How to use Kitestrings
Creating your first Folder
When you sign up for Kitestrings as a new user, you’ll be walked through creating your first folder. If you skip that process, or if you come to Kitestrings via an invitation to collaborate, you will want to start your experience by creating a folder to store your password account records.
Typically, folders are groupings of related password accounts. For example, your business’s website probably has several accounts that you need to know about in order for it to run: a domain registrar, a hosting company, FTP, a content management system administrator’s account, and so on. We might call that folder “Acme Widgets Website,” and then store the password accounts related to the website in that folder.
You could likewise store personal accounts that you need for your family, like your WiFi network and password, utility accounts, and so on, and call it “Household Accounts.”
Click the box labeled “New Folder” in the upper left (desktop) or top of the screen (mobile).
Give your folder a name, and save it. You can rename your folder later, so don’t stress about this part. I’m calling mine “Acme Widgets.”
Creating Password Accounts
Once you’ve created your folder, it’s time to put stuff in it. Folders can currently store an unlimited number of password accounts (this may change in the future).
Inside your folder, click the button labeled “+ Add password account.”
In the form that comes up, you can give your account a name (e.g. “website hosting” or “employee portal login”), and select a password type. There are several common password types that get used a lot, so we’ve built some templates to help you out, and give you some extra functionality. I’m adding my website host’s information, and put the hosting company’s name in parenthesis for easy identification. You don’t have to do this, but it can be helpful when you come back later. Then I’ve selected Web Hosting from the Password Type pulldown menu. Password Types give some added functionality, letting us set up the proper form fields for you in advance. We’ll be adding more functionality to certain password types down the road, including adding more types as we see how people are using the system.
If none of those Password Types apply, choose “Basic Username & Password.” Then click “Next step: add credentials”
Adding your Credentials
Your next step is to add your credentials – typically your username and password. Depending on the password type you selected, you’ll see two or more fields to fill in. The most common fields are username and password, but you can also add in URL fields to many password types, letting you click straight to a website if applicable. Then click Save. You’ll see in our example that I’ve added a (fake) username and password, as well as the URL for the web hosting control panel. The little icon next to the URL field will take you directly to that URL when you click it. The clipboard icon copies the content of the field, which you can then paste into the fields on the website you’re visiting.
You can create as many folders as you want for yourself for free, but of course the main feature of Kitestrings is the ability to securely share your password accounts. Before sharing passwords, you need to “add time” to the folder. This is how long the folder is shareable. Do this by clicking the “Enable password sharing” button and pay for your folder.
Once you’ve added time to the folder, you can add Collaborators. Collaborators can be added folder-wide, or just to specific password accounts. If you add a Collaborator to a folder, they will be able to see all of the password accounts in the folder. If you add a Collaborator to a specific password account, they will be able to see that password account.
Add a Collaborator by entering the email address of the person you’d like to collaborate with. Either do this at the folder level
…or do it at the password account level
If that email is already in our system, that person will automatically be added as a collaborator. If they’re not in the system yet, you’ll be prompted to enter their name. They’ll then receive a notification via email that you’ve shared your folder or password account with them. The folder will automatically appear in their dashboard the next time they log in, with whatever passwords you’ve shared with them.
Revoking Access to Collaborators
Sometimes people leave the team. This might be on good terms, or it might not. Either way, the person who is no longer on the team had access to one or more sensitive accounts. Even if no ill will is intended, your former team member may accidentally give up the passwords to your accounts if they lose their computer, get infected with malware, or leave that spiral notebook sitting on the table at the cafe they were working from (true story, we’ve heard it happen).
When a team member leaves, it’s important for you to revoke their access. Kitestrings lets you do this easily. You can click on the Contacts tab and find the team member’s name, then see all of the folders you collaborate with them on. You can revoke their access to any folder that you own or are an administrator on.
Revoking someone’s access on Kitestrings DOES NOT keep them from logging into those accounts. All it does is make them no longer collaborators on those folders. You still need to take further action to secure your accounts. Once you’ve revoked access to someone, you’ll see that all the passwords they had access to will be flagged in the Kitestrings interface. This is a reminder to you to log into those accounts and change the passwords. You have to do this manually. Yes, it’s time consuming. Yes, you need to do it to maintain the security of your accounts.
Once you’ve changed the passwords in the accounts, go back into Kitestrings and update the password there. The flag will be cleared, and your collaborators will be able to get the new password from Kitestrings the next time they log in.
Collaborators can have three levels of privileges: read, write or admin.
Read enables the Collaborator to read the passwords you’ve shared with them, but not edit or share them.
