blogs and creative writing
Digital journals and notes
Text message archives
Voicemail and audio recordings
Gaming accounts with sentimental value

🏢 Business / Revenue

Business & Revenue-Generating Assets

Monetized YouTube channels and streaming content
E-commerce stores (Shopify, Amazon, Etsy)
Affiliate marketing websites and blogs
Online course platforms (Teachable, Udemy)
Subscription and membership communities
SaaS products and software licenses
Professional service accounts (Upwork, Fiverr)
Advertising accounts (Google Ads, Meta Ads)

🔑 Identity / Administrative

Identity & Administrative Assets

Password managers and credential vaults
Two-factor authentication devices and recovery codes
Professional licenses stored digitally
Tax records and financial document archives
Health records and insurance portals
Government portal accounts (IRS, Social Security)
Legal document storage and e-signature accounts
Subscription services with active billing

The Three-Layer Access Problem

Even when families know a digital asset exists, accessing it after death or incapacity requires solving three distinct problems — all of which must be addressed for the plan to work:

Layer 1: Legal Authority

Missouri has adopted the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA), codified at §§ 472.500–472.595, RSMo. This law allows trustees, executors, agents under a power of attorney, and guardians to access a decedent’s or incapacitated person’s digital assets — but only if the estate planning documents expressly grant that authority.

A generic trustee power clause that doesn’t specifically reference digital assets may not be sufficient to compel a platform to grant access. Your trust, power of attorney, and will should all contain specific language authorizing the fiduciary to access, manage, distribute, and close digital accounts — including email, social media, financial platforms, and cryptocurrency. Without this language, platforms operating under federal computer fraud and privacy laws may lawfully refuse access even to your named trustee.

Layer 2: Technical Access

Legal authority gives the trustee the right to access digital assets. It does not give them the ability. For practical access, the trustee needs:

Usernames and passwords for each account — ideally stored in a password manager to which the trustee has emergency access, or in a written access memorandum stored securely with the estate plan. Passwords should never be listed inside the trust document itself, because the trust becomes part of the public record in probate and will be amended over time.

Two-factor authentication (2FA) recovery — arguably the most overlooked technical barrier. If an account requires a verification code sent to a phone or authenticator app that is inaccessible, the trustee cannot log in even with the correct password. Recovery codes, backup phone numbers, and authenticator app backup procedures must be documented and kept current.

Device access — for accounts tied to a specific device (smartphone PINs, laptop passwords, TouchID/FaceID), the trustee needs device access credentials as well as account credentials.

Layer 3: Knowledge That the Asset Exists

Perhaps the most underestimated problem: digital assets are invisible unless someone knows to look for them. A profitable affiliate website generating $2,000 per month, a cryptocurrency wallet holding $80,000 in Bitcoin, or a cloud storage account containing the family’s complete photo archive — none of these appear in any public record, on any bank statement, or in any title search. If no one knows the asset exists, it cannot be administered.

The solution is a digital asset inventory — a living document, updated regularly, that lists every significant digital account, its location, approximate value, and where access credentials can be found. This document is not stored inside the trust (which is relatively static and becomes public in probate). It is stored in a secure but accessible location — a safe, a password manager, or with the estate planning attorney — with the trustee informed of its existence and location.

Cryptocurrency: The Highest-Stakes Digital Asset Problem

⚠ Critical Risk — Cryptocurrency

Cryptocurrency is unique among digital assets because loss of access is permanent and irreversible. Unlike a bank account — where a death certificate and letters testamentary can compel the institution to release funds — a cryptocurrency wallet has no central authority to appeal to. If the private key or seed phrase is lost, the funds in the wallet are mathematically inaccessible. Forever. Blockchain transactions cannot be reversed. There is no customer service department. There is no regulatory body to petition.

Estimates vary, but billions of dollars in cryptocurrency are believed to be permanently inaccessible due to lost keys — including funds belonging to deceased holders whose families had no idea the wallet existed or how to access it.

