Best Practices
Optimize your Torvus Security setup
Recommended configurations and strategies for maximum security, reliability, and ease of use.
Vault Organization
Create Purpose-Specific Vaults
✅ DO: Create separate vaults for different purposes
Good Examples:
- Personal Vault (family documents)
- Business Vault (company records)
- Cryptocurrency Vault (wallet keys)
- Legal Vault (attorney documents)
❌ DON'T: Put everything in one vault
Why: Separate vaults allow different recipients, policies, and access controls for each use case.
Use Descriptive Names
✅ DO: Use clear, descriptive vault names
Good Examples:
- "Estate Planning - Family Documents"
- "Business Continuity - Critical Passwords"
- "Cryptocurrency Recovery - Wallet Keys"
❌ DON'T: Use vague names
Bad Examples:
- "Vault 1"
- "Important Stuff"
- "Documents"
Why: Clear names help you and recipients understand vault contents.
Organize with Tags
✅ DO: Use consistent tagging system
Example System:
- Category tags:
financial,legal,medical,personal - Priority tags:
critical,important,reference - Year tags:
2023,2024,2025
Example: Tax return tagged with financial, tax, 2024
❌ DON'T: Use inconsistent or redundant tags
Bad Examples:
- Mix of singular/plural:
documentvsdocuments - Typos:
finanical,leagal - Too many tags per document (keep to 3-5)
Document Management
Upload High-Quality Originals
✅ DO: Upload original documents, not screenshots
Best Practices:
- Scan physical documents at 300+ DPI
- Use PDF format for text documents
- Keep original file formats (avoid re-converting)
- Upload high-resolution photos of important items
❌ DON'T: Upload low-quality scans or photos
Why: Recipients need clear, readable documents.
Add Context with Descriptions
✅ DO: Add descriptions to important documents
Good Examples:
- "Life insurance policy with Acme Insurance, policy #ABC123, $500K coverage, expires 2030"
- "Bitcoin wallet seed phrase for Ledger hardware wallet, contains ~2.5 BTC"
- "Will and testament, updated January 2025, witnessed by John Smith and Jane Doe"
❌ DON'T: Leave descriptions empty or vague
Bad Examples:
- "" (empty)
- "Document"
- "Important"
Why: Descriptions provide context recipients might not have.
Verify Uploads
✅ DO: Download and verify important documents after upload
Process:
- Upload document
- Download uploaded version
- Compare with original
- Verify file opens correctly
❌ DON'T: Assume upload succeeded without verification
Why: Ensures file wasn't corrupted during upload.
Keep Vault Updated
✅ DO: Regularly review and update vault contents
Schedule:
- Quarterly review (every 3 months)
- After major life events (marriage, birth, death, divorce)
- After financial changes (new accounts, closed accounts)
- After moving
Review Checklist:
- Delete outdated documents
- Upload new documents
- Update descriptions
- Verify recipients still appropriate
- Test check-ins working
❌ DON'T: Set it and forget it
Why: Outdated information is worse than no information.
Recipient Management
Choose Recipients Carefully
✅ DO: Select trustworthy, capable recipients
Qualities to Consider:
- Trustworthy with sensitive information
- Technically capable (can access digital vault)
- Available when needed (not traveling constantly)
- Stable email address
- Relationship expected to continue
❌ DON'T: Add recipients impulsively
Red Flags:
- Unstable relationships
- History of breaching trust
- Frequently changes contact info
- No technical skills (cannot use email)
Use Multiple Recipients
✅ DO: Add at least 2-3 recipients per vault
Recommended Configuration:
- Primary: Spouse or closest family member (Admin)
- Secondary: Adult child or sibling (Operator)
- Tertiary: Attorney or trusted friend (Viewer)
❌ DON'T: Rely on single recipient
Why: Primary recipient might be unavailable (traveling, ill, deceased).
Set Appropriate Permissions
✅ DO: Match permissions to recipient role
Guidelines:
- Viewer: Attorneys, advisors, distant relatives
- Operator: Close family who may need to add documents
- Admin: Spouse, executor, business partner
❌ DON'T: Give everyone Admin access
Why: Least privilege principle - grant minimum necessary access.
Keep Recipient Info Current
✅ DO: Update recipient information when it changes
Review Schedule:
- Review recipient list every 6 months
- Update immediately if:
- Email changes
- Phone changes
- Relationship status changes (divorce, estrangement)
- Recipient deceased
❌ DON'T: Leave outdated recipient information
Why: Outdated email = recipient won't receive notification.
Policy Configuration
Use Multiple Policy Types
✅ DO: Configure multiple complementary policies
Recommended Combination:
- Inactivity Policy: Monthly check-ins (primary protection)
- Manual Release: Emergency access (immediate needs)
- Death Certificate: Estate planning (long-term)
❌ DON'T: Rely on single policy
Why: Different scenarios require different release mechanisms.
