Vault
The Keeper Web Vault and Keeper Desktop App share a common codebase. Desktop app is deployed as an Electron application to Windows, Mac and Linux platforms.
Preview Release
Early access Preview (pre-release) Keeper Vault and Desktop app
When a major release is planned, Keeper publishes a Preview version of the Vault and Desktop app, documented below. The pre-release version is typically published 1 week before public release.
Web Vault Preview
US_GOV: (No US Gov preview available for Web Vault)
Desktop App Preview with Forcefield
Keeper Desktop is a native application for Windows, macOS and Linux platforms. On Windows devices, this is bundled with the Keeper Forcefield service.
Mac (.dmg) - Download
Mac (.pkg) - Download
Windows (.appx) - Download
Windows (.msix) - Download
Windows (.msi) - Download
Linux (.rpm) - Download
Linux (.deb) - Download
Standalone Forcefield Preview
Keeper Forcefield can also be deployed on a standalone basis, without the Keeper Desktop application. The URL and MSI installer for the Forcefield preview is available here:
https://download.keepersecurity.com/forcefield/preview/keeperforcefield.msi
Send feedback to: forcefield@keepersecurity.com
Vault Release 17.2
Released on May 18, 2025
Features
New Security Feature: Introducing Keeper Forcefield
Note: Release 17.2.1 was published to resolve Forcefield installation issues
BreachWatch Update: Enabled non-BreachWatch users to run a free scan, showing a “Records at Risk” count with a CTA to upgrade for details.
Secure File Storage: Added contextual product info in the Keeper Vault attachment workflow.
UI Enhancements: Updated in-app messaging for improved clarity and a modern look.
Security Fixes: Resolved various Security Audit issues, including translations and score parity between Vault & Console.
Support for JIT, Discovery and Endpoint capabilities.
Changes
VAUL-7342, KDE-1624: Keeper Forcefield
VAUL-7273: Renamed "Renewal Date" to "Expiration Date" for clarity in the Vault.
VAUL-6358: PLG feature enables non-BreachWatch users to run a free scan, showing a “Records at Risk” count with a CTA to upgrade for details.
VAUL-6374: “PLG” Added contextual upsell for Secure File Storage in the Keeper Vault attachment workflow.
VAUL-7309: Allowed non-owners to submit security data for shared records.
VAUL-6800: Fixed Vault to read security blobs and reuse existing scores.
VAUL-6472: Updated in-app pop-ups for clarity and a modern look.
Bug Fixes
VAUL-7310, VAUL-7329, VAUL-7338, VAUL-7339, VAUL-5258, VAUL-7350: We resolved a number of Security Audit issues relating to translations and score parity between Vault & Console.
VAUL-6091: Renamed "URL" to "Website Address" for V3, V2, and Custom Fields consistency.
VAUL-6036: Fixed issue where the Website Address field was incorrectly added as a custom field
VAUL-7347: Updated button shapes, enabled automatic BreachWatch scan on first login, and ensured the red dot appears on the BreachWatch badge for insecure records.
VAUL-7349: Fixed an issue where, after record creation or edit record action, KeeperFill displays a gray overlay.
VAUL-7352, VAUL-7353, VAUL-7354: Fixed multiple file attachment issues related to PLG.
KDE-1618: Fixed a desktop issue that allowed file uploads beyond the storage limit.
Vault Release 17.1.1
Released on March 12, 2025
Enhancements
VAUL-6349: Updated the Security Audit tab in Vault to ensure the overall Security Audit score matches the per-user score in the Admin Console, reducing confusion.
Other Updates
KDE-1534: Updated new installs to default to the native browser for SSO authentication instead of the app browser.
VAUL-7176: Fixed an issue where setting up a hardware security key required extra steps; the Vault now prioritizes it using the “hints” syntax.
VAUL-7262: PAM Updated router calls to use the /api/user path for commands.
Bug Fixes
KDE-1607, 1606, 1608, and 1619: The SSH Agent will scan General typed records for private key file attachments
KDE-1611: Fixed an issue where selecting Two-Factor Authentication triggered the Offline Access dialog.
VAUL-7094: Fixed an issue preventing master password login when session resumption and 2FA were enabled
VAUL-6787: Fixed an issue where the folder structure in Delete Items did not match the folder structure in Vault.
VAUL-6394: Fixed an issue where the Web Vault allowed uploads past the storage limit; users are now blocked when the limit is reached.
VAUL-6090: Fixed an issue where shortcut-linked records were not retained in shared folders after CSV export/import, preventing data loss.
VAUL-5989: Fixed an issue where the password font displayed incorrectly when Japanese was selected on Windows 10/11.
