Developing Password Manager application for ICS/Honeycomb in 30 Days
I am an independent mobile software developer. I want to develop a password manager application for Android. This is a type of app, where you can store your logins, passwords, credit card PINs and so on in encrypted form. Yes, there are dozens of such applications already available on Android Market and I did try almost all of them (both free and paid). There are some of them: SPB Wallet, Handy Safe, SafeWallet, Password Safe, SplashID, eWallet…
So, why do I need another password manager app? Mostly because of the user interface (UI). Most of the existing apps have so ugly UIs. Some of them seems just never thought about UI and focused only on functionality. Some are ports from another mobile operating systems (Windows Mobile, iOS) and look like aliens on Android. Another important thing is tablets (with Android 3.x Honeycomb). None of the existing apps use tablet’s screen estate for a beter user experience (UX). They just stretch their existing phone UIs on a big tablet screen (often with issues), which is dummy.
And the last, but not least is Android 4.0 UI. In this version of Android (also called Ice Cream Sandwich or ICS) Google introduced a brand new UI – simple, effective, clean and very nice. I am using it daily on my Galaxy Nexus and like it very much. So, my app will follow this style as described on Android Design web site.
My idea is starting today and finishing in 30 days with a fully-featured beta version of the app. I do believe that I can achieve this.
Here in this forum thread (and also in my blog www.safe-in-cloud.com) I will be describing the development process: UI decisions, feature ideas, screenshots and so on.
And want I really need is a feedback from you - passionate Android users. I believe that only this will help me in creating a really good app. So, I will appreciate ANY feedback and suggestions. Thank you in advance!
Last edited by safeincloud; March 31st, 2012 at 11:41 PM.
The Following User Says Thank You to safeincloud For This Useful Post:
I'd be interested if................. I currently use Roboform Everywhere. But, I don't trust it. If I were to ever lose my phone all my passwords would be available to anybody, Why, because by default as far as I can tell, doesn't require you to enter a master password to enable the use of RF.
If your App could import Roboform passes, and keep up with the syncing........ And require a master pass' for each use I would definitely be interested.
One of the reasons I'm stuck on RF is the easy availability to recently used passwords (favorites). The closest I've come to the functionality of RF is LastPass..... It Sucks! Not intuitive at all.
And I am in agreement with you, the UI's are horrible.
Day 2: Password Manager application for Android – User Goals & Scenarios
Originally Posted by Laughingcat
If your App could import Roboform passes
Sure, importing from other apps is very important feature. I will add Roboform tho the list.
Originally Posted by Laughingcat
One of the reasons I'm stuck on RF is the easy availability to recently used passwords (favorites).
This is a very important comment. And here some thoughts about designing UI and a question in the end.
It is always tempting to start coding without a deep thinking first. This is a direct way of cooking yet another application that users cannot use and understand, because of tons of wired features and options. Let’s follow the Alan Cooper’s "About Face 3" famous book about doing right user interfaces. I will oversimplify the process to fit this post in one page:
1) Recognize user’s goals. What do they want to achieve by using this app?
2) Model users. Make one or several virtual persons that will be using your app’s.
3) Write usage scenarios. Make some stories how virtual persons use your app.
These are 3 initial steps. Lets consider them in details.
I think that the main user’s goal is to be authorized ASAP. More precisely, authorized with a password or PIN code. And users do not want to remember all their different passwords. There are lots of another authorization ways like, fingerprints, Near Field Communications (NFC), electronic signatures, but they are out of the scope of our app.
What about users? I think they are common Android smartphone users from 15 to 65-years old.
And now here are som scenarios from own experience.
Scenario #1: Noisy street. Dimmed lights. ATM. Someone behind me waiting in a line. I need to find a PIN for my credit card.
Output #1: Contrast colors and large fonts. Ability to hide passwords from those around you. Minimum taps-clicks for login & fastest search-navigation approach.
Scenario #2: At my computer. Logging to some web site. A browser does not auto-fill my login/password for some reason. I need to find and copy/paste them from the app to a browser.