Set Realistic Check-in Frequency
✅ DO: Choose frequency you can maintain long-term
Guidelines:
- Daily: Only for high-risk situations (journalists, activists)
- Weekly: Frequent travelers, high-security needs
- Biweekly: Balanced approach
- Monthly: Most common, sustainable for most users
❌ DON'T: Set frequency too high
Why: Overly frequent check-ins become burdensome and may be skipped.
Use Maximum Grace Period
✅ DO: Use longest grace period your plan allows
Grace Periods by Plan:
- Free: 24 hours
- Standard: 48 hours
- Professional: 72 hours
- Enterprise: Up to 7 days
❌ DON'T: Use shorter grace period than necessary
Why: Longer grace period prevents accidental releases while traveling.
Test Your Policies
✅ DO: Test policies with recipients (Professional plan)
Testing Process:
- Use Test Release feature
- Recipients receive test notification
- Recipients practice accessing vault
- Test expires after 24 hours
- Gather feedback and adjust
Frequency: Test annually
❌ DON'T: Assume policies work without testing
Why: Ensures recipients know how to access vault when needed.
Check-in Management
Enable Multiple Check-in Methods
✅ DO: Enable redundant check-in methods
Recommended Configuration:
- ✅ Email (always enabled)
- ✅ Mobile app (most convenient)
- ✅ SMS (backup)
❌ DON'T: Rely on single check-in method
Why: If email fails (spam filter), you can check in via app or SMS.
Set Calendar Reminders
✅ DO: Add check-in due dates to your calendar
Calendar Entry:
Event: Torvus Check-in Due
Date: Monthly (or your frequency)
Reminder: 3 days before
❌ DON'T: Rely only on Torvus email reminders
Why: Double reminder system prevents missed check-ins.
Check In Early
✅ DO: Complete check-ins when first reminded
Best Practice: Check in as soon as you receive first reminder (3 days before due date).
❌ DON'T: Wait until check-in is due
Why: Reduces risk of forgetting and entering grace period.
Pause Policies When Appropriate
✅ DO: Pause policies during extended absences
Scenarios:
- Extended vacation (3+ weeks)
- Medical procedure with recovery
- Remote wilderness expedition
- Any situation with unreliable internet
❌ DON'T: Let check-ins go missed during known absences
Why: Prevents accidental vault release.
Security
Use Strong Master Password
✅ DO: Use strong, unique password for Torvus
Requirements:
- Minimum 12 characters (recommend 16+)
- Mix of uppercase, lowercase, numbers, symbols
- Not used for any other service
- Not a dictionary word or common phrase
Good Example: T7$mK9#pL2@vN4&hR8
Use Password Manager: Generate and store in 1Password, LastPass, Bitwarden
❌ DON'T: Use weak or reused passwords
Bad Examples:
password123MyPassword- Same password as email
Why: Your master password protects all vault contents.
Enable Strongest 2FA Available
✅ DO: Use hardware key or authenticator app
Preference Order:
- Hardware Key (YubiKey, Titan) - Most secure
- Authenticator App (Authy, Google Authenticator) - Very secure
- SMS (text messages) - Less secure but better than none
❌ DON'T: Skip 2FA or use only SMS
Why: 2FA prevents unauthorized access even if password compromised.
Store Backup Codes Securely
✅ DO: Save 2FA backup codes in multiple secure locations
Recommended Storage:
- Print and store in physical safe
- Store in password manager (separate from Torvus password)
- Share with trusted family member (sealed envelope)
❌ DON'T: Store backup codes in Torvus vault
Why: If you lose 2FA device, you need backup codes to access vault where you stored them (circular dependency).
Rotate API Keys Regularly
✅ DO: Rotate API keys every 90 days (if using API)
Process:
- Generate new API key
- Update applications
- Test applications
- Revoke old key
❌ DON'T: Use same API key indefinitely
Why: Limits damage if API key compromised.
Data Management
Don't Store Everything
✅ DO: Store only truly important documents
Good Candidates:
- Legal documents (will, deed, contracts)
- Financial documents (tax returns, insurance)
- Identity documents (passport, birth certificate)
- Cryptocurrency keys
- Critical passwords
❌ DON'T: Use as general cloud storage
Not Suitable:
- Everyday work files
- Photos/videos (unless critically important)
- Software installers
- Temporary files
Why: Torvus is for secure inheritance/emergency access, not everyday storage.
Monitor Storage Usage
✅ DO: Track storage usage and stay under 80% capacity
Monitoring:
- Check storage dashboard monthly
- Enable storage alerts
- Delete unnecessary files
❌ DON'T: Max out storage capacity
Why: Prevents failed uploads when you need to add important documents.
