Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Everything stored in your Keeper vault is known as a record. There are different types of records, including logins, credit cards, identities, secured notes, and software licenses, but you can create a simple record with any field, as well as add custom fields and attach files to other record types. Instead of tags or categories, Keeper lets you create folders, and you nest folders within each other.
You can share at a record or folder level. Record sharing speaks for itself, but folder sharing is interesting. Instead of sharing an entire vault, as you would have to with a service like Proton Pass, you can create a shared folder with a permission structure similar to Google Drive. You can set your records to view-only, give shared users editing access, and even allow users to add and manage other users.
These sharing settings are not strictly global. You can set up a view-only shared folder, but give certain users the ability to manage users and/or records, and you can change the permissions of individual records within that folder. Some records can be unlocked for viewing only, others for editing.
You can share individual records in a number of ways. You can share them permanently, but you can also create one-time share links for non-Keeper users. Access is limited to one device via that link. If you need something more temporary, you can create a self-destructing record, which will be shared and then deleted as soon as the record is opened.
keeper’s safety
Kipper uses a zero-knowledge, zero-trust security architecture. Each record you store in Keeper is individually encrypted with its own AES-256 key. These keys are then wrapped with another AES-256 key, derived from your master password. Even if someone could crack your AES-256 key—unlikely—it wouldn’t unlock your private records.
All encryption happens locally, so Keeper never sees your vault data and doesn’t have the key to decrypt it (read our Passkey explainer (to learn more about how public-key encryption and zero-knowledge models work). It gives you full end-to-end encryption and to further ensure nothing happens in transit, Keeper generates an additional AES-256 transmission key to protect data from man-in-the-middle attacks.
A zero-knowledge security architecture and several layers of encryption are expected from a password manager, but what stands out about Keeper is how transparent it is about its security architecture. Perhaps because of its enterprise focus, Keeper maintains extensive documentation How it works and the protections in place.
Keeper has many tools for operational security. Browser extensions, for example, have a clipboard expiration setting that defaults to 30 seconds. Anything you copy will be automatically cleared. There is also a warning that will automatically appear if you try to autofill in an HTTP address, blocking your credentials from traveling to an unsecured network.
Keeper’s enterprise focus works surprisingly well for personal use. The security architecture is top-notch, the apps are feature-packed, and the sharing capabilities are second to none. Where the keeper loses is the price. While it’s priced in line with the rest of the market for a single user, it’s a little high for a family plan. And other password managers with standard features like dark web monitoring, paid add-ons.
