How Kitestrings works
Kitestrings is a complete Secure Password Solution™. We provide security at every stage of a password’s lifecycle, from creation, to storage, sharing, and termination. Kitestrings not only stores passwords securely, but it also makes sharing a password extremely safe, unlike sending unencrypted passwords by email or text.
How we secure password information
Kitestrings’ security is ensured through a combination of proven processes and technologies. To store a password securely, you start by adding a new password account in Kitestrings. You can store a variety of data associated with the password account, typically a URL, username, and password. To save the data, it is transferred to Kitestrings’ Postgres servers with HTTPS protocol for encryption, just like when you pay with a credit card in an ecommerce transaction. It is then encoded with military grade AES 256 encryption and saved. When you access your password information, the data is decrypted and again transferred by HTTPS to your device.
What is password data protected against?
Kitestrings is hosted securely by the Heroku platform on the Amazon Web Services infrastructure, the same as Salesforce.com. Our code is written in Ruby using the Rails framework, a standard and modern secure codebase for web application development. We are constantly updating our code to mitigate against known penetration methods, including:
- Man in the Middle (MitM) attacks
- SQL injection attacks
- Session Hijacking
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Privilege Escalation
How secure sharing works
The act of sharing a password is really as simple as knowing the email address of the person with whom you want to share. We call these people Collaborators. Once you select a password to share, you’ll enter the email address of your new Collaborator, and then indicate whether they will be able to just get read access to the password, or be able to manage and delete it. The Collaborator will receive an email letting them know they have received an invitation to access the password and a link to sign up for a secure account. Only once they register as a secure user do they get access to the password inside Kitestrings, so nothing secure is ever sent by email. As the owner of a password, you can always change a fellow Collaborator’s permission level, or even revoke their permission to the password at any time.
Organizing password accounts
So, what if you have a whole set of passwords to share with the same Collaborator? Say, with a family member or a coworker?
In Kitestrings, not only can you securely share passwords, but you can also securely share groups of passwords called “folders.” Folders are an extremely flexible method of sorting passwords. Much like on a computer, folders allow you to organize password data in whatever way makes the most sense to you, your business, or your family.
For example, if you have multiple clients who have portfolios of passwords that you manage or access, the simplest way to organize them is to assign a folder to each client. Since you pay per folder for the ability to share, you can invite as many of your and your client’s staff to access the folder.
In the case of your family, you may choose to have one folder you share with your spouse, another with your spouse and kids, a third with your parents, a fourth with your in-laws, and have a fifth available to share your home wifi with guests.
And in any scenario, each user can have an unlimited number of non-shared folders to do with as you please!
Kitestrings comes with pre-formatted templates for different types of password accounts, from a simple website login, to an FTP account, WordPress website, or a database account.
Accessing data securely on multiple devices
Kitestrings is a responsive web app, so it is available on just about any modern device with a web browser and access to the internet. Plus, Kitestrings uses multi-factor authentication so you can rest assured that no one will be able to access your account on an unauthorized device.
How our pricing is set up to support client billing
Because Kitestrings bills you only for sharable folders, you can easily attribute the cost of a folder to individual clients. You can either make this expense part of the cost of onboarding a new client, or you can pass the cost along to them directly in your invoicing. And at an average of $5 per client folder per year, it’s a small price to pay for your clients’ password security.
We also offer multiple plans depending on how large your company is, how many clients you need to maintain, and how much you need to share, so we’ll always make password security as cost effective as possible.
Pro Tip #1
Does sorting all of your passwords seem like an impossible task? Just do it like a Kitestrings pro: one account at a time. Keep a tab with Kitestrings open in your browser. Every time you need to log into an account, record the login info in the Secure Password System. You’ll be surprised at how quickly everything gets sorted.