Browser Extension Version 17.7.0

Overview

Keeper Browser Extension version 17.7.0 introduces Quantum-resistant encryption / Post-Quantum ML-KEM (Kyber), support for SPA (single-page applications), TOTP Quick-Capture, and the ability to quickly add your current sites URL to a record.

Quantum‑Resistant Protection

We’ve upgraded the browser extension's method for establishing a secure connection with Keeper services, boosting its resilience against future quantum computing threats.

Keeper has adopted Quantum-Resistant Cryptography (QRC), specifically Kyber Hybrid Key Encapsulation Mechanisms (KEM), to secure the vault against emerging quantum computing threats like the "store-and-crack" attack. This hybrid approach combines traditional cryptography with quantum-resistant algorithms, ensuring protection for user authentication and encrypted data transmission within TLS.

Learn More about Quantum Resistant Cryptography

Key benefits include:

• Stronger protection for data sent between your browser and Keeper - The extension now uses an updated, industry‑recommended approach to establish the secure “session” used for encryption during communication.

• Helps defend against “capture now, crack later” risks - This upgrade is designed to keep encrypted traffic safer even if someone were to record it today and try to decrypt it in the future with quantum computers.

• No change to how you use the extension - There are no new steps, prompts, settings, or UI changes - everything works the same as before.

• Works across major browsers - Supported in Chromium-based browsers, Edge, Firefox, and Safari.

• All key features continue to work normally - This includes sign‑in, Cloud SSO, background sync/push updates, and record updates.

Support for SPA (Single-Page Application) Websites

Keeper’s browser extension now works seamlessly on modern “single-page” websites (like x.com), where pages change without fully reloading. When you sign in or change your password on these sites, you’ll still be prompted to save or update your login, and autofill will continue to work as expected without needing to refresh the page or manually copy information into your vault.

TOTP Quick-Capture

When a website displays a QR code during two-factor authentication (2FA) setup, you can now right-click on the QR code to open a menu and select Keeper > Scan 2FA Code to save it directly to the matching record in your vault, without navigating away or interrupting your setup flow.

Saving a QR code to a record is also faster than before without opening the record or entering edit mode. Simply hover to the right of a record name and click the options icon and select Scan 2FA Code.

Add Current Site to Selected Record

You can now quickly add the base URL of the site you're visiting to an existing record. The URL will be suggested under the "Additional URL" field, allowing easy linkage of multiple websites to a single record for autofill. To add the URL, edit the record from the browser extension menu.

For security reasons, if the origin domain is different than the record domain, users will receive a confirmation prompt.

Bug Fixes

• BE-6851: Remove BE prompt to store passkeys from the Keeper web vault.

• BE-7105: Improve messaging for opening/navigating form filler screen.

• BE-6302: Autofill is unintentionally populating the "email" attribute in the SSO configuration when a matching record is detected.

• BE-6303: Site specific anomaly in "auto-submit after autofill" functionality (itch.io).

• BE-6465: Site-specific detection performance issues with many inputs (BardTracker).

• BE-6854: Passkey created in web vault fails to work in KDE (no user notification).

• BE-6924: PIN generator fails to populate pin in Edit mode.

• BE-6985: Autofill populating incorrectly in Clickup and Docusign.

• BE-6993: Prompt to save not working Disney+, DockerHub, Bluesky, Hulu, Highmark, Principal Financial

• BE-6996: Error appears after using snapshot tool.

• BE-7053: Notes do not allow carriage returns when you type.

• BE-7077: Tooltip misalignment on autofill dialogue.

• BE-7078: Autofill dialogue briefly jumps around screen before stabilizing.

• BE-7083: Newly created vault records from BE should have "Autofill on Subsequent Pages" on by default.

• BE-7087: BE loops when push servers are down.

• BE-7096: Tailwind4 CSS breaks colors in BE (overrides custom placeholder colors in Tailwind 4).

• BE-7100: TOTP popup persists on a website where autofill was selected.

• BE-7103: Account Switching - Login email should appear case-insensitive (or at least not appear as two separate logins when typed in a different case).

• BE-7106: Keeper Locks and Form fill appear in Enterprise Console for the AU and GOV regions.

• BE-7114: PW Generator History - copying all text when password is revealed

• BE-7117: Bugcrowd ticket: BE and browser UI freeze from event flooding

• BE-7118: Keeper Extension Denial of Service via SSO Message Flooding

• BE-7123: BE draft update record lost when a new tab is opened (e.g. 2fa totp)

• BE-7129: Account Switching - accessibility multi-account list

• BE-7145: Autofill populating incorrectly in Gmail

• BE-7147: Top border cut off (passkey login dialog)

• BE-7155: Account Switching - Unable to log in to SSO account via Master Password method.

• BE-7163: Notes and Custom Fields not masked in FormFiller when role enforcement is enabled

• BE-7166: Enable Privacy Screen in teams won't turn off on the FormFiller

• BE-7168: Fixed autofill matching issue in Multi-tiered Domain Login. When multiple passwords exist for the same domain but different paths, partial path matches can appear before exact path matches, causing the wrong password to be suggested first.

• BE-7190: Edit mode for a password-less record should not generate a password

• BE-7191: 'New' missing from settings menu item for AI Autofill + remove 'new' from clipboard expiration setting'

• BE-7215: Whitelist auth.wetransfer.com/login for opacity: 0 exceptions

• BE-7220: Accessibility: Can't tab through Options menu