To be honest, if your decryption process is "just" a passcode you "know" then you've already failed.
You could have a key and a passcode that relies on 10 steps (such as using a web service) that is reliable for you to know but not easy to "explain" how to obtain (and, as a bonus, easy enough to build in a dead man's switch, if I don't visit script.php within 24 hours the key is gone and even I can't decrypt now).
You could have a key and a passcode that relies on 10 steps (such as using a web service) that is reliable for you to know but not easy to "explain" how to obtain (and, as a bonus, easy enough to build in a dead man's switch, if I don't visit script.php within 24 hours the key is gone and even I can't decrypt now).