One-Time Share 2021 - 2022
PROJECT OVERVIEW
This One-Time Share feature iis making it easier to share passwords with anyone. Instead of using our pre-existing sharing options, which require an account, or just copying and pasting log-in information, which is essentially insecure, One-Time Share makes sharing a password a bit more like sharing a Google Doc with someone.
GOALS
-
Allow any keeper user to share a record safely with a non-Keeper user.
-
Increase Keeper exposure in order to convert potential customers
DELIVERY
BUSINESS REQUIRMENTS
Safety
Keeper security must maintain zero-knowledge and usability while sharing records with non-keeper users.
Effortless
The sharing experience must be very easy to
set up, much less work than typing out
one password.
SECURITY CONSIDERATIONS
Our One-Time Share Feature is built to be secure by design.
Time-Limited
Externally shared links will always be time-limited. Even if you forget about it.
We won't, it’ll go away eventually.
Zero-Knowledge
The link is zero-knowledge, we never email it, have access to it, or send it.
Encryption and decryption are client-side through a patent-pending process.
Bounded Link
The link is bound to the browser that opens it. If someone else gets the link or
your email is hacked, it won’t work for them, only the intended recipient who opened it.
Research
When can this One-Time Share feature be used?
Why Does All This Matter?
Why Build The Option to Securely Share a Keeper Record with Anyone?
To answer these questions, let's review this Cyber Security Report 2021 from Keeper research team.
We know that at home and at work, people are sharing secrets like passwords and API keys through insecure methods. Employees have bad password habits. According to this report, 46% of companies let new employees use old credentials
Cyber Security Report 2021
As a result we know that people share the same or similar variety of passwords at personal and work accounts. If their personal account has been hacked, it will jeopardize their business account as well. And vice versa, insecure sharing remains common. If I share my work login info with an external contractor or freelancer with insucured way, cyberthreats can access my personal account, even my bank account.
That's why we need to provide a secure way to share our password.
User Feedback from Customer Support Team
Primary Use Case
As a keeper user, I want to temporarily share something with a non-keeper user so that I can securely share something without requiring them to create an account.
Understand the Context and Users We Are Designing for
DESIGN
Functional Requirements
Create a One-Time Share Record
Keeper Users can share passwords temporarily with non-Keeper Users securely.
View a One-Time Share Record
Recipient (Non-Keeper User) can see the shared record without creating an account.
Manage One-Time Share Records
Keeper Users can view active and expired One-Time Share links.
Also, they can delete a link to revoke access.
User Flow Diagrams
Initial Wireframes
Workflows
I have mapped out the different workflows on my figma for functional team collaboration.
FINAL DESIGN
Web Vault & Desktop App
Viewing a One-Time Sharing
Expiring Landing Page
Converting Desktop to Mobile App
Interactions: Tooltip Hover
Tooltip shows as hover status
Click “?” To check the tooltip
Tooltip show as popup screen
Popup screen dismiss
Integrated Features
Copy to Share
Integrated Share feature
Share to Message
More Options to Share
Dropdown Menu
Dropdown Menu work better in a desktop environment
Create a One-Time Share
V1: Dropdown Menu
V2: Display All Options
Converting iOS to Android