Keeper Review 2024: Is This Password Manager Safe?
Reading time:
Updated on Mar 20, 2024
-
![Enemali Okwoli]()
Written By Enemali Okwoli Cybersecurity & Tech Writer
Security
Keeper Has Excellent Security Features
Keeper operates a trustworthy security architecture. It incorporates a security framework based on zero-knowledge principles, employing encryption keys that are generated directly on your device. I was pleasantly surprised by its inclusion of an additional layer of security through features like biometric login and TOTP for multi-factor authentication. This ensures that the private information in my vault continues to stay safe and won’t fall into the wrong hands.
I like that Keeper is also security policy compliant. It has undergone third-party security audits, uses certified cryptography, and hosts your data with trusted cloud infrastructure providers. This assures me that my data is being protected with industry-standard security protocols. Therefore, my data remains safe from cybercriminals. Additionally, I was very impressed to find out that Keeper has partnered with BugCrowd to identify likely security vulnerabilities in its system. It works with a team of third-party security experts to identify and patch any potential security-associated risks.
Master Password and PBKDF2
I created a master password for all my data stored on Keeper. A master password is like a regular password, only that it is not stored on any password database and is known only by you. It is important to ensure that your password isn’t vulnerable to data breaches. Hence, you should create a really strong master password.
In addition to using a strong master password, I was impressed to see that Keeper encrypts your master password using PBKDF2-HMAC-SHA256. PBKDF2 is a key derivation function that converts your master password to a 256-bit encryption key with 100,000 iterations, a way of hashing your master password multiple times. This way, even if a hacker gets hold of this encryption key, it will be impossible to restore it to your raw master password.
AES 256-Bit Encryption
Keeper uses industry-standard AES 256-Bit encryption and keys are generated locally on my device, securing all my passwords and sensitive data. Since encryption occurs at the device level, not even Keeper engineers can decrypt the data in my vault. Financial institutions and military organizations trust AES encryption to keep sensitive data safe. With this, I don’t have to worry about hackers or cybercriminals stealing my passwords in my vault.
Multi-Factor Authentication
I was pleased to see that Keeper offers different layers of security features. It supports multi-factor authentication options like two-factor authentication (2FA) using Google and Microsoft Authenticator. You can also use hardware security keys such as YubiKey, biometric login (FaceID, Touch ID, and Fingerprint), Keeper DNA (Apple Watch), Windows Hello, and SMS. I wouldn’t recommend using SMS authentication, however, because it is vulnerable to SIM swap scams. This scam occurs when a hacker steals your phone number and uses it to get your SMS OTPs.
Whichever method you choose, the setup process is seamless. Linking Keeper with my Google Authenticator app was easy. On my dashboard, I navigated to “Settings”, “Security”, “Two-Factor Authenticator” and toggled the “Google and Microsoft Authenticator” button on. After that, I scanned the QR code on the desktop app and was instantly connected.
Keeper DNA is another cool 2FA feature. It uses secure tokens stored in the Keeper Vault to generate time-based login access codes that work with smart wearables. You can use it to approve authentication requests with a tap on your smartwatch (Apple Watch or Android Wear device) or when you manually enter the code on your device.
I like that Keeper has a backup method when you set up 2FA. When I set it up with Google Authenticator, 8 backup codes were generated on the Keeper app for my safekeeping. These codes can be used to log in to my account if I lose access to my phone and I’m unable to access my Authenticator app.
Secure Network Architecture
I was happy to find out that Keeper uses a secure cloud infrastructure to host its customers’ data. It uses Amazon AWS cloud infrastructure to ensure that your data is hosted in a safe storage environment. The servers are protected by an API that authenticates requests from your device using an authentication key derived from your master password, PBKDF2-HMAC-SHA256, and a random salt. This means that the server has to confirm that it is actually you that is requesting data before it is decrypted and sent to your device.
The generated access tokens are generated every 30 minutes to ensure that hackers cannot hijack the information on the server. This is in addition to the strong encryption that hashes your vault data locally from your device. Keeper also uses Transport Layer Security (TLS) to encrypt and ensure that your data in transport from your device to Keeper’s cloud servers aren’t accessible to cybercriminals.
