Digital Estate Planning for Solo Founders: Why Your Will Won't Unlock the Business

A digital estate plan for solo founders bridges the gap a will can't: heirs may legally own your company yet be locked out of every account. Here's how to fix it.

The day your password manager outlives you

There is a quiet assumption buried inside most solo businesses: that the founder will always be there to log in. Not in any dramatic sense — just the ordinary Tuesday-morning sense of typing a master password, approving a two-factor prompt, renewing a domain before it lapses. The whole operation runs on a single nervous system. When that nervous system stops, the body keeps standing for a while, but nothing inside it can move.

Software teams have a name for this. They call it the bus factor: the number of people who would have to be hit by a bus before a project becomes unrecoverable. For most solo founders, the bus factor is one. And the part almost nobody plans for is not who inherits the business — it's who can actually get into it.

Ownership and access are two different things

Here is the gap that surprises grieving families and co-founders alike. A will, a trust, an operating agreement — these documents transfer ownership. They decide who legally receives your equity, your bank balance, your intellectual property. What they do not do is hand anyone a login.

Your Stripe account, your domain registrar, your email, your code repository, your customer database — these live behind credentials and behind the terms of service you agreed to when you signed up. Most of those agreements explicitly prohibit account sharing and say nothing useful about death. So your executor can hold a court order naming them the rightful owner of the company and still stare at a login screen demanding a six-digit code sent to a phone that is now switched off.

This is not a hypothetical edge case. It is the default outcome. Ownership flows through the law; access flows through systems that have never met your lawyer.

RUFADAA: the law that decides who gets in, and how

In the United States, most states have adopted a law with an ungainly name: the Revised Uniform Fiduciary Access to Digital Assets Act, or RUFADAA. It exists precisely because the old probate system had no concept of a digital account. What matters for you is the order of priority it sets up, because that order is counterintuitive.

RUFADAA establishes a hierarchy of who controls access to your digital assets after death:

First, an online tool provided by the service itself. If a platform offers a built-in way to name someone, that choice overrides everything else — including your will. Google's Inactive Account Manager, Facebook's Legacy Contact, and Apple's Legacy Contact (introduced in 2021) are exactly these tools. Whatever you set there wins.

Second, your legal documents. If there is no online tool, then directions in your will, trust, or power of attorney control whether your fiduciary can reach the account.

Third — and only if the first two are silent — the terms of service. This is the floor you fall through if you've done nothing. And those terms were written to protect the company, not your heirs.

The practical lesson is sharp: a brilliantly drafted will can be quietly overruled by a setting you never touched, and an account with no instructions at all defaults to whatever clause a lawyer buried in a signup agreement a decade ago. Planning for digital access means working with this hierarchy, not assuming your will sits at the top of it.

Why founders, specifically, keep putting this off

There is a well-documented cognitive habit called optimism bias — the tendency to believe bad outcomes are more likely to happen to other people than to ourselves. It's the same instinct that makes us underinsure and overcommit. Founders are, almost by selection, optimism bias in human form. You don't start a company alone unless you believe the odds bend in your favor.

Layered on top is something psychologists call mortality salience avoidance: we're wired to steer our attention away from concrete reminders of our own death. Planning your estate is not abstract paperwork; it is sitting in a chair and imagining the world continuing without you in it. The mind flinches. So the task gets reclassified, week after week, as important but not urgent — and important-but-not-urgent is exactly the quadrant where things go to quietly never happen.

The antidote isn't more willpower. It's shrinking the task until the flinch has nothing to grab onto. You are not planning your death. You are writing down where things are.

What an access map actually contains

Think of the deliverable not as a legal instrument but as an operations document — the runbook you'd hand a new hire on their first day, except the new hire is whoever has to keep the lights on or wind things down with dignity.

A usable map answers four questions for every critical asset:

Where is it? The registrar, the bank, the host, the repo, the cap table software — named explicitly, not "the usual places."
How do you get in? Not the password written in plaintext, but the path: which password manager holds it, where the recovery codes live, which phone or hardware key satisfies two-factor.
What does it do? A one-line note on why this account matters, so someone who has never run your business knows that letting this domain lapse kills email for every customer.
What should happen to it? Continue, transfer, or close. A subscription to cancel is a very different instruction from a production database to preserve.

The two-factor question is the one people miss. You can document every password perfectly and still leave your heirs locked out because the second factor — a code, a tap, a physical key — is tied to a device or a number that dies with you. Recovery codes, stored somewhere your fiduciary can reach, are often the single most valuable thing in the entire map.

Make it findable, then keep it breathing

A perfect plan nobody can locate is identical to no plan. Two failure modes bracket this: the document so secret your family never finds it, and the document so exposed it becomes a security risk while you're alive. The resolution is to separate the contents from the key to the contents — store the sensitive material securely, and make sure the right person knows it exists and how to trigger access, ideally through the platforms' own online tools where they exist.

And treat it as a living thing. You add a payment processor, rotate a key, move to a new bank. A map that was accurate eighteen months ago can be confidently wrong, which is worse than blank, because it sends someone down a dead end during the one week they have the least patience for dead ends. A short quarterly glance is enough to keep it honest.

The version of care you won't be around to give

Most of what we call founder grit is really just being there — catching the thing before it breaks, knowing which fire is real. Estate planning for your digital life is the one act of that care you have to perform in advance, for a moment you won't witness. It is, in the most literal sense, a love letter written in logins and instructions: here is how to be me, for just long enough to do right by what I built.

Heirloom exists for exactly this gap — the death-binder built for solo founders, where your vault, your handoff instructions, and your beneficiaries live in one place, structured so the right person can find the right key at the right moment without you in the room. It won't make the flinch go away. It just makes the task small enough to finish in an afternoon, and findable enough to matter. If your bus factor is one, that's worth an afternoon: heirloom.lumenlabs.works.