Output #2: Information copy/paste. Tight browser integration. This is a problem, because the both default Android browser and Chrome for Android do not support extensions yet.
And I would love to hear your scenarios and their outputs.
Last edited by safeincloud; March 9th, 2012 at 11:53 AM.
Day 3: Password Manager application for Android – Folders vs Search-Labels-Favorites
In fact, Safe In Cloud is a database of records, where each record contains login/password or credit card information. So, the question is how users will organize and then navigate through those records?
All the existing applications of such kind use the old-fashioned folders approach. In this approach, users should create folders first, then create records in these folders. Users (and app authors) are used to such approach on desktop operating systems with their files and folders. So, why is it bad?
* Need to pre-organize a database first by creating folder structure. Or use some predefined folders, which almost don’t suite you.
* There is no single list of records to see through. And navigation through a folder tree is a pain.
* A record can belong to one folder only. E.g. I need to decide where to put my private credit card into – Private or Credit Cards folders (but not both).
But, can we do a better job? I believe, yes. Look at Gmail’s user interface. There are no folders, just the search box, favorite stars and labels that you can assign to your letters. So, why is it better?
* There is one single list with fast & easy search via typing first letters of a record’s name (same as in Contacts/People app). No navigation there and back.
* There are favorites to bring your most used records to the top of a list.
* There are labels to organize your records in any way you can imagine. But only if you need to. Who needs organization for a few records?
So, let’s go Gmail way. Here are some screenshots.
Day 4: Password Manager application for Android – It is Cloudy
Safe In Cloud name tells you that a cloud is an essential part of the app. It is true. Basically, a user enters his/her data on a phone/tablet and then the app syncs/stores the data to a cloud. A little scary? Not at all. The data is fully encrypted with 256-bit Advanced Encryption Standart (AES) encryption. It was adopted by U.S. government and is now used worldwide.
Actually, all goes into clouds nowadays. Almost all Android users (including me) already have their email, calendar, contacts and photos in the Google cloud. In fact, it is much more safer storing data in a cloud, then on a computer or on a phone, which you can break or lose. And it is also much more suitable in cases, when you move to a new phone/computer. You can restore all your data from a cloud within seconds – no file moving pain anymore.
The most popular 3-rd party cloud now is Dropbox, which offers 2GB free and good applications for syncing your files for any mobile or desktop OS. Dropbox also has an SDK for integration with Android apps, which I am planning to use.
Box is an another cloud to support. It is less popular, but getting users aggressively with their recent 50GB free offer for all Android users (usually it is 5GB).
And the last, but definitely not the least is Google Docs, which is not essentially a file storage cloud, but can be used that way. Google Docs main benefit is that every Android user has access to it (even without knowing this). There are also many rumors about coming Google Drive, which should become a true file cloud.
PS. There are also some "alien" clouds that won’t be supported: Microsoft’s SkyDrive, Apple’s iCloud.
Day 5: Password Manager application for Android – Login screen
Let’s have our hands on some real user interface. The first task in any password manager app is an authorization. A user needs to enter his password. This task is a kind of obstacle for him. So, we need to make it fast and easy. This means: less taps and easy taps.
“Less taps” means that we should avoid unnecessary taps. E.g. usually a user taps his password and then presses an OK button. This OK button has no sense, because we can analyze a password during user’s typing and accept it automatically as soon as it matches.
“Easy taps” means that we should make typing easier by using big buttons, instead of tiny buttons of the Android on-screen keyboard. We can achieve this by using all screen’s estate for placing digital buttons. Here is how it looks in real:
So, this is the ideal UI for users with numeric passwords. They type password and and automatically log into the app. Those who have alpha-numeric passwords need pressing “abc” button in the left-bottom corner to bring the onscreen keyboard. This is an “extra” tap for them, but I personally think that a numeric password is not so bad idea, taking into account that you don’t need messing with tiny keyboard buttons.
Day 6: Password Manager application for Android – A picture is worth a thousand words
There is usually a list of records in a password manager application. Assigning a picture (icon) to each record helps users to identify a required record faster and easier. So, it is a common practice now and I am going to follow this practice. But what kind of icons people would like to use? This depends on what kind of records they will have.