Export Vault Regularly
✅ DO: Export vault contents for external backup
Schedule: Quarterly (every 3 months)
Process:
- Navigate to Vault Settings → Backup & Export
- Export as ZIP (all documents + metadata)
- Store encrypted backup offline (external drive, safe)
❌ DON'T: Rely solely on Torvus for backup
Why: Defense in depth - multiple backups protect against all failure scenarios.
Communication
Inform Recipients
✅ DO: Tell recipients they're added to your vault
What to Communicate:
- You've added them as recipient
- What vault contains
- When they'll receive access (policies)
- How to access when notified
- Who else is a recipient
❌ DON'T: Add recipients without informing them
Why: Recipients should know to expect notification and what to do.
Leave Instructions
✅ DO: Include instructions for recipients in vault
Create "README" Document:
Title: INSTRUCTIONS FOR RECIPIENTS
Contents:
1. Purpose of this vault
2. What documents are included
3. Important contacts
4. Step-by-step instructions
5. Who to call if questions
❌ DON'T: Assume recipients know what to do
Why: Recipients may be unfamiliar with digital inheritance process.
Document Important Information
✅ DO: Include account numbers, contacts, PINs
Example Document (Cryptocurrency Vault):
CRYPTOCURRENCY HOLDINGS
Ledger Hardware Wallet:
- Seed phrase: [in separate document]
- PIN: 8472
- Contains: ~2.5 BTC, 15 ETH
- Location: Home safe, top drawer
Coinbase Account:
- Email: myemail@example.com
- 2FA: Authenticator app (backup codes in safe)
- Holdings: ~$50K various coins
Contact for Help:
- Name: John Smith (crypto advisor)
- Phone: +1 555-0123
- Email: john@example.com
❌ DON'T: Provide only raw files without context
Why: Recipients need context to understand and use information.
Compliance & Legal
Consult Attorney for Estate Planning
✅ DO: Coordinate Torvus with overall estate plan
Discuss with Attorney:
- How Torvus vault fits into estate plan
- Recipients vs. will executors
- State-specific requirements
- Digital asset inheritance laws
❌ DON'T: Assume Torvus replaces will
Why: Torvus complements but doesn't replace legal estate planning.
Follow Employer Policies
✅ DO: Check employer policies before storing work documents
Considerations:
- Does employer allow personal storage of company data?
- Are you authorized to store specific documents?
- What happens to business vault after employment ends?
❌ DON'T: Store confidential company data without authorization
Why: May violate employment agreement or data protection policies.
Comply with Regulations
✅ DO: Follow industry-specific regulations
Examples:
- Healthcare: HIPAA compliance for patient data
- Finance: SOX compliance for financial records
- Legal: Attorney-client privilege considerations
- Government: Classified information restrictions
❌ DON'T: Store regulated data without proper authorization
Why: May violate legal or regulatory requirements.
Common Mistakes to Avoid
❌ Mistake 1: Too Many Vaults
Problem: Creating 20+ vaults for minor distinctions
Solution: Use 3-5 purpose-specific vaults with folder organization
Why: Too many vaults become unmanageable
❌ Mistake 2: Forgetting to Test
Problem: Setting up vault and never testing recipient access
Solution: Test annually with Professional plan Test Release feature
Why: Ensures system works when actually needed
❌ Mistake 3: Outdated Information
Problem: Vault contains old passwords, closed accounts, outdated documents
Solution: Quarterly review and update schedule
Why: Outdated information can cause problems for recipients
❌ Mistake 4: Single Point of Failure
Problem: One recipient, one policy, one backup
Solution: Multiple recipients, multiple policies, multiple backups
Why: Redundancy prevents single failures
❌ Mistake 5: No Instructions
Problem: Vault full of files with no explanation
Solution: Create README document with instructions and context
Why: Recipients may not understand what they're looking at
Recommended Configurations
Personal/Family Vault
Configuration:
- Recipients: Spouse (Admin), Children (Operator), Attorney (Viewer)
- Policies: Inactivity (monthly) + Death Certificate
- Check-ins: Monthly via mobile app
- Contents: Will, insurance, financial accounts, passwords
- Review: Quarterly
Business Vault
Configuration:
- Recipients: Partner (Admin), COO (Operator), Attorney (Viewer)
- Policies: Inactivity (weekly) + Manual Release
- Check-ins: Weekly via email
- Contents: Passwords, vendor contacts, legal docs, financials
- Review: Monthly
Cryptocurrency Vault
Configuration:
- Recipients: Spouse (Admin), Crypto Advisor (Operator), Attorney (Viewer)
- Policies: Inactivity (monthly) + Death Certificate
- Check-ins: Monthly via mobile app
- Contents: Seed phrases, private keys, exchange info, instructions
- Review: Quarterly
Next Steps
- Security Overview: Understand security architecture
- FAQ: Common questions answered
- Vault Settings: Configure vault settings
- Configure Policies: Advanced policy configuration
Last Updated: October 7, 2025