Privacy — Zero-Knowledge and Zero-Trust
Keeper (also known as Keeper Security) is a privacy-friendly password manager. It is designed as a zero-knowledge and zero-trust solution. Zero-knowledge means that no one, including Keeper’s employees, can access your data or decrypt it. Similarly, I liked Keeper’s zero-trust system. It is a system designed to authenticate every user and device before granting access to its apps and websites. This way, compromised accounts or devices are detected and blocked.
I was happy to learn that Keeper has also undergone several security audits to ensure compliance with strict privacy measures. It is GDPR and US-EU Privacy Shield compliant, and as such, Keeper treats the personal data of all customers as confidential information. It also mandates Keeper to notify you of any data breach involving you. I was impressed to see that Keeper is one of the few password managers ISO 27001 compliant. ISO 27001 is an international standard that sets the bedrock for information security management systems, including managing the data in your digital vault.
Keeper is also SOC 2 Type 2 certified. This means employing standard data management practices per AICPA to ensure that your vault data is kept secure. To top it off, Keeper partnered with BugCrowd’s vulnerability disclosure program to identify security issues that the community could discover.
Features
Multiple Features to Keep Passwords Safe
Keeper offers a wide range of features for managing passwords. It allows users to create encrypted vaults, generate passwords, autofill passwords across multiple websites, share passwords, and scan for data breaches. However, I didn’t like that some key features were only available as add-ons that required additional payment to use.
Encrypted Vaults
I kept passwords and other sensitive data safe in my Keeper vault. These vaults can be used to create and keep different records like passwords, logins, identity cards, credit/debit cards, addresses, passports, medical records, contacts, bank accounts, drivers’ licenses, birth certificates, photos, files, and notes. It also allows you to attach files and images to a login entry. This could be useful if you want to add an image of a map for directions to your address information.
You can also store database and server logins, SSH keys, software licenses, and other sensitive data. Keeper also allows you to create “shared folders” that host multiple logins and you can grant specific users access. Not many password managers allow you to share group logins on the personal plan. I was happy to see that Keeper, just like 1Password, supports this feature.
Password Generator
I created secure passwords from my dashboard effortlessly. You can create passwords from 8 to 100 characters long. A lengthy password proves particularly useful when creating secure passwords. I like how Keeper beats a lot of password managers by offering the option of creating longer passwords. It also allowed me to make my passwords more secure by including capital letters, numbers, and special characters.
However, it is difficult to find this feature within the app. I had to create a new login record and click on the cube-like icon to generate passwords. Unlike Keeper, Bitwarden and LastPass have a more user-friendly password generator.
Security Audits
Keeper’s password security auditing tool allows you to monitor your passwords for weaknesses and duplication. It helps you discover the passwords in your vault that are reused and weak.
The password auditing feature is very easy to use. I like how it also shows the strength of each password, the last time changes were made, and the overall rating of my password security. It allowed me to sort out my passwords by strength, weaknesses, and latest changes.
KeeperFill
Keeper has an autofill feature that provided me with a convenient way to log in to different accounts. I found KeeperFill pretty easy to use. If you already have a saved password for a website, it allows you to quickly autofill your login details.
If you don’t have a saved log in, KeeperFill will help you generate secure passwords and autofill your sign up. However, I discovered that if you already imported your passwords to Keeper before installing the KeeperFill browser extension, it won’t detect the saved logins. I would like to see Keeper fix this.
Password Sharing
Keeper supports seamless password sharing. You can easily share passwords from your saved logins and add an unlimited number of users. I shared my login for a streaming site with 3 other users during my tests.
After sharing the password, Keeper sent invites to the users I added. The only issue I had with this is that the recipients also need to have a Keeper account to use the shared passwords. Bitwarden’s Send Feature, on the other hand, does not need users to create an account for you to share passwords with them.
BreachWatch
BreachWatch is designed to monitor the dark web for compromised passwords. Hackers usually sell leaked passwords on the dark web, exposing the affected users to security risks. BreachWatch alerts you when your passwords are found for sale on the dark web so that you can make the necessary changes to secure your accounts.
BreachWatch is an add-on feature and costs an additional fee. Even though I signed up for Keeper’s 30-day free trial, it didn’t cover the BreachWatch feature. Most password managers offer a data breach monitor within the base subscription. For instance, Dashlane and 1Password offer a very good dark web monitor as part of the standard subscription.
Thrash Bin
Thrash bin is a unique Keeper feature that lets you restore deleted records. This feature is helpful to help you recover passwords if you mistakenly delete them. It helped me to restore my vault to previous points so that I could access my older records and passwords without the need to reset my password on a website. However, my issue with it is that it is a premium feature and doesn’t work with Keeper’s free trial plan.
KeeperChat
KeeperChat is an encrypted chat app like WhatsApp that allows you to chat with other users. KeeperChat supports biometric login (FaceID, Fingerprint, and TouchID) and Two-Factor authentication. It only took a few minutes to install and set up KeeperChat on my phone and PC. I didn’t need to sign up for a separate account as it worked with my existing Keeper account.
After signing up, it prompted me to invite my friends to create a Keeper account to join the chat. Because the pool of Keeper users is small compared to popular chat apps, I don’t think the app is particularly useful. Moreover, other popular messaging apps still provide secure and encrypted chats.
That said, KeeperChat has unique features that distinguish it from popular messaging apps. It allowed me to retract sent messages, set a self-destruct timer for a message (message will automatically be deleted after the specified time), and offer up to 50GB of storage. KeeperChat also notifies you when the person you’re chatting with takes a screenshot of the conversation, a nice feature to keep you alerted when someone screenshots your chats without your permission.
Overall, Keeper has great and unique features for seamless password management. Its password generator, security audits, and breach monitor are tools I find essential. I also like how simple it was to use KeepFill to autofill passwords for new and existing accounts. Keeper Enterprise users can use Single Sign-On for convenient log-in with existing providers such as Azure, ADFS, and Okta.
Additionally, Keeper has an “Emergency Access” feature that allows users to designate up to 5 Keeper users to access my vault and protect my digital legacy. I also like how Keeper’s Offline Mode allowed me to access my vault without an internet connection. However, I didn’t like that BreachWatch is an add-on feature that requires an additional subscription or that thrash bin requires a premium subscription outside the free trial.
Ease of Use
It was easy to install and set up Keeper. I created an account within minutes, downloaded the apps on my phone and PC, and signed into my account seamlessly. The Keeper app has an impressive interface that makes navigation and the entire user experience smooth.
The features on the apps are neatly arranged and categorized systematically. I found it easy to add passwords, autofill websites, and share my passwords with other users. I suggest creating a “Shared Folder” for sharing multiple records rather than individually sharing each password record.
You can also import passwords from your browsers (Chrome, Edge, IE, Firefox, Safari, and Opera) and other password managers like 1Password, Avast, KeePass, Dashlane, Bitwarden, LastPass, EnPass, RoboForm, MacPass, and others.
I like how Keeper has short instructions and steps on exporting your password from these sources and importing it to the Keeper app. To import my passwords, I simply navigated to the “Settings” tab and clicked on the “Import” button to get started. I could also export all the saved logins in my vault to use on any other platform.
Devices
Keeper works with popular devices and browsers. It has apps for macOS (10.11 and newer), Windows (10 and 11), Linux (Ubuntu, Debian, Linux Mint, Fedora, CentOS, Red Hat distributions), Android, and iOS devices. It has browser extensions for all the popular browsers like Chrome, Internet Explorer, Firefox, Edge, Opera, and Safari. I tested the Edge and Safari browser extensions, and they worked well for me. It allowed me to generate, store, and autofill fill passwords on different websites.
The mobile apps are pretty easy to use too. The user experience is similar for Android and iOS devices and is not much different from the Windows and Mac apps. You get all the features available on the desktop apps except for the “Import” password and “Emergency Access” tools.
Setting up Keeper Password Manager on Windows
Try Keeper risk-free for 30-days
- Sign up for the free trial on the Keeper’s website.
![Screenshot of Keeper's website]()
- Log in to your email and click on the link from Keeper Security to activate your account.
- Download the app for your device on Keeper’s website.
- Install the app and launch it.
- Enter your email address and master password to access your account.
![Adding records on the Keeper app]()
- Import your passwords or Click on “Create New” to add your passwords and other records.
Overall, Keeper’s apps are pretty easy to use. It is user-friendly, and the features are neatly arranged to make navigation easy. I’m glad that the Keeper mobile apps support biometric login (FaceID and FingerPrint), making it easy to sign in without entering my master password at all times.
Support
I was impressed to see that Keeper offers multiple support options. It has 24/7 live chat, email, and phone support. Keeper also offers a rich knowledge base. I tested the live chat support and was impressed with it. I didn’t have to wait more than a few seconds to get responses and the support agents were friendly, helpful, and answered all my questions satisfactorily.
Keeper’s email ticketing system was also effective. I got responses within a few hours (usually less than 2 hours), and the feedback was helpful, addressing all my questions professionally. You can also register for a free Q&A webinar to get answers to all your technical questions.
Keeper’s knowledge base has helpful tips that address questions about all its features. There are also video tutorials to help you navigate setting up the apps across all the supported devices. I found these videos and guides quite educational, and they made setting up Keeper very easy.
Pricing
Decent Plans for Core Features
Keeper has decent pricing for its core password management service. At Keeper, I provide a selection of plans designed to suit both individuals and businesses. If you’re an individual, you can choose between the Personal and Families plans, which are customized to address your unique requirements. For organizations, I offer a range of choices, including the Business, Enterprise, MSP, and Public Sector plans, guaranteeing that we fulfill the varied needs of different entities. Each plan has a password manager and a ‘plus bundle’ with add-on features for an additional cost.
The Personal plan (Keeper Unlimited) supports all the standard password management features like unlimited passwords, biometric login, password sharing, unlimited device syncing, and Emergency Access. Its plus bundle also provides additional value, allowing you to monitor the dark web for compromised accounts and get an additional 10GB of storage. Other password managers like Dashlane and 1Password allow you to monitor the dark web with the base subscription but you don’t get as much storage as Keeper offers.
I think the Keeper Families plan is the best value for money. In addition to having all the features of the personal plan, it gave me access to multiple vaults (up to 5) and 10GB of storage. Likewise, the plus bundle features a dark web breach watch and up to 100GB as an add-on, which was quite impressive. After deciding on the plan I wanted to go with, I was able to pay for my subscription with my PayPal account with the option to also pay with credit cards (Visa, Mastercard, Discover, and American Express).
Keeper Business is a plan designed for organizations. It supports all the features of the Keeper Families plan but with features geared to working with a large team such as activity reporting and team management tools. The Keeper Enterprise is similar to the Keeper Business plan but additionally supports email auto-provisioning, Command line, Developer APIs for password rotation, and backend integration.
Free Trial for 30 Days
Keeper has a 30-day free trial so you can test its password manager’s core features. While the basic features help securely store your passwords, some features aren’t available during the trial period. For instance, “Thrash bin” is a feature that would help you restore deleted records, but it’s an add-on feature that is not available on the free trial. Despite that, I like that Keeper converts your account to its free plan after the trial elapses and doesn’t automatically charge your account. It will still allow you to access and use your vault but only on one device.
Bottom Line
Keeper is a safe password manager for individuals and groups. It provides a secure environment to store and manage your passwords. I like how Keeper uses top-grade encryption and zero-knowledge security architecture to ensure that my vault data stays safe from hackers.
Other features like KeeperFill for auto-filling websites, Security Audits for alerts of weak passwords, and its password generator worked well for me. It allowed me to keep my passwords safe and share them securely. The apps were easy to use across different devices. However, I would prefer if Keeper makes some of its features like BreachWatch part of its core password management features instead of it as an add-on.
Try Keeper risk-free for 30-days
FAQs About Keeper Password Manager
Is Keeper Password Manager good?
Can I use Keeper Password Manager for free?
Is Keeper Password Manager really safe?
Is Keeper Password Manager worth the price?
