As digital technologies become more prevalent there is a growing awareness of the importance of good security and privacy practices. The tools and techniques used to achieve this are typically designed with the living user in mind, with little consideration of how they should or will perform after the user has died. We report on two workshops carried out with users of password managers to explore their views on the post-mortem sharing, security and privacy of a range of common digital assets. We discuss a post-mortem pri- vacy paradox where users recognise value in planning for their digital legacy, yet avoid actively doing so. Importantly, our findings highlight a tension between the use of recommended security tools during life and facilitating appropriate post-mortem access to chosen assets. We offer design recommendations to facilitate and encourage digital legacy planning while promoting good security habits during life.