Why S3 over Backblaze B2? With B2 the first 10GB is free, $7/TB/mo after that, free egress and API calls, and hot storage. Seems to be a much better offering for OP unless I'm missing something.
A terabyte for 20 years would be $1680 at that rate. Backblaze would be better for that first gig but not for all their photo content, unless they also have archival tier pricing.
I don't actually. I moved EVERYTHING to long random passwords. I don't want my email to get hacked because thats kind of the key to being able to reset a shit ton of passwords. Also it has 2fa now so if I don't have access to a 2nd factor (or maybe a backup code... I should set that up) then I'm screwed.
I know maybe 4 of my current passwords:
bank card pin
log in for my computer
phone pin
password for KeePassXC
password for work accounts but only because they make me put it in endlessly and also don't allow me to use a phone at work AT ALL... so I use a weak password I can remember
That’s probably overkill. You can easily have enough entropy to defeat brute force and still be memorable. But, I feel like remembering a password isn’t such a giant obstacle, is it? Probably less difficulty than dealing with losing your safety deposit box key and identification in the hypothetical house fire.
Having a password manager that isn't exclusively tied to a physical device would allow you to have the same password behavior without reusing passwords to improve memorization (which is the biggest risk for most people not using a password manager, not the ability to brute force any particular password). I similarly only have a few passwords memorized, but my password manager contains everything else, including my 2fa backup codes, so I'd be able to get back into other accounts in case of an emergency because I can access that. But I use a password manager that stores my things in the cloud, which I assume OP doesn't want to do because that's the main reason people use KeePassXC.
But changing their password behavior isn't necessary, they just need to ensure they can access their KeePassXC database after a disaster like this. KeePassXC's documentation says you can safely store the encrypted database file in the cloud and recommends regular backups, but if that's too online, I believe copying it to a flash drive and sticking it in a safety deposit box somewhere would work (although it would be somewhat more annoying to update your backup that way). This would probably fill the "backup of passwords and instructions for wife upon death" criteria, at least.
This would be my recommendation as well. I got close to 400GB on Glacier and pay less than $0.20 per month. The only downside is that I couldn't find software that backed things up the way I wanted, so I ended up vibe coding a massive bash script to compress, encrypt and upload the data for me while doing integrity checks.
For many years, my offsite backup plan was literally a spare HDD in my safe deposit box at the bank.
I had 2 such HDDs. One was employed in active nightly backups at home, and every month or 2, I would take that HDD to the bank, swap 'em out, and put the other one into play for the nightly backups. That way, the HDD in the bank was never more than 2 months out of date.
Same, although for me it was a disk I rotated to and from a drawer at my office.
When I started working from home, I moved to a big disk in an eBay refreshed office workstation in a closet at my parents place that I use as a restic endpoint. Works great, although not cold storage per se and definitely has a WAF approaching zero.
In fact my break glass situation is a piece of paper with critical passwords written on it and stored in a filing cabinet in my house. Ain’t no script kiddies getting that.
Optical would be better, especially if you're only talking about ~1GB or so.
Still, quality HDDs are typically rated for ~5 years, and probably generally good for double that ... this is particularly true if you're not using them constantly, but just writing data on them and then putting them in long-term storage.
When I was looking into this a few years ago, the consensus answer seemed to be that there's not a great option, but archival-quality optical media is probably the best one. (Flash doesn't have great longevity offline, and hard disks are something of a question mark—and the typical failure mode isn't "some degradation", it's "this complicated mechanical device has broken and does not work at all".) Consensus at the time seemed to be that archival-quality media was expensive out of proportion to the increase in quality, and there was a whole lot of discussion of (mostly non-actionable) concerns like the original manufacturer of a piece of media. My conclusion ended up being:
Optical media is cheap enough that just buying the "expensive" stuff is probably worth it.
Burn multiple copies, confirm that they are readable (coasters are pretty uncommon these days, but not unheard-of), and distribute them geographically.
Try to make sure they're stored appropriate, i.e. in a case, in the dark, not too humid.
