Security Audit
Password security strength reporting in the Admin Console
End-User Security Audit
In each end-user's vault, the Security Audit screen provides information about the password strength and password reuse taking place. The calculation of password strength and reuse is performed continuously from the user's Vault on all platforms including Keeper Desktop, Web Vault, iOS and Android devices.
Keeper's Password 'strength' is a calculated score based on the complexity of the password, with a score rating between 0 and 100 according to the below metrics:
Weak: < 40 Fair: 40-59 Medium: 60-79 Strong: >= 80
Admin Console Report
To preserve Zero Knowledge, the summary of each end-user Security Audit score is encrypted with the Enterprise Public Key, then stored encrypted in the Keeper Cloud.
When the Admin logs into the Admin Console, the Audit Data is decrypted locally on the Admin Console device and made available for administrators in an aggregated format from the Security Audit screen.
The Security Audit screen provides summary and user-level security score information that includes:
Overall Security Score
Record Password Strength
Unique Record Passwords
Use of Two-Factor Authentication
For more information on how these scores are calculated, visit the following:
Security Audit Score CalculationThe Security Audit screen contains a table that displays the record password strength, unique record password count, and 2FA status for all users across the enterprise.
The table is sorted by default on the users’ overall Security Audit score, showing users with the lowest Security Audit score first. You can reverse this sort order or sort instead on the user's name, password strength, resued passwords, or two-factor method.
Additionally, you can filter the table on the following fields:
Record Password Strength: Strong, Medium, Fair, or Weak
Unique Record Password: Resued or Unique
2FA: Text Message, Authenticator App (TOTP), Smartwatch (KeeperDNA), Security Keys, RSA SecurID, Duo Security, or No 2FA
Refreshing Security Audit Scores
Administrators can refresh the security scores on the UI without having to log out of the Console and log back in. The ability to refresh scores is useful when the admin is expecting users to log into their Vaults to have their latest security scores sync with the Console. When the user has logged into their Vault, the admin needs to simply click the Refresh Scores button to sync the latest scores to the Console.
Resetting Security Audit Scores
Administrators can reset security scores from the UI if the scores have gotten out-of-sync with user Vaults. The administrator can either reset scores for the entire enterprise using the Reset Scores button on the Security Audit screen or for specific users. Please note that only Root Admins can reset the Security Audit score.
The Reset Scores button on the Security Audit screen will reset scores for the entire enterprise. Once the scores are reset, users will need to log in to their Vaults for the scores to sync to the Admin Console due to the constraints of Keeper’s Zero Knowledge architecture.
Alternatively, the administrator can navigate to the User Details modal and select Reset Security Score under User Actions to reset individual users' Security Audit scores. As is the case with performing an enterprise-wise score reset, once the scores are reset, the user will need to log in to their Vault for the scores to sync to the Admin Console due to the constraints of Keeper’s Zero Knowledge architecture.
BreachWatch
In addition to Security Score, Keeper also provides a Dark Web scan summary of end-user passwords through the BreachWatch secure add-on.
BreachWatch alerts can be configured in the Advanced Reporting & Alerts module to alert users and Administrators when a password has been found on the dark web.
Commander CLI
The Keeper Commander CLI provides direct access to the audit data and event data, with other advanced capabilities. For more information, see the Keeper Commander reference guide and reporting commands.
Last updated