What your estate plan must address for cryptocurrency:

Hot wallets vs. cold wallets — hot wallets are software wallets connected to the internet (Coinbase, MetaMask, Trust Wallet); cold wallets are hardware devices (Ledger, Trezor) or paper wallets that store private keys offline. Each has different access requirements. A cold wallet stored in a safe deposit box is useless to a trustee who doesn’t know it exists or doesn’t have the PIN to unlock the device.
Exchange accounts vs. self-custody wallets — cryptocurrency held on an exchange (Coinbase, Kraken, Gemini) is custodied by the exchange and can potentially be released to an estate with proper legal documentation and death certificates. Self-custody wallets require the private key or seed phrase — no legal process substitutes for this. Your plan must distinguish between the two and address each differently.
Seed phrase storage and documentation — the 12- or 24-word seed phrase that regenerates a cryptocurrency wallet must be documented and stored securely. This is typically not done in a standard password manager (which stores the seed phrase digitally, creating its own security risks). Many cryptocurrency holders use a metal seed phrase backup stored in a fireproof safe, with the trustee knowing its location.
Multi-signature wallets — wallets requiring multiple private keys to authorize transactions (a security measure) need succession planning for each key-holder. If any required key is lost, the funds may be inaccessible even if other keys are available.
NFTs and other blockchain assets — non-fungible tokens, governance tokens, staking positions, and DeFi protocol deposits each have their own access and liquidation requirements that should be addressed in the asset inventory.

The Access Documentation Model: What to Store and Where

The core challenge of digital asset planning is balancing security against accessibility. Credentials stored too securely become inaccessible to fiduciaries. Credentials stored too accessibly create security and identity theft risks during the holder’s lifetime. The standard model uses three components:

🔒

Password Manager (Primary Credential Vault) Store all account usernames, passwords, and two-factor recovery codes in an encrypted password manager (Bitwarden, 1Password, LastPass, Dashlane, or similar). The master password and emergency access instructions should be stored in the access memorandum — not in the password manager itself (which would be circular) and not in the trust document. Many password managers have an “emergency access” feature that allows a designated contact to request access after a waiting period; configure this for your trustee.

📄

Digital Asset Access Memorandum (Living Document) A separate, regularly updated document — not part of the trust — that lists: (1) the password manager master password or location, (2) all significant accounts not in the password manager, (3) device PINs and unlock codes, (4) cryptocurrency wallet locations and seed phrase storage locations, (5) online business credentials and revenue sources, and (6) any accounts requiring special handling (memorial preferences, accounts to close immediately, accounts to maintain). Store physically (in a safe or with your estate planning attorney) and update at least annually. Inform your trustee that this document exists and where to find it.

⚠️

What NOT to Do Do not store passwords inside the trust document — trusts become part of the public record in probate. Do not store all credentials in a single location your trustee cannot access. Do not rely on family members “knowing” where things are without explicit documentation. Do not store cryptocurrency seed phrases only in a digital password manager — hardware failure, platform shutdown, or account lockout can lose them permanently. Do not create a document so complete that it is a roadmap for identity theft if discovered by the wrong person — use references to locations rather than the credentials themselves where possible.

Platform-Specific Legacy Tools

Several major platforms have built-in mechanisms for managing accounts after death. These should be configured during your lifetime as part of your digital estate plan — they do not substitute for trust planning but complement it:

🍎

Apple Digital Legacy

Designate up to five legacy contacts who receive a Legacy Access Key. After death, they submit the key with a death certificate to access iCloud data — photos, files, notes, messages. Does not transfer App Store purchases or subscriptions. Device access (Face ID, passcode) still required for device-specific data.

🔍

Google Inactive Account Manager

Configure a list of trusted contacts to be notified and given download access to your Google data (Gmail, Drive, Photos, YouTube) after a defined period of inactivity. Can also designate automatic deletion. Must be set up before death — cannot be configured after the fact.

