Sign up to save your podcasts
Or
Share Duck Tales: DuckDuckGo browser updates — custom themes and password manager (Ep.24)
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Duck Tales: DuckDuckGo browser updates — custom themes and password manager (Ep.24)
In this episode, Peter (Product), Stephen (Design) and Balint (Windows) discuss updates to our browsers, from the most popular custom themes, to why over 40% of our iOS users have made DuckDuckGo their system-wide password manager.
Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.
Peter: Hi, and welcome to DuckTales, where we go behind the scenes at DuckDuckGo and discuss the stories, the technology, and the people that help build privacy tools for everyone. In each episode, you’ll hear from DuckDuckGo employees about our vision, product updates, engineering, and more recently, approaches to AI as well. My name is Peter. I am on the product team at DuckDuckGo, often working on our browsers, which we’ll talk about today. And joined here today, I have my colleague Stephen.
Stephen: Steven, work on the product design team.
Peter: And Balint.
Balint: Hey, I’m on the Windows Developer Team.
Peter: Awesome, and today we’re going to talk a little bit about our browsers, as I mentioned. So many people don’t know we have browsers. They’ve come to know us through DuckDuckGo Private Search, which of course you can use in any browser. But we’ve for many years offered browsers on iOS and Android devices. And more recently, in the last few years, we’ve expanded that to Windows and Mac desktop computers as well. Our browsers are amongst the most popular in the market. For example, in the United States on iPhones, we are the most popular browser after Safari, which comes built in, and the Chrome browser, which of course many people have come to know over the years. So our browsers are used by lots of different people. When we started building our browsers and as we expanded our browsers to desktop computers, we started to prioritize the features and functionality in our browsers based on sort of two things. One, having privacy at their core. Of course, that’s our brand promise, and we want to deliver on that. But also, we wanted to make sure our browsers were easy to use replacements for the privacy invasive browsers that people have been using for many years. And so we prioritize a lot of features based on what would make it easier to use. We base it on people’s feedback, which we’ll talk about a little bit more. And often internally, we talk about focusing the features we build on the three Ds. We call that dependability, discoverability, and delight. The features should just work. It should be easy to find. And they should be delightful if we’re doing them right. So today, we’re going to talk about a couple different browser capabilities that fall into a few of these buckets that we thought would be interesting to share a little bit about. First, we’ll talk about custom theming. Stephen, do you want to tell us a little bit about that?
Stephen: Yeah, custom theming to me is pretty simple. It’s where you can go into your browser and just choose which color you want to use. It can be that green or blue or purple. I think we have a range of colors to pick from.
Peter: And why did we build custom theming?
Stephen: Originally, we didn’t plan to. We were going to try to keep it simple and just have a light and a dark mode. But we got into it we discovered that people really like to customize their UI. It’s just like a fun way to make browsing more fun and personalized. And they really like that. And it also can help you pick your browser out from other browsers. So it’s really also a functional improvement.
Peter: Do you want to give us a little bit of a demo on how that works?
Stephen: So we built two ways to get into this. If you’re on the new tab screen, you can open the customized sidebar and we have a theme picker up here with a few colors. You can pick gray or blue or green, purple. Lots of people love purple. And you can also change the theme from light to dark or just to use whatever the system decides. So we support all of these. And if you want, you can also change the new tab background screen to be separate from the rest. And we’ve spent quite a bit of time making sure that this works on all surfaces. So you can see it in the settings and the bookmarks in the history and elsewhere. Also, we have a neat little feature here where you can change the app icon and the dock to match the theme. So that’s a little more continuity and a little more fun added to the feature.
Peter: Stephen, were there any challenges in building this as we started to introduce it?
Stephen: Yeah, so like I said, we didn’t really have themes on the roadmap when we started. So we kind of had to go back and rethink the way we were styling things and build a whole theme system so that we could apply a bunch of different themes and make sure that it was, we could have more themes in the future. So now it’s all centralized and easy to work with. So we could probably add more or maybe even enable customization at some point, user customization.
Peter: And would you say, what’s the response been from our users so far?
Stephen: It’s been pretty positive so far. We got a lot of feedback saying, thank you for adding this. And it’s been pretty positive and monitoring people using it. It’s going up. So that’s good.
Peter: And you’re saying the certain colors were the most popular, I think you mentioned earlier.
