You'd need to be logged in, otherwise anyone could initiate it and scuttle a perfectly good nsec. The cleverness is if both a hijacker and the true owner have access to npub1, the hijacker would never activate the failsafe, since that would cause him to lose the acct. It's basically a perfect solution.