Let’s make a list for an “average” user:
Credit cards: Visa, MasterCard, Amex
Accounts in social networks: Facebook, Google+, some local and/or specific
Misc web accounts: online banking, blogs, online shops and so on
Passport, ID, driver license, tax numbers
Login/password pairs for everything else
I might use real logotypes for all known brands (Visa, MasterCard, Facebook, Skype, …) as record icons, but this is not good because:
This might violate copyrights of trademark/logotype owners (thought I am not a lawyer).
It is almost not possible to collect all the logos that users might need, especially taking into account cross-country differences.
Finally, this will look bad, because of different logotype styles, colors and shapes.
So, I decided to use symbols from The Noun Project. This project collects highly recognizable symbols that form the world’s visual language.
But having black-and-white symbols is not fun. So, I decided that each record will have its own color, which will be used as a background for record’s icon. This color can also have a meaning. E.g. Facebook is blue, Yahoo is purple. And for your Visa card record you can choose the same color as your real card has.
Day 7: Password Manager application for Android – Ice Cream Sandwich is coming
Today Samsung started rolling out Android 4.0 (Ice Cream Sandwich) update to its Galaxy S II phones in Europe and Asia. This means much more users for Safe In Cloud very soon. As for today there are only about 1.6% of all Android phones have ICS. This is the Platform version chart from Android Developers web site:
It will be interesting to compare the percentage in a month from now.
So, why Safe In Cloud does not run on Android 2.x? Because of big user interface differences between Android 2.x and Android 4.x. In Android 4.x (Ice Cream Sandwich) Google introduced 4 global changes to Android applications UI. Here they are:
Navigation Bar. It is always on screen and replaces old 4 under-screen buttons. The new buttons are: Back, Home and Application switcher. No more Menu button.
Action Bar. It is a replacement for old Android menu. Action bar contains icons-actions and three dots at the right for more options. It is also a place for different navigation widgets like a drop-down selector or tabs.
Multiple Panels. Actually, this was introduced in Android 3.x (Honeycomb). You can have two panels simultaneously (left and right), when an app is running on a big tablet’s screen.
Item Selection. In Android 2.x a long press on an item invokes a context menu for this item. In ICS a long press is used for multiple item selection. In this mode selection-related actions appear in the Action bar.
Yes, it is still possible supporting the both old (Android 2.x) and new (Android 4.x) UIs, but this requires significantly more efforts and wired coding. This is must for massively used apps like Facebook or Gmail, but it is only a waste of time for newcomers like Safe In Cloud.
Day 11: Password Manager application for Android – Selection
Android 3.x redefined the lon press behavior. In Android 2.x the long press on an item brings a context menu for this item. In Android 3.x and 4.x (Ice Cream Sandwich) the long press selects an item and allows to select more items with single presses. The long press also brings the Contextual Action Bar (CAB) that replaces the current application Action Bar.
This approach is used in almost all ICS built-in application. I also implemented it for the Card list view:
Day 12: Password Manager application for Android – Less is more
What kind of information users usually store in a Password Manager application? The most used types are login-password pairs and credit card details. There are some more, but these two are the champions. Let’s look at a credit card record. It usually consists of the following details or fields:
Card name (e.g. “My Bank VISA card”)
Card holder name
Card Verification Value (CVV)
A phone for blocking a lost card
It is easier for a user to have a form with such fields and just fill it in with an appropriate information. Such pre-defined form are usually called a Template. So, a good Password Manager should provide a number of templates for the most common types of information.
As I wrote before, I tried almost all password manager applications on Android and all they have two critical template-related issues for me:
They provide too many different templates
Those templates have too many different fields
For example, I need to add a new record, which is in 90% cases is a login-password pair or a credit card. But first, I need to look through an endless list of pre-defined templates and choose the right one. And then I get a form with a dozen of fields, though I need only two or three of them.
So, I decided to follow the “LESS is MORE” principle and add only a minimum of pre-defined records with a minimum of fields. Here is the screenshot with the full list of templates (no scrolling required).