Stephen: Yeah, so I think the most popular color is, let’s see, it’s sleet blue, I think. And then the second most popular color was violet. It’s kind of neck and neck there. Personally, desert is my favorite, but it was not the most popular.
Peter: Got it. Cool. Where are we going next with it?
Stephen: We’re looking into adding a dark mode for web pages that don’t have it, which is going to be pretty interesting. And like I said, we may, depending on if we get more feedback on how many themes we have, how many colors we ship with by default or expand that out to letting people choose their own colors.
Peter: Yeah, the dark mode for sites to use dark mode, that’s starting to roll out. We have that on mobile devices, on Android starting to roll out on iOS. And it’s something, as you said, we’re looking at on our desktop browser. So I think our users can look forward to that in the near future, which is awesome. Great. Let’s talk about password management next. Maybe Balint start with what is a password manager? Maybe people don’t realize that in their browsers they have typically password managers. Maybe just grab that at a high level first.
Balint: So the password manager is the thing that comes up when you go to a login screen and the browser offers you to fill your username and password automatically. And it’s a critical piece of feature because one of the most dangerous attack vectors used to be credential stuffing where an attacker got hold of your passwords from one site. And if you have been reusing the same password on other sites, they could just brute force. They could just try the same password with your username on other sites and usually get a hit. And the password manager is a perfect defense against this sort of attack because it takes the burden of having to memorize passwords off your back.
Peter: That makes sense. Yeah, I guess, you know, over the last 10 years, a lot of you hear a lot about third party password managers like 1Password or Bitwarden or LastPass and more people are using those. But I think it’s probably safe to say that most people use their browser as their password manager. Maybe they don’t even recognize that it is a password manager, but it is, as you’re describing overall. Why did we choose to sort of build it into the browser and start to build out a lot of those capabilities? Is it because that is the easiest way for people to protect themselves, as you’re describing?
Balint: I think it matches perfectly well with the 3Ds that we have. So it’s a core part of dependability. You want your online experience to just work, not have to memorize passwords and not have to think about where those passwords are stored. Of course, if you explicitly want to, you can use a password manager, but it is very nice to have a secure default built right into the browser. And we take care of the whole lifecycle. So when you register to a new site, our browsers will suggest secure passwords, which are randomly generated and long enough, take care of storing them, and if you turn on sync, can get your passwords synced across your different devices so you don’t have to re-enter them on every single device you have.
Peter: And we’ve had the core capabilities in our browser product for some time. What’s been the user response and maybe describe where we’re going with it next.
Balint: So we see on our anonymized dashboards that uptake for these password managers is very high and we keep adding new features. For example, recently over the past months, we have shipped a feature for Android and iOS devices where you can use DuckDuckGo’s password manager as the main system password manager and you can fill passwords in other applications from the DuckDuckGo database. And uptake for that feature has been phenomenal. We have almost half. So a bit more than 40% of our iOS users enabling us as their primary system-wide password manager. We have more cool features in the works. My personal favorite is something that is called TOTP. It is that six digit number you see on certain websites, which is used as a second factor authentication. This is something that many password managers already offer, but browsers don’t really tend to. We would be one of the first on the market to ship this. And it would present a second security layer that is much harder to phish, so much harder to steal than a conventional password.
Peter: And do you think we’ve hit challenges in building this along the way? And what are some of those challenges?
Balint: Certainly. So password management is all about security and figuring out a way that lets us store the information on the devices securely in a way that we can access them, but an attacker cannot access them. And we have been very proactive in using operating system level security features. For example, on Windows, we are storing them in a way that is secured by Windows Hello. So that is Windows’s own built-in encryption mechanism. So breaking our password manager is similar in difficulty to cracking Windows’s own encryption, which makes it a pretty hard target.
Peter: That makes sense. So when a user goes to access a stored password, that’s why the browser will cause Windows to trigger the Windows Hello authentication overall. Makes sense. And then you talked a lot about storing all these passwords. And, you know, as I mentioned earlier, a lot of people don’t know that we even offer browsers to start with. And so if they come to us and install our browser for the first time after many years of using another browser, presumably they’ll have a lot of passwords in that other browser that they need to get into our browser somehow. Maybe we can talk about that and how we’ve been iterating on the import capability, so a little bit.