My schema is mostly to have encrypted backups stored online (in Backblaze B2, in my case), with encryption keys, a copy of my password vault, and a handful of other useful things on the backup disks. In the end, I've got a few dozen megabytes on my backup discs (on DVD media, because that's all that was available, lol).
For long-term storage, the answer is, oddly enough, to keep it online and monitored. Individual units of storage media are pretty fragile, but a NAS with a handful of drives and someone checking up on it regularly will keep data stored more-or-less indefinitely. (Online storage is much easier to accidentally delete stuff off of, of course, so it's not a panacea.)
I'm literally just (re)setting my backup system and ended up with Arq Backup after trying their free tier for a month. Decided on their cloud version ($60/year) instead of the pay once version ($50), we'll see in a year if I'll keep the cloud version.
The Important Stuff (the things that are really irreplaceable) go to B2, my Hetzner Storage Box (free with my VPS) and Arq Cloud Storage. Most of that stuff is also in iCloud, so that should be enough. =)
The rest is cross-synced to all of my machines (laptop, desktop, NAS) with Syncthing via Tailscale
I've also got a few VPSs etc, that are backed up to B2 with restic, although most of the important stuff in them is in Ansible playbooks and Github (configs etc)
A few years ago I went through the "cold storage" options and decided they aren't worth it. Burning CDs and DVDs would require archival quality discs and they're hard to source in 2026. Similarly storing SSDs and HDDs offline is risky, they might just rot in storage. Thus -> just back up to multiple places online and hope that the world doesn't end in a massive global EMP.
Personally I have a hard drive in my desk at work with backups. Burnt to CDs was my fathers method and 12 years later about half of it is unrecoverable.
unkz | a day ago
S3. 2.3 cents per gig per month. 20 years is $5.50 per gig. My safety deposit box is $60/year for comparison.
I should also mention that deep archive tier storage is way cheaper at $0.00099 per GB. You could store a terabyte for 20 years for $237.60.
sleepydave | a day ago
Why S3 over Backblaze B2? With B2 the first 10GB is free, $7/TB/mo after that, free egress and API calls, and hot storage. Seems to be a much better offering for OP unless I'm missing something.
unkz | 21 hours ago
A terabyte for 20 years would be $1680 at that rate. Backblaze would be better for that first gig but not for all their photo content, unless they also have archival tier pricing.
[OP] mild_takes | a day ago
If my house burns down and I don't have anything except a (hypothetical) brand new computer then how do I access that?
Edit: and bus factor.
unkz | a day ago
I assume you remember your email password? That’s all you’d really need to get in.
[OP] mild_takes | a day ago
I don't actually. I moved EVERYTHING to long random passwords. I don't want my email to get hacked because thats kind of the key to being able to reset a shit ton of passwords. Also it has 2fa now so if I don't have access to a 2nd factor (or maybe a backup code... I should set that up) then I'm screwed.
I know maybe 4 of my current passwords:
bank card pin
log in for my computer
phone pin
password for KeePassXC
password for work accounts but only because they make me put it in endlessly and also don't allow me to use a phone at work AT ALL... so I use a weak password I can remember
unkz | a day ago
That’s probably overkill. You can easily have enough entropy to defeat brute force and still be memorable. But, I feel like remembering a password isn’t such a giant obstacle, is it? Probably less difficulty than dealing with losing your safety deposit box key and identification in the hypothetical house fire.
sparksbet | 22 hours ago
Having a password manager that isn't exclusively tied to a physical device would allow you to have the same password behavior without reusing passwords to improve memorization (which is the biggest risk for most people not using a password manager, not the ability to brute force any particular password). I similarly only have a few passwords memorized, but my password manager contains everything else, including my 2fa backup codes, so I'd be able to get back into other accounts in case of an emergency because I can access that. But I use a password manager that stores my things in the cloud, which I assume OP doesn't want to do because that's the main reason people use KeePassXC.