You can see that there are still lots of free apps on Android. So, why is it bad? Because most of these free apps have no support and further development. It means that they are not being ported to new Android releases, no bug fixes, no additional localizations, no tablet support, no Ice Cream Sandwich UI support. They are single-use or “single-develop” apps for their authors: develop and forget. I personally have a couple of such examples. And the reason is simple: everything has costs and need to be paid. At the beginning Google focused on a number available application for Android OS, but not on their quality. So, now Android OS have more apps than iOS, but their average quality is questionable.
I write all this just to say that Safe In Cloud to be a paid app with a strong promise of the long term support and development. Sure, it is possible to make a Lite version with less features and a Pro with more features. But I am personally do not believe/like this approach. A good software has exactly such number of features that it has to have. No more, no less.
Day 15: Password Manager application for Android – Card details
So, I am done with the Card list and already started the Card details view, where users can see details of a single card. But what is a card or a record in a password manager application? I decided that each card will have the following attributes:
A Title that is displayed in the Card list view (e.g. “Gmail account”). It cannot be blank.
A Symbol that is also displayed in the Card list.
A Color that is used as a symbol background in the Card list and as a whole card background in the Card details view.
A number of Fields. Each field contains of a name and a value.
Day 16: Password Manager application for Android – Card actions
What actions a user might need in the Card details view?
First – view card details, but some details like passwords are hidden by default for a better security. To show them a user can press the “eye” icon at the Action bar (bottom-left corner) or press a hidden password itself.
A user can also interact with phones, emails, URLs on a card. Or just copy a filed’s text. A click on a field brings the popup menu that gives him these options.
And finally, a long press on Notes allows to select and copy text.
Day 19: Password Manager application for Android – Easy moving
Today, I spent about 5 hours moving from WordPress platform to Google Blogger. I copied all the old posts and images manually – one by one. I tried to keep the old links working, but failed – they all are broken now. Nevertheless it was a good experience.
Users of different password manager applications have the same problems, when they are moving from one app to another. Sometimes it is easier for a user to keep using an old crappy app and avoid retyping all passwords manually into a new shiny app. That’s why it is so important for Safe In Cloud having automatic wizards for importing data from other password managers. And I am planning to spend a lot of efforts in this area.
Day 20: Password Manager application for Android – Card editing
It is time to edit cards. I took two Android Ice Cream Sandwich built-in apps as examples: People and Calendar. And I tried to have the similar look-and-feel and user experience. Here is what I've got:
Pressing on a symbol pops a menu to select a symbol itself or its color:
Day 21: Password Manager application for Android – Card editing, part 2
Fields is the most important part of a card. What operations do users need for fields?
Add a new field - Yes
Delete an existing field - Yes
Modify existing field properties (Name, Type) - probably No (very rare)
Reorder fields - the same, probably No
So, I decided to implement the first two actions, but skip the last two for a cleaner and simpler user interface.
Pressing the Add another field button brings a popup with field types. These types determine the type of online keyboard used for a field editing (text, numeric, or optimized for specific data).
Then the Add Field dialog appears, where a user can enter a field name and a field value.
There are cross icons next to each field. Pressing such icon brings a confirmation popup (instead of the standard modal confirmation message box). This approach is more easier and faster for a user, because his finger already in a right place. I got it from Android ICS Gallery app (image deletion).
Day 25: Password Manager application for Android – Localizations
You cannot overestimate the importance of localizations. People speak many languages and most of them prefer using apps on their native language. So, it is very important to localize Safe In Cloud for its adoption outside US and UK.
Here is my current priority list for localizations:
Asia: Korean, Chinese (simplified + traditional), Japanese
Others: Eastern Europe languages, Hindi
So, my idea is
Start with a minmal set of localizations (English, Dutch).
Then consistently add localizations one by one.
The main question is how to do these localizations. There are different ways:
Order from some big localization company (e.g. Lionbridge). The cons: expensive, slow (as any big company), no knowledge of Android specifics. The pros: some quality guarantee.
