I’ve been busy on the train, working on my biggest (certainly most complicated) app lately: Skeleton Key. And i’m almost finished, so I thought i’d share some thoughts on the process. Maybe it’ll be of help to someone out there.
So how does one come up with the idea for an app? Well, my most successful apps so far have all been ones that i have wanted to purchase myself, and found them to not exist yet. In this case, I wanted a password manager that would sync to dropbox. Now there are two main options out there, but one of them costs an absolute fortune (~$50 for desktop, ~$10 for ios version) and the other has a monthly fee, which i’m not keen on paying for eternity.
So that gave me the idea: surely there are at least a few people like me, who want to keep track of their passwords, but don’t want to pay through the nose for it, and can’t get open source software like KeePass to work. And so i decided to make what is now going to be called Skeleton Key.
It’ll be a reasonably priced password manager that syncs all your data to Dropbox, initially with an iOS client, and adding mac and windows clients later on if i see much interest in the app. I’m toying with the idea of open sourcing it, or at least the background syncing-to-Dropbox library that was the bulk of the complication.
Now, even though this is mainly a hobby for me, i’d like to make a bit of money from it. But how? I’m currently torn between two options: make it a purely paid app, or have it free and unlocked with an in-app-purchase to store, say, more than 5 passwords. Currently i’m going to go with the purely paid option, but if that proves difficult to market i’ll change to the IAP option.
Here’s how i do my planning. It’s rather ridiculous, but it works: I start off with a vague idea of how the app will come together. Any worries or questions i have (eg ‘how will syncing work’) are written down in a text editor, and added to as more things come up. When i’m on the train (or bus, nowadays) working on the app, some days i won’t make much progress at all, but i’ll ponder one of these difficult questions. Most of them in this app have revolved around how to do the encryption and syncing. Also other things, such as how to organise items into groups, how to structure the settings, these all pose difficult questions. So i simply write them down, and trust that the solutions will somehow come to me later.
Some of the most difficult questions for me were around syncing and encryption. For syncing, the problem is: i have a separate file for each item that you store, but these encrypted items depend upon the master passwords file, because if the master password changes the encrypted items become useless. Things such as what do you do when restoring a backup? (answer: delete everything off dropbox, clear the sync-status, restore, and re-sync from scratch). What about changing the password? (answer: clear dropbox, clear the sync status, change, re-sync, then recommend the user sync their other devices), etc.
As for encryption, I toyed with various options until a colleague recommended keeping it as ‘industry standard’ as possible. So i’m encrypting everything with AES256. The AES key will be derived from the master password using PBKDF2. To verify that you have indeed entered the correct password, i’m using bcrypt with a .1s work factor. And finally, if you insist on using a PIN, i’m storing the derived key (not the master password) in the user’s iPhone keychain, which is protected by the OS (although this isn’t 100% secure if you lose your phone).
So i can highly recommend this method of ‘write down all your hard problems’ because, almost by magic, solutions seem to come in due time.
I’m now at the point in the project where the end is in sight. It’s a bit of a worry, as seth godin writes: the resistance to shipping is strongest. Yesterday i noted that all my todo items in the code are now sorted out (or were only nice-to-have, and moved into the ‘version 2’ backlog). And so i read through my planning text file, sorting it out until i found that all my questions have been solved and i’m pretty much done! Completion sneaks up on you like this, i’ve found: working through the problems and todo items, and one day I notice that there simply aren’t any more. Ship it!
But this is where the fear comes: what have i missed? Will it work? It’s not ready! I’ve seen a lot of people get stuck here, with projects that are 90% complete, with only a little bit more work needed to finish them off. You’ve got to push through the fear, grit your teeth, give it a final polish, and get it out the door. Ship it!
So now i’m shipping it off to some friends who’ll test it for me. I’m also giving it to a designer to finish off the icon and launch screens. Once the testers are happy and the graphics are all done, i’ll be breathing a sigh of relief as I submit it to the app store. And hopefully you’ll then be able to download it from the app store a week or so later.
Thanks for reading! And if you want to get in touch, I'd love to hear from you: chris.hulbert at gmail.
(Comp Sci, Hons - UTS)
Software Developer (Freelancer / Contractor) in Australia.
I have worked at places such as Google, Cochlear, Assembly Payments, News Corp, Fox Sports, NineMSN, FetchTV, Coles, Woolworths, Trust Bank, and Westpac, among others. If you're looking for help developing an iOS app, drop me a line!
Get in touch:
[email protected]
github.com/chrishulbert
linkedin