But changing their password behavior isn't necessary, they just need to ensure they can access their KeePassXC database after a disaster like this. KeePassXC's documentation says you can safely store the encrypted database file in the cloud and recommends regular backups, but if that's too online, I believe copying it to a flash drive and sticking it in a safety deposit box somewhere would work (although it would be somewhat more annoying to update your backup that way). This would probably fill the "backup of passwords and instructions for wife upon death" criteria, at least.
gco | 10 hours ago
This would be my recommendation as well. I got close to 400GB on Glacier and pay less than $0.20 per month. The only downside is that I couldn't find software that backed things up the way I wanted, so I ended up vibe coding a massive bash script to compress, encrypt and upload the data for me while doing integrity checks.
Eric_the_Cerise | a day ago
For many years, my offsite backup plan was literally a spare HDD in my safe deposit box at the bank.
I had 2 such HDDs. One was employed in active nightly backups at home, and every month or 2, I would take that HDD to the bank, swap 'em out, and put the other one into play for the nightly backups. That way, the HDD in the bank was never more than 2 months out of date.
maple | a day ago
Same, although for me it was a disk I rotated to and from a drawer at my office.
When I started working from home, I moved to a big disk in an eBay refreshed office workstation in a closet at my parents place that I use as a restic endpoint. Works great, although not cold storage per se and definitely has a WAF approaching zero.
In fact my break glass situation is a piece of paper with critical passwords written on it and stored in a filing cabinet in my house. Ain’t no script kiddies getting that.
[OP] mild_takes | a day ago
How long is an HDD really good for?
Bonooru | a day ago
Life expectancy for this sort of thing is 5-10 years in my experience.
Eric_the_Cerise | 22 hours ago
Optical would be better, especially if you're only talking about ~1GB or so.
Still, quality HDDs are typically rated for ~5 years, and probably generally good for double that ... this is particularly true if you're not using them constantly, but just writing data on them and then putting them in long-term storage.
whbboyd | 23 hours ago
When I was looking into this a few years ago, the consensus answer seemed to be that there's not a great option, but archival-quality optical media is probably the best one. (Flash doesn't have great longevity offline, and hard disks are something of a question mark—and the typical failure mode isn't "some degradation", it's "this complicated mechanical device has broken and does not work at all".) Consensus at the time seemed to be that archival-quality media was expensive out of proportion to the increase in quality, and there was a whole lot of discussion of (mostly non-actionable) concerns like the original manufacturer of a piece of media. My conclusion ended up being:
My schema is mostly to have encrypted backups stored online (in Backblaze B2, in my case), with encryption keys, a copy of my password vault, and a handful of other useful things on the backup disks. In the end, I've got a few dozen megabytes on my backup discs (on DVD media, because that's all that was available, lol).
For long-term storage, the answer is, oddly enough, to keep it online and monitored. Individual units of storage media are pretty fragile, but a NAS with a handful of drives and someone checking up on it regularly will keep data stored more-or-less indefinitely. (Online storage is much easier to accidentally delete stuff off of, of course, so it's not a panacea.)
shrike | 14 hours ago
I'm literally just (re)setting my backup system and ended up with Arq Backup after trying their free tier for a month. Decided on their cloud version ($60/year) instead of the pay once version ($50), we'll see in a year if I'll keep the cloud version.
The Important Stuff (the things that are really irreplaceable) go to B2, my Hetzner Storage Box (free with my VPS) and Arq Cloud Storage. Most of that stuff is also in iCloud, so that should be enough. =)
The rest is cross-synced to all of my machines (laptop, desktop, NAS) with Syncthing via Tailscale
I've also got a few VPSs etc, that are backed up to B2 with restic, although most of the important stuff in them is in Ansible playbooks and Github (configs etc)
A few years ago I went through the "cold storage" options and decided they aren't worth it. Burning CDs and DVDs would require archival quality discs and they're hard to source in 2026. Similarly storing SSDs and HDDs offline is risky, they might just rot in storage. Thus -> just back up to multiple places online and hope that the world doesn't end in a massive global EMP.
Dangerous_Dan_McGrew | 9 hours ago
Personally I have a hard drive in my desk at work with backups. Burnt to CDs was my fathers method and 12 years later about half of it is unrecoverable.