Look for freelance translators on the numerous sites on the Internet. The pros: cheap. The cons: questionable quality and management time required for working with each of freelancers.
Ask users and beta testers for help with translations. The pros: knowledge of Android specifics and the application itself. The cons: also management time.
I think I will try all the above ways, but I prefer the last one. Users are the best translators. So, the question is how to organize the localization process with minimum hassle for a user. I am going to use the Google's Translator Toolkit - the online localization tool based on Google Translate.
Day 27: Password Manager application for Android – Encryption
Safe In Cloud uses 256-bit Advanced Encryption Standard. This is the algorithm widely used by the US government and also worldwide. But even using the strongest algorithm can result in a weak security if you do not know how to use it properly. I spent quite a long time on this matter and finally decided to copy-paste the approach used in Android backup system.
Here is the short description of how it works for those geeks who know words like salt, IV, rounds, secret key...
Input the password form a user.
Generate the random user salt (512 bits). Save it. Here and later 'save' means save openly along with encrypted data and use later for decryption.
Calc (PBKDF2WithHmacSHA1) the user key from the user password and the user salt (256 bits, 10K rounds).
Generate the random master key (256 bits).
Generate the random check sum salt (512 bits). Save it.
Calc (PBKDF2WithHmacSHA1) the check sum (hash) from the master key and the check sum salt (256 bits, 10K rounds).
Create a cipher (AES/CBC/PKCS5Padding) and init with the user key (the user cipher). The user cipher's initialization vector (IV) is generated. Save it.
Create a cipher (AES/CBC/PKCS5Padding) and init with the master key (the master cipher). The master cipher's initialization vector (IV) is generated.
Take the master cipher's IV + the master key + the check sum of the master key (the master key blob). Encrypt altogether using the user cipher and save it.
Now encrypt any user data using the master cipher and save it.
Decryption (opposite to encryption):
Input the password form a user.
Read the user salt.
Read the check sum salt.
Calc the user key from the user password and the user salt.
Read the user cipher's IV.
Create the user cipher and init it with the user key and the user cipher's IV.
Read the master key blob and decrypt it with the user chiper.
Calc the check sum from the decrypted master key and the check sum salt that we red at step 3.
Compare the calculated check sum and the decrypted one. Should be the same if the user password is correct.
Create the master cipher and init it with the master key and the decrypted master cipher's IV.
Read user data and decrypt it with the master cipher.
Day 28: Password Manager application for Android – Ice Cream Sandwich is coming, still
Today Google updated the Platform Versions figures. Ice Cream Sandwich devices almost doubled since March 5. It was 1.6%. Now it is 2.9%.
I expect that ICS market share will grow much faster in coming weeks. New ICS devices are coming: Samsung Galaxy III, HTC One X/V/S, Sony Xperia and other. Also ICS updates continue to rolling out for the existing devices.
Day 29: Password Manager application for Android – Encryption & Login screen
Originally I designed Login screen without a confirmation button. I thought that evaluating a password on the fly is better for user experience.
Today I realized that this approach will not work due to the decryption slowness. The decryption process described above takes 3.6 seconds on my Galaxy Nexus. And 99% of this time is taken by the password verification part (steps 1-9). So, I added the OK button that fires the password validation.
PS. I also managed to to optimize the algorithm from 3.6 to 1.8 seconds by reducing the check sum generation rounds from 10000 to 1000. This has no impact on security, but saves 50% of time.
Password Manager application for Android ICS is done in 30 days
30 days ago I started developing a Password Manager application for Android Ice Cream Sandwich. This application should have a user interface that
Has a native ICS look and feel;
Follows ICS design patterns;
Is simple to use, yet feature complete.
I managed to accomplish this task and now have the app with the following functions:
Create a database and set a password.
Perform login with password validation.
Store data using 256-bit Advanced Encryption Standard.
Create cards based on pre-designed and custom templates.
Organize cards using labels.
Search through cards.
Edit cards including their title, symbol, color and fields.
Automatically lock the app after a predefined idle time and in the background.
Prevent a password cracking with an alarm and self-erase features.
I didn't have time to implement cloud synchronization though. This is my task for the next few weeks. Meantime I will start the beta testing. The first beta version will be available next Monday (April 9) here:
During this week I worked on Dropbox integration (I am planning to add Box and hopefully Google Drive support after that). I took more time than I expected and the beta v0.2 with Dropbox synchronization will be ready on the next week. Here are the screenshots:
The Dropbox synchronization is still in progress. Meanwhile I want to share some feedback I've got from a beta tester.
It was about a possibility to backup/restore Safe In Cloud database to/from an SD card, not a cloud. The reason is obvious - some people more care about their privacy and less trust to the Internet and clouds. Others prefer a comfort and simplicity of a cloud synchronization. So, we should respect all of them as far as it does not make the app less clean and usable.
So, I am planning to add this feature in the future updates (not in the first release). It will be an additional item in Settings: SD Backup/Restore.
The backup action asks a name for a backup file (with a suggestion like "SafeInCloud_DD-MM-YYY.db") and stores it to an SD card.
The restore is more complex. I don't want to make a user browsing for a file through a folder tree. I think it will be just a list of backup files. The app will automatically scan an entire SD card and show only suitable files to a user.
Safe In Cloud Beta testing: Closed testing of Dropbox synchronization
The Dropbox synchronization is almost ready and I need 5 beta testers for it. This is due to the Dropbox usage policy. Currently Safe In Cloud is in the Development status (as a Dropbox app). After a quick closed beta testing I will apply for the Production status and then everyone will be able to test.
At the first start Safe In Cloud app creates a local database on your phone. Then you fill this database by creating cards, templates and labels. After setting the cloud synchronization, Safe In Cloud uploads the local database file to the cloud. In case of Dropbox the following file is created: Dropbox/Apps/Safe In Cloud/SafeInCloud.db. This is the cloud database.
The primary use case for the cloud database is restoring data. For example, you bought a new phone. To get your passwords on the phone you just need to install Safe In Cloud app and select Restore database from a cloud in the setup wizard. The cloud database will be downloaded to the phone and you are ready to go.
What about changes you make in Safe In Cloud app on the phone? They are immediately saved to the local database, but not to the cloud database. The changes are pushed to the local database at specific moments:
When you switch to another app and bring Safe In Cloud app to the background
When you unlock Safe In Cloud app
The synchronization was designed to work with multiple devices. For example, you can have a phone and a tablet. You add a card on the phone. Then this card is pushed to the cloud database. And then the card is pushed from the cloud database to the tablet. It is important to remember that each push happens only at the moments listed above, not immediately.
The application's rating and reviews in Google Play Store are very important for the app sales. So, it is a common practice nowadays to ask users for rating from inside the app. This works, but it might also annoy users.
So, lets see at the wrong way of implementing this:
A user starts the app.
The app shows a modal dialog that asks for rating.
In the worst case a user even cannot cancel the dialog.
Such implementation interrupts a user from his current task and force to do something else. Not good!
The right way:
A user starts the app.
A small note appears on the bottom of the screen. With a short and clear text and the RATE button.
A user can press the button and rate the app.
Or he can ignore the note and do his task. In this case the note automatically disappears.
It is even better to show the note with some interval (e.g. once a day or two), but not at every app start.
The similar notes are used in the Gmail app for rolling back user actions.
The expected result: the app thumbnail is a steel rectangle.
It appeared that the fix works on Android 3.2 and Android 4.0 - 4.0.2. Unfortunately, it does not work on Android 4.0.3 - 4.0.4. It seems something was broken inside Android 4.0.3 and an application cannot control its own thumbnail in the system task switcher anymore (a bad optimization?).
The authorization dialog will ask for Google Documents access permission, not for Google Drive access. This is due to the fact, that the current Google Drive API is intended for web application only. So, Google advises to use Google Documents API that also allows to access Google Drive files.
The database file name is SafeInCloud.db and it is located in the root of Google Drive.
In the next few days I will add Box synchronization support.
I am also planning to write an overview about my developer's experience with all 3 clouds: Dropbox vs Google Drive vs Box.