Write allows users to edit the password accounts you’ve shared with them, and if they have write on a folder, to create new password accounts.
Admin allows users to add further collaborators, delete password accounts and revoke other users. As the owner, you can never have your access to a folder revoked.
Be aware: Read and Write don’t stop people from copying passwords and sending them outside of the system, they just don’t let people share within Kitestrings.
Folders running out of time
If a folder runs out of time, password sharing becomes disabled. Your Collaborators will still see the folder, but they will not be able to access the password accounts inside the folder. You’ll need to add more time to re-enable sharing.
Transferring Ownership of Folders
Sometimes you may need to transfer the ownership of a folder to someone else. This can happen for a number of reasons – if the owner leaves an organization and passes the accounts to their successor, or if a service provider sets up a folder for someone else. Transferring a folder is a 4 step process that uses multiple validation points to maintain the security of your account.
Click Transfer in the upper middle navigation bar.
Enter the email of the person you wish to transfer the folder to – double check the email! You’re sending your passwords!
The recipient receives an email notifying them of the transfer. They click the link in the email to accept the folder transfer.
You then receive a notice that they have accepted the transfer. You must verify the transfer to complete it. This extra step is for your security. We strongly recommend that you contact the new owner by phone, email, or other channel so that you can verify that it was actually the intended person that received the transfer. This is for your security – once you’ve transferred ownership of a folder, the new owner has all of the passwords in the folder and can revoke your access. BE SURE THAT THIS IS THE CORRECT PERSON. Unless they are already a Collaborator, they cannot see folder until you verify the transfer.
Flagging Passwords for Reset
One of the key features of Kitestrings is making sure you know what passwords need to be reset, and when you need to do it. Password flagging happens in two ways: when a team member’s access is revoked, or based on standard timer.
When ever a collaborator’s access is revoked on a folder or password account, all the passwords they previously had access to get flagged for reset. This is a reminder to the administrator or owner to change those passwords. You’ll know a password needs to be changed if you see a little flag icon appear on the upper right corner of a folder or password account. A folder with any number of passwords that are flagged for change will show that icon.
Once you’re inside the folder, only the passwords that need to be changed will show the icon.
Enabling Mutlifactor Authentication
Seeing Your Collaborators
There are two views to see your collaborators – the Contacts tab in the top menu, and a list of collaborators in each folder and password account.
Clicking on the Contacts menu item will take you to a list of all of your Collaborators.
From there, you can click on their names to see exactly what passwords they have access to. You can modify their privileges or revoke access from this screen.
You can also click through to the folders and password accounts they’re shared to.
You can see your collaborators at the top of each folder as well, and click their names to see what other folders and passwords they’re shared to, as well as changing their privilege settings.
Integrating with other password managers
1Password and LastPass coming soon
What is Multifactor Authentication/2FA?
Multifactor Authentication (2FA) is a more modern approach to securing access to accounts. In addition to the traditional username/password combination that you’re probably used to, an additional piece of information is included in the mix. This can take a number of forms – it could be the device ID of your phone, a fingerprint scan, or a one-use code sent to your email or phone.
There are pros and cons to the different types of 2FA. A fingerprint, for example, seems very secure until you realize that it’s a piece of data that can be copied, but can’t be changed. It works well in situations where it’s possible to verify that it’s actually your finger being scanned, but not so well if there’s nothing to verify it. Imagine a hacker plugging in a device that just sends a message to the scanner that is the same as a fingerprint scan. This can be done over the internet, but not so much right in front of a security guard. So using a fingerprint for security over the internet isn’t really great.
The type of 2FA we use on Kitestrings is a one-use, time based authentication “token” (just a fancy word for a code) delivered to your phone via an app called Authy.
Why use Authy?
Authy is a robust authentication system that’s purpose built for 2FA in the same way that Kitestrings is made for password sharing. The access code token changes every 20 seconds, so it’s practically impossible to guess. This provides a few levels of security – in addition to gaining access to your password, a hacker trying to break into your account will also need to get into your phone or otherwise access your Authy account. We know that Authy takes security as seriously as we do. Having a third party who is just as bulletproof as Kitestrings means that a would be attacker needs to break not one, but TWO high security systems to gain access to your account.
Table of Contents
- Getting started
- Creating accounts
- Adding your credentials
- Adding collaborators
- Revoking access to collaborators
- Collaborator privileges
- Folders running out of time
- Advanced topics
- Transferring ownership of a folder
- Flagging passwords for reset
- Enabling mutlifactor authentication
- Seeing your collaborators
- Integrating with other password managers