👤

Facebook Legacy Contact

Designate one person to manage a memorialized account: pinning a tribute post, accepting new friend requests, and updating the profile photo. Does not grant access to messages. Alternative: request account deletion upon death. Configure in Facebook settings under “Memorialization Settings.”

🐦

X / Twitter

No formal legacy contact program. Family members can request account deactivation with death certificate. Verified accounts (blue check) may be locked into memorialization. No mechanism for family access to content.

💼

Family members can request removal of a deceased member’s profile using a verification form and death certificate. No access to messages or connections list. Profile can be converted to a memorial page in some cases.

📧

Email (General)

Most email providers (Gmail, Outlook, Yahoo) will not release account contents to family members without a court order — regardless of RUFADAA authority. Best practice: maintain a local backup or export of important email, and provide explicit RUFADAA authorization in trust documents. Google’s Inactive Account Manager is the most practical solution for Gmail.

Online Business and Revenue-Generating Digital Assets

A profitable online business — a YouTube channel, Shopify store, affiliate website, or subscription community — is a real business asset that requires active succession planning, not just a password in a document. Unlike a physical business, an online business may begin losing value immediately after the owner’s death if no one has the credentials to maintain it, respond to customers, fulfill orders, or simply keep the domain and hosting renewed.

Revenue documentation — the trustee needs to understand how revenue is generated (ad revenue, product sales, affiliate commissions, subscriptions), where it is collected (Stripe, PayPal, AdSense, platform payout accounts), and how often it is distributed. Many online businesses run for months on autopilot — but without someone managing the accounts, payments eventually fail, content lapses, and the business loses its value.
Platform-specific succession — some platforms (YouTube, Amazon Associates, Google AdSense) have specific terms of service regarding account transferability. Some allow transfer with proper legal documentation; others technically prohibit it under their ToS. Your estate planning attorney should note this distinction and the trustee should understand what they can and cannot transfer outright.
Domain and hosting continuity — domain names expire annually; hosting agreements expire monthly or annually. If renewal payments fail after death, a website can go offline quickly. The trustee needs access to domain registrar and hosting accounts — or the domain and hosting should be prepaid for multiple years as part of the planning.
Intellectual property — content created for a channel, blog, or online course is intellectual property with value. The trust should expressly assign these assets, and the trustee should understand both the assets’ value and the practical steps needed to maintain, sell, or wind down the business.

Digital Asset Inventory Checklist

Use this checklist to build your digital asset inventory. The goal is a complete record that allows your trustee to find, access, and administer your digital estate without guesswork:

Financial Accounts

All online bank accounts (bank name, username, 2FA method)

Investment and brokerage platforms (Fidelity, Schwab, Robinhood, etc.)

Cryptocurrency exchanges (Coinbase, Kraken, Gemini — account credentials)

Self-custody crypto wallets (wallet type, seed phrase location, device PIN)

Payment apps with balances (PayPal, Venmo, Cash App, Zelle)

Reward programs with cash value (credit card points, airline miles, store credits)

Business & Revenue

All revenue-generating platforms with login credentials and revenue description

Domain registrar accounts (GoDaddy, Namecheap, Google Domains) with renewal dates

Hosting accounts with login and renewal information

Ad network accounts (Google AdSense, Amazon Associates, Mediavine)

E-commerce platforms (Shopify, Etsy, Amazon Seller) with payout account info

Content and course platforms (YouTube, Teachable, Patreon, Substack)

Social Media & Personal Accounts

All active social media accounts with disposition instructions (memorialize / delete / preserve)

Apple ID and iCloud (configure Digital Legacy contact)

Google account (configure Inactive Account Manager)

Email accounts — primary and secondary, with access method

Cloud storage accounts (Dropbox, OneDrive, iCloud, Google Drive)

Photo library accounts and backup locations

Devices & Technical Access

Phone PIN / passcode (required to bypass biometric locks)

Computer login password for each device

Password manager name, master password or emergency access instructions

Two-factor authentication backup codes for critical accounts

Home network router admin credentials (if relevant to business accounts)

Frequently Asked Questions

Does Missouri law allow my trustee to access my digital accounts?