Balint: Exactly. So we offer an import capability which you can do as part of onboarding. So when you first come to our browser, one of the onboarding steps is the offer to import your stuff, but you can also do it later on from main, from more tools and import on Windows. Similar logic is available on our other platforms as well. And one of the recent additions to this has been the so-called multi-import where you can very simply select not just one target or one source, but several of them, we can import directly from the most popular browsers on the market. And it’s been trimmed as well. So if everything goes well, it is just one or two clicks and you are done. We support importing passwords and also bookmarks. And this also sees pretty good uptake. So once we have updated the visuals for this multi-import, we have been seeing 13% more people choosing to import and over 70% more stuff getting imported, so 70% more passwords and bookmarks. And that is pretty good news because it reduces the friction. So when you come to DuckDuckGo, you don’t have to restart your digital life from scratch. Instead, you can continue from where you left off, except in a more private manner, of course.
Peter: That’s awesome. Yeah, my experience is, you know, over the years, people tend to often use more than one desktop browser, sometimes one for work, sometimes one for personal or for separation of different context. So the fact that we make it easy in one step to import from multiple at a time seems to be really beneficial and delightful to users overall. That’s great.
Balint: Yeah, and we are also innovating on our mobile platforms as well. So for example, we have been first to market with a feature that lets you import from mobile browsers directly. So not via a desktop browser that gets synced to your mobile version as well, but directly on the mobile browser itself. And we are planning to take care of the newly released iOS API, which will further streamline imports on the iOS platform.
Peter: That’s great. Yeah, we have that both on iOS where you can import from Safari and then we also have directly imported from the Google password manager on Android, which is great for people. Awesome. Well, thank you, Balint. Thank you, Stephen. I think as a summary, what I’ll say is if you are using our browsers or if you’re not and you choose to start to use them, we’d love to hear your feedback. We do very much listen to user feedback. There’s ways right in the product to send us feedback. You can fill out the form. We absolutely look at those, read those. If you go on our subreddit and discuss our browsers and capabilities there. We absolutely look at those threads and we take all of that as input to help make prioritization decisions about the features we’re building. So thank you very much and see you next time on DuckTales.
Balint: See you.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com
View all episodes
By DuckDuckGoIn this episode, Peter (Product), Stephen (Design) and Balint (Windows) discuss updates to our browsers, from the most popular custom themes, to why over 40% of our iOS users have made DuckDuckGo their system-wide password manager.
Disclaimers: (1) The audio, video (above), and transcript (below) are unedited and may contain minor inaccuracies or transcription errors. (2) This website is operated by Substack. This is their privacy policy.
Peter: Hi, and welcome to DuckTales, where we go behind the scenes at DuckDuckGo and discuss the stories, the technology, and the people that help build privacy tools for everyone. In each episode, you’ll hear from DuckDuckGo employees about our vision, product updates, engineering, and more recently, approaches to AI as well. My name is Peter. I am on the product team at DuckDuckGo, often working on our browsers, which we’ll talk about today. And joined here today, I have my colleague Stephen.
Stephen: Steven, work on the product design team.
Peter: And Balint.
Balint: Hey, I’m on the Windows Developer Team.
Peter: Awesome, and today we’re going to talk a little bit about our browsers, as I mentioned. So many people don’t know we have browsers. They’ve come to know us through DuckDuckGo Private Search, which of course you can use in any browser. But we’ve for many years offered browsers on iOS and Android devices. And more recently, in the last few years, we’ve expanded that to Windows and Mac desktop computers as well. Our browsers are amongst the most popular in the market. For example, in the United States on iPhones, we are the most popular browser after Safari, which comes built in, and the Chrome browser, which of course many people have come to know over the years. So our browsers are used by lots of different people. When we started building our browsers and as we expanded our browsers to desktop computers, we started to prioritize the features and functionality in our browsers based on sort of two things. One, having privacy at their core. Of course, that’s our brand promise, and we want to deliver on that. But also, we wanted to make sure our browsers were easy to use replacements for the privacy invasive browsers that people have been using for many years. And so we prioritize a lot of features based on what would make it easier to use. We base it on people’s feedback, which we’ll talk about a little bit more. And often internally, we talk about focusing the features we build on the three Ds. We call that dependability, discoverability, and delight. The features should just work. It should be easy to find. And they should be delightful if we’re doing them right. So today, we’re going to talk about a couple different browser capabilities that fall into a few of these buckets that we thought would be interesting to share a little bit about. First, we’ll talk about custom theming. Stephen, do you want to tell us a little bit about that?