VAUL-6902: Fixed an issue where restoring a file attachment record caused repeated error messages and made attachments inaccessible in the Web Vault.
VAUL-7095: Fixed an issue where creating a new record with a file attachment showed an empty record state instead of the record details.
VAUL-7104: Fixed an issue where switching to Suomi/Svenska caused a Content Security Policy error in Stack.
VAUL-7102: Fixed an issue where importing from Proton Pass did not include login details.
VAUL-7109: Fixed an issue where "Share only in SF allowed" displayed the wrong modal in OTS.
VAUL-6826: Fixed an issue where V3 records generated an error when viewing or downloading attachments.
VAUL-7155: Fixed an issue where sharing a record to an account with an invalid email format failed silently instead of displaying an error message.
VAUL-7101: Fixed an issue where expired business admins were not redirected to checkout and received the wrong message.
VAUL-7184: Fixed an issue where failed invite attempts incorrectly showed a success message instead of an error.
VAUL-7216: Fixed an issue where Firefox always assumed a security key was inserted for 2FA, preventing access to alternative methods; a modal now informs the user.
VAUL-7219: PAM: Fixed an issue where the Gateway button was not visible despite the appropriate permissions being enabled.
VAUL-7264: Fixed an issue where the Save & Share button remained disabled after validation.
VAUL-7268: Fixed an issue where the Add button in the Shared Folder Share tab was enabled before entering an email.
VAUL-7300, 7306, 7303, 7310, 7315, 7313, 7314, 7316, 7317, and 7321: Fixed several Security Audit bugs.
Vault Release 17.1.0
Released on February 13, 2025
Get started by setting up your KeeperPAM sandbox! Visit here to begin.
KeeperPAM is now available for all customers. Keeper Vault 17.1 and newer is required to access the new privileged access management features.
For more information on KeeperPAM, visit the following:
New Features
Connections - instantly and securely access assets within your target infrastructure
Currently only Supported on Keeper Commander
SSH Agent - Available with Keeper Desktop
Improvements
Browser tab now shows username: "Keeper® Vault - user@company.com"
Vault Release 17.0.0
Released on February 6, 2025
Enhancements
KDE-1400: RSA to EC Security Updates
VAUL-6152: RSA to EC Security Updates
VAUL-7031: We've fixed an issue where copied backup codes contained spaces, causing them to be invalid. Backup codes are now copied without spaces.
VAUL-7029: The "Add Device" and "Provision Gateway" options are now only visible in View mode, not Edit mode.
KDE-1415: We've fixed an issue where incorrect OS keys were displayed in shortcut definitions.
KDE-1245: All alert models have been updated to follow the new design guidelines.
KDE-1240: We've fixed an issue where an incorrect error message was displayed when moving subfolders between shared folders.
KDE-1547: We've fixed an issue where copied backup codes contained spaces, causing them to be invalid.
Other Updates
VAUL-6899: Updated linked personal accounts to indicate the family admin, helping users identify the correct account to log into for managing members.
VAUL-6590: We have allowed offline login with all 2FA durations as a separate setting in the app.
VAUL-7061: We removed legacy bundle support to improve build efficiency.
VAUL-7064: We updated the grid view icon.
KDE-1529: We updated the Windows desktop build to support Visual Studio 2022 and target it in the GitHub Actions workflow.
KDE-1532: Upgrade Electron framework to version 32.1.0 31.7.2 33.2.0.
KDE-1488: We've enabled context isolation security for the desktop vault/tray renderers.
KDE-1546: We've fixed an issue preventing Windows desktop builds from completing in GitHub Actions
KDE-1548: We've added a new setting to allow offline logins with all 2FA durations.
KDE-1550: We've fixed an issue with upload job caching by adding the Cache-Control: no-cache header.
KDE-1558: We've updated the Windows Credential Locker, Windows Hello, and App Model features.
KDE-1536: We fixed a recent Keeper outage caused by NGINX overload.
Bug Fixes
VAUL-6437: Fixed an issue where custom templates with numeric names (without periods) appeared at the top of the list instead of under the "Custom Template" section.
VAUL-6275: Fixed an issue ensuring that Record Type Sorting aligns with the modified list.
VAUL-6889: The user gets a clear error message when the share request fails.
VAUL-6908: Prevented users restricted from sharing or receiving from creating shared folders.
VAUL-5874: Removed the period from the title on the empty Vault Splash Page.
VAUL-5958, VAUL-5959: Implemented functionality improvements for My Vault, Record view, and Security Audit page, addressing customer expectations for dark mode, though some visual inconsistