You'd need to be logged in, otherwise anyone could initiate it and scuttle a perfectly good nsec.
The cleverness is if both a hijacker and the true owner have access to npub1, the hijacker would never activate the failsafe, since that would cause him to lose the acct.
It's basically a perfect solution.