Stephen: Yeah, custom theming to me is pretty simple. It’s where you can go into your browser and just choose which color you want to use. It can be that green or blue or purple. I think we have a range of colors to pick from.
Peter: And why did we build custom theming?
Stephen: Originally, we didn’t plan to. We were going to try to keep it simple and just have a light and a dark mode. But we got into it we discovered that people really like to customize their UI. It’s just like a fun way to make browsing more fun and personalized. And they really like that. And it also can help you pick your browser out from other browsers. So it’s really also a functional improvement.
Peter: Do you want to give us a little bit of a demo on how that works?
Stephen: So we built two ways to get into this. If you’re on the new tab screen, you can open the customized sidebar and we have a theme picker up here with a few colors. You can pick gray or blue or green, purple. Lots of people love purple. And you can also change the theme from light to dark or just to use whatever the system decides. So we support all of these. And if you want, you can also change the new tab background screen to be separate from the rest. And we’ve spent quite a bit of time making sure that this works on all surfaces. So you can see it in the settings and the bookmarks in the history and elsewhere. Also, we have a neat little feature here where you can change the app icon and the dock to match the theme. So that’s a little more continuity and a little more fun added to the feature.
Peter: Stephen, were there any challenges in building this as we started to introduce it?
Stephen: Yeah, so like I said, we didn’t really have themes on the roadmap when we started. So we kind of had to go back and rethink the way we were styling things and build a whole theme system so that we could apply a bunch of different themes and make sure that it was, we could have more themes in the future. So now it’s all centralized and easy to work with. So we could probably add more or maybe even enable customization at some point, user customization.
Peter: And would you say, what’s the response been from our users so far?
Stephen: It’s been pretty positive so far. We got a lot of feedback saying, thank you for adding this. And it’s been pretty positive and monitoring people using it. It’s going up. So that’s good.
Peter: And you’re saying the certain colors were the most popular, I think you mentioned earlier.
Stephen: Yeah, so I think the most popular color is, let’s see, it’s sleet blue, I think. And then the second most popular color was violet. It’s kind of neck and neck there. Personally, desert is my favorite, but it was not the most popular.
Peter: Got it. Cool. Where are we going next with it?
Stephen: We’re looking into adding a dark mode for web pages that don’t have it, which is going to be pretty interesting. And like I said, we may, depending on if we get more feedback on how many themes we have, how many colors we ship with by default or expand that out to letting people choose their own colors.
Peter: Yeah, the dark mode for sites to use dark mode, that’s starting to roll out. We have that on mobile devices, on Android starting to roll out on iOS. And it’s something, as you said, we’re looking at on our desktop browser. So I think our users can look forward to that in the near future, which is awesome. Great. Let’s talk about password management next. Maybe Balint start with what is a password manager? Maybe people don’t realize that in their browsers they have typically password managers. Maybe just grab that at a high level first.
Balint: So the password manager is the thing that comes up when you go to a login screen and the browser offers you to fill your username and password automatically. And it’s a critical piece of feature because one of the most dangerous attack vectors used to be credential stuffing where an attacker got hold of your passwords from one site. And if you have been reusing the same password on other sites, they could just brute force. They could just try the same password with your username on other sites and usually get a hit. And the password manager is a perfect defense against this sort of attack because it takes the burden of having to memorize passwords off your back.
Peter: That makes sense. Yeah, I guess, you know, over the last 10 years, a lot of you hear a lot about third party password managers like 1Password or Bitwarden or LastPass and more people are using those. But I think it’s probably safe to say that most people use their browser as their password manager. Maybe they don’t even recognize that it is a password manager, but it is, as you’re describing overall. Why did we choose to sort of build it into the browser and start to build out a lot of those capabilities? Is it because that is the easiest way for people to protect themselves, as you’re describing?
Balint: I think it matches perfectly well with the 3Ds that we have. So it’s a core part of dependability. You want your online experience to just work, not have to memorize passwords and not have to think about where those passwords are stored. Of course, if you explicitly want to, you can use a password manager, but it is very nice to have a secure default built right into the browser. And we take care of the whole lifecycle. So when you register to a new site, our browsers will suggest secure passwords, which are randomly generated and long enough, take care of storing them, and if you turn on sync, can get your passwords synced across your different devices so you don’t have to re-enter them on every single device you have.
