Keeper Security: Frequently Asked Questions

General Questions About Keeper

Who has access to passwords?

Keeper security uses what is called “zero trust.” This means that only the user has access to their passwords. For shared passwords, only the users who are given access to a specific folder can see the passwords in that folder.

There is a feature that allows you to move all of your users’ work passwords to another user after you remove a user’s account. So if someone leaves the company, we move their passwords to someone else after disabling their account so you don’t lose all the passwords. Other than that method, there is no way to see someone else’s passwords unless they decide to share them.

Can users safely share their passwords?

Yes. Individual passwords as well as folders can be shared among groups of users, making it easy to keep everyone’s password records up to date.

Why use a password manager?

Password Management is Critical to Your Cybersecurity Strategy

From generating strong passwords to monitoring the security score of your company, a world-class password manager is a powerful asset in defending your company against cybercriminals.

With Keeper Security, your company’s passwords can be centrally managed. Users can share passwords, create groups, and set up permissions on specific folders and records. We can also enforce security policies make each user’s password vault more secure.

Can we add temporary workers such as consultants and interns?

Licensing is monthly. So it’s easy to add temporary users so you can securely share passwords with them as necessary.

Once a temporary employee leaves and their Keeper account is disabled, we can move all their passwords to another account before permanently deleting the account so you don’t lose them.

Can we add remote workers?

Keeper is a perfect solution to the risks presented by remote work and especially “bring your own device” policies.

BYOD opens the door to security, administration and compliance issues. When employees use personal devices to log in to work accounts, they may store them in clear-text files or in browsers, making them easily hackable. They may even store them on paper where other people can access them.

Further, personal computers often have logout timers disabled, so an employee can easily step away and leave their passwords and other data exposed to anyone who walks by.

With Keeper, users can be configured to log in without being able to see the password they are using. So no one can ever copy down a password and use it to log in from an unauthorized device.

We can also exercise control over the vault logout timer to ensure that employees don’t leave their vault exposed if they step away from their personal computer. .

What if a user forgets their Keeper master password?

Keeper allows you to designate users to whom you can transfer an account if an employee leaves, changes a password, or forgets a password. As part of your initial setup, we will enable this feature before it’s needed, since the user has to approve of the transfer access.

What if I change my password, but later I realize I need to retrieve the old password?

When you change a password, Keeper saves the old version. You can easily look back at the old versions of any password that you changed since you started using Keeper.

Does Keeper include a random password generator?

Keeper will generate strong, random passwords and automatically fill them for users. This saves them time, frustration and eliminates the need for them to reuse and remember passwords.

What devices can we use Keeper on?

The Keeper vault is available to employees from any device and location. There are keeper extensions for all major browsers and apps for Android and Iphone.

Security Concerns

How secure is Keeper?

Keeper is a Zero-Knowledge solution. This means all encryption and decryption is done in the client’s device, and the data is encrypted both in-transit (TLS) and at rest on Keeper’s Infrastructure (AES-256). The plain-text version of the data is never viewable by Keeper Security employees nor any outside party.

In the extremely unlikely event Keeper was hacked, the attackers could only possibly access the worthless encrypted text.

Isn't it dangerous to have one master password for all my logins?

Each Keeper user is required to use 2-factor authentication; so even if a hacker got a Keeper password, they could not log in without that second authentication method.

In fact, a password manager make your logins safer: Since you don’t have to remember your passwords, a password manager makes it feasible to choose a unique and complex password for every login. (The password strength can be enforced as well.)

Can we prevent users from using Keeper outside of specific locations?

Yes. With Keeper Enterprise we can configure the password manager to restrict password access to certain IP addresses such as your company’s location and/or a VPN.

We can also enable password masking for all passwords or just for especially sensitive passwords, so you can restrict which users can see their passwords.

Ease of Use

What if a user already is using a password manager?

If you choose to deploy Keeper, you should require that all your users employ it as their only password manager for company-related logins. This will ensure that your company’s passwords are properly protected.

There is an import feature to make it easy to move passwords from another password manager to Keeper if necessary.

In addition to a company vault, Keeper supplies each user with a personal vault for their personal passwords at no extra charge. The user remains in control of their personal vault.

How long does it take for our users to set up Keeper?

It only takes a few minutes for each user to get started. Once we set up your company’s account with the proper security policies to secure your data, we will send an email invitation to each user. The email will include instructions to set up their Keeper password and download the apps (web browser extensions and, if they like, mobile and desktop apps). It only take a few minutes for each user and we can help them if they need assistance.