Yes — Missouri has adopted the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA), codified at §§ 472.500–472.595, RSMo. This law authorizes trustees, executors, agents under powers of attorney, and guardians to access digital assets — but only if the estate planning documents expressly grant that authority. A trust or power of attorney that doesn’t specifically reference digital asset access may not be sufficient to compel major platforms (Google, Apple, Meta, financial institutions) to grant access. Your documents should be reviewed and updated to include explicit digital fiduciary authority language.

Should I put my passwords in my will or trust?

No. Wills become part of the public court record in probate. Trusts, while not automatically public, are relatively static documents not suited for frequent updating, and portions may be shared with third parties in administration. Passwords belong in a separate, regularly updated access memorandum or password manager — neither of which is part of your formal estate plan documents. The trust and will should contain legal authority to access digital assets; the technical access information should be stored separately.

What happens to cryptocurrency if the private key is lost?

The funds may be permanently and irrecoverably lost. Unlike a bank account, cryptocurrency has no central custodian who can release funds upon presentation of a death certificate. The private key or seed phrase is the only mechanism for accessing the wallet — no legal process, court order, or platform appeal can substitute. This is why seed phrase documentation and secure storage is one of the most critical components of digital estate planning for any holder of self-custody cryptocurrency.

What should happen to my social media accounts after I die?

It depends on your wishes — and you should document them explicitly. The most common options are: (1) memorialization — Facebook, Instagram, and some other platforms can be converted to a memorial page where friends and family can continue to post tributes; (2) deletion — immediate account closure; (3) preservation — downloading the complete account archive before deletion, preserving photos, messages, and posts. Your digital asset memorandum should specify your wishes for each platform. Configure available legacy tools (Apple Digital Legacy, Google Inactive Account Manager, Facebook Legacy Contact) during your lifetime to give the platform advance direction.

Is my online business considered part of my estate?

Yes — a revenue-generating online business is a real asset with real value. The business and its associated intellectual property, domain names, platform accounts, and revenue streams should be part of your estate plan. Whether the business is held in a trust, an LLC, or as a sole proprietorship affects how it transfers at death. For businesses with significant value, a formal business succession plan — including authorization for the trustee to operate the business, hire help, negotiate a sale, or wind it down — should be part of the estate plan documents.

How often should I update my digital asset inventory?

At minimum, annually — and immediately after any of the following: opening a new financial or cryptocurrency account, starting or acquiring a new online business, changing a major password manager or 2FA setup, buying a new primary device, or acquiring any new digital asset of significant value. The inventory is only as useful as it is current. Set a calendar reminder at the same time each year to review and update it, and tie it to your overall estate plan review cycle.

Include Your Digital Life in Your Estate Plan

Most estate plans don’t address digital assets at all — leaving families locked out of accounts, unable to access cryptocurrency, and losing online businesses that generate real income. TrustFully.law incorporates digital asset planning into every estate plan: proper RUFADAA authorization language, access memorandum structure, and practical guidance for cryptocurrency, online businesses, and platform-specific legacy tools. Serving the Greater St. Louis Area and all of Missouri.

Schedule Your Free Digital Asset Planning Consultation →

This article is provided for informational purposes only and does not constitute legal advice. Missouri’s RUFADAA is codified at §§ 472.500–472.595, RSMo; platform-specific terms of service and access policies change frequently and vary by service. Cryptocurrency planning involves technical considerations that vary by wallet type and platform; consult a qualified attorney and financial advisor. The choice of a lawyer is an important decision and should not be solely based upon advertising.