Peter: And we’ve had the core capabilities in our browser product for some time. What’s been the user response and maybe describe where we’re going with it next.
Balint: So we see on our anonymized dashboards that uptake for these password managers is very high and we keep adding new features. For example, recently over the past months, we have shipped a feature for Android and iOS devices where you can use DuckDuckGo’s password manager as the main system password manager and you can fill passwords in other applications from the DuckDuckGo database. And uptake for that feature has been phenomenal. We have almost half. So a bit more than 40% of our iOS users enabling us as their primary system-wide password manager. We have more cool features in the works. My personal favorite is something that is called TOTP. It is that six digit number you see on certain websites, which is used as a second factor authentication. This is something that many password managers already offer, but browsers don’t really tend to. We would be one of the first on the market to ship this. And it would present a second security layer that is much harder to phish, so much harder to steal than a conventional password.
Peter: And do you think we’ve hit challenges in building this along the way? And what are some of those challenges?
Balint: Certainly. So password management is all about security and figuring out a way that lets us store the information on the devices securely in a way that we can access them, but an attacker cannot access them. And we have been very proactive in using operating system level security features. For example, on Windows, we are storing them in a way that is secured by Windows Hello. So that is Windows’s own built-in encryption mechanism. So breaking our password manager is similar in difficulty to cracking Windows’s own encryption, which makes it a pretty hard target.
Peter: That makes sense. So when a user goes to access a stored password, that’s why the browser will cause Windows to trigger the Windows Hello authentication overall. Makes sense. And then you talked a lot about storing all these passwords. And, you know, as I mentioned earlier, a lot of people don’t know that we even offer browsers to start with. And so if they come to us and install our browser for the first time after many years of using another browser, presumably they’ll have a lot of passwords in that other browser that they need to get into our browser somehow. Maybe we can talk about that and how we’ve been iterating on the import capability, so a little bit.
Balint: Exactly. So we offer an import capability which you can do as part of onboarding. So when you first come to our browser, one of the onboarding steps is the offer to import your stuff, but you can also do it later on from main, from more tools and import on Windows. Similar logic is available on our other platforms as well. And one of the recent additions to this has been the so-called multi-import where you can very simply select not just one target or one source, but several of them, we can import directly from the most popular browsers on the market. And it’s been trimmed as well. So if everything goes well, it is just one or two clicks and you are done. We support importing passwords and also bookmarks. And this also sees pretty good uptake. So once we have updated the visuals for this multi-import, we have been seeing 13% more people choosing to import and over 70% more stuff getting imported, so 70% more passwords and bookmarks. And that is pretty good news because it reduces the friction. So when you come to DuckDuckGo, you don’t have to restart your digital life from scratch. Instead, you can continue from where you left off, except in a more private manner, of course.
Peter: That’s awesome. Yeah, my experience is, you know, over the years, people tend to often use more than one desktop browser, sometimes one for work, sometimes one for personal or for separation of different context. So the fact that we make it easy in one step to import from multiple at a time seems to be really beneficial and delightful to users overall. That’s great.
Balint: Yeah, and we are also innovating on our mobile platforms as well. So for example, we have been first to market with a feature that lets you import from mobile browsers directly. So not via a desktop browser that gets synced to your mobile version as well, but directly on the mobile browser itself. And we are planning to take care of the newly released iOS API, which will further streamline imports on the iOS platform.
Peter: That’s great. Yeah, we have that both on iOS where you can import from Safari and then we also have directly imported from the Google password manager on Android, which is great for people. Awesome. Well, thank you, Balint. Thank you, Stephen. I think as a summary, what I’ll say is if you are using our browsers or if you’re not and you choose to start to use them, we’d love to hear your feedback. We do very much listen to user feedback. There’s ways right in the product to send us feedback. You can fill out the form. We absolutely look at those, read those. If you go on our subreddit and discuss our browsers and capabilities there. We absolutely look at those threads and we take all of that as input to help make prioritization decisions about the features we’re building. So thank you very much and see you next time on DuckTales.
Balint: See you.
This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit insideduckduckgo.substack.com