Portfolio / Pass Wizard Web App Pre-release Launch
  1. About Pass Wizard
  2. My role
  3. Picking up the pieces
  4. Problem
  5. Roadmap
  6. Solutions
  7. Impact
Pass Wizard Web App Pre-release Launch
B2BCredential management appWeb appMVP

About Pass Wizard

Pacific Software Publishing, Inc (PSPINC) is a Software Development From specializing in building and maintaining products for clients. As we developed and managed products for our clients, we handled a myriad of credentials on clients’ behalf — from testing accounts to server logins. Initially, the number of maintained credentials is limited and hence we simply keep a shared document and inform each other of any updates. However, as our business expanded, this approach quickly becomes unsustainable, causing concern on security and credential out-of-sync. Realizing the need for a more robust solution, we envisioned a tool that would centralize and secure credential management for our team. This vision led to the creation of Pass Wizard. Pass Wizard is a credential manager designed to store credentials securely and allow team members to access and share them with ease.

My role

I collaborated with a design manager, a project manager, and a developer on this project. My responsibilities included contributing to the product roadmap plan, experience and interface design, and front-end development.

Picking up the pieces

We conducted interviews with 7 people cross 3 teams to gain insights into their credential management process. We found that most people copy and paste the credentials from a shared document and then either save the credentials in browsers, store them in a local file, or hand-write them in a notebook.

Security breach

Shared documents has no encryption function on credentials, leaving them vulnerable to interception during transmission or access. Additionally, there is no audit trail, making it impossible to determine who has access to what credentials or when a credential is updated by whom. This lack of oversight also makes it challenging to detect any unauthorized access. The executive leadership aims to establish a centralized and secured method for managing credentials.

Security breach

Accessing credentials takes time

The shared document contains credentials for all teams and clients, including details only relevant to certain teams, leading to longer time and frustration when searching for credentials. People need a way to locate the credentials easily.

Accessing credentials takes time

Manually maintaining Credentials is frustrating

Local copy of credentials are manually updated and hence may not always contain the up-to-date credentials, leading to confusion and potential access problems when users inadvertently use outdated credentials. This impairs efficiency leading to frustration.

Accessing credentials takes time

Human errors happen

Credentials such as server information or SSH keys cannot be stored in the browser for autofill. Users need to manually enter these credentials, which is prone to typos, resulting in login failures and frustration.

Human errors happen

PSPINC needs a sustainable and reliable credential management method

Based on the discovery, 2 problem are formed:

  • How might we manage the credentials securely?
  • How might we easily access the credentials?

Roadmap

The design manager and I came up with features and defined the Minimum Viable Product (MVP) based on user values, teach feasibility, and project timeline.

Roadmap
Fig. 1 - Roadmap

Solutions

In the MVP, there are two roles: Admin User and member. The MVP includes only one Admin User, who can create an unlimited number of seats for employees assigned to the member role. Also, the MVP features three main pages: the Home Page, the Credential Authorizing Page, and the Members Page.

Home screen

Admin User's home screen
Fig. 1 - Admin User's home screen
Member's home screen
Fig. 2 - Member's home screen

Admin Users and Members will see different options due to different permission level. Admin Users can create, edit, and remove credentials from this page. Members, on the other hand, will only be able to view credentials that authorized to them.

Admin User has more options from the home page

Select credentials
Fig. 3 - Select one credentials
Select credentials
Fig. 4 - Select multiple credentials

When an Admin User wants to authorize members to access credentials, they can select the credentials, and the action buttons will slide in. To help the Admin User quickly completes authorization with multiple members, I designed a bulk option to grant or revoke credentials, helping to easily remove or share multiple credentials with members at once. When more than one credential is selected, the edit feature will be removed from the action buttons.

View credential details

Admin User views credential details
Fig. 5 - Admin User views credential details
Member views credential details
Fig. 6 - Member views credential details

Tapping a credential from the home page will display a popup with additional details about the credential. Similarly, Admin Users have additional Options than Members, including authorizing, editing, and removing credentials.

Authorization

Authorization
Fig. 7 - Authorize one credential
Authorize multiple credentials
Fig. 8 - Authorize multiple credentials

The bulk authorization feature allows the Admin User to share multiple credentials with multiple people at once. Authorizing or revoking credentials is simple, Admin User simply toggle the button to achieve this. When multiple credentials are selected, if the members have different authority on the selected credentials, it is indicated as "Mixed." The Admin User can then decide to authorize or revoke all selected credentials. If the Admin User doesn’t change it, it remains "Mixed" and retains the original authority for the credentials for that member.

Impact

  • Time to locate needed credential was reduced by 98%.
  • Incorrect credential sharing or use due to typos was eliminated.
BACK TO HOME

MORE CASE STUDIES

Click it Audio
Read More
FirstNet Push-to-Talk Mobile App Redesign
Read More