Security Blanket Glossary

Card Shorthand Notation

Card Reference - Cards are referred to by the top-line name and ID provided, <name>/<id>. For example, Phone/1 refers to the first phone listed.

@- The “@” symbol refers to a card, and is a nice shorthand to describe where a piece of software is located or how to access a credential:

  • For example, a TurboTax license may be located on @Laptop/1.
  • A Yahoo email account card could write out the user ID and password literally (not recommended), or refer to a password manager instead: ID: @PwdMgr/1 and PW: @PwdMgr/1.

/ - The “/” symbol is used sor more specific details of a Card Reference. For example, Password: @Phone/1/PIN means use the Phone’s PIN as the password for the card in question.

Common Terms for Credentials, Tools, and Devices

ID: The User’s identifier, i.e. username or email address in most applications

PW: The Password

PIN: Secondary access code, typical for quick access modes in mobile apps, or bank accounts

Comp: Computer Laptop or Desktop or Comp, or stick to Model names with identifiers if there are multiple, i.e. macbook air vs. macbook pro.

Phone: Mobile Phones, distinguish with phone models if easier (iPhone, Pixel7).

PwdMgr: Password Managers and General tools for password management.

MFA: Multi-Factor Authentication tool, like SMS, Authenticator App, Yubikey. Typically used alongside a PW to access an account.

Wallet: Hardware, or Software, Wallets. Usually easier to stick to Model names with identifiers if there are multiple, i.e. Ledger.

Bio: Biometric credentials, like fingerprint, faceId, etc.

Note: You don’t have to use these terms or notations, but the key to a safe security blanket is consistency, so your contacts can easily understand your system.

Other Terms

Contact: A trusted person to operate a security blanket on your behalf.

Standby Mode: The contact has the security blanket fully set up and operational, in case any action is required.

in-the-clear credential: The literal representation of the credential, i.e. the password text to enter. As opposed to a meta-credential.

meta-credential: The method to access the literal representation of the credential. The “how-to get the text”, rather than the text itself. As opposed to a credential in the clear. For example, the digital map template uses “(clear)” to denote a credential is passed in-the-clear.

Digital Map: A representation of a user’s digital accounts and assets using meta-credentials in the security blanket system. Here is an example template and map. The map should be divided into the different types of cards, and accounts should be listed in priority order.

Remote Restore: An MFA feature that most TLAs provide for account recovery, typically via “backup codes” or a “recovery email”. Meant to be a backup if the user has lost access to their primary MFA method. For example, using backup codes to log into your Google account if you lost your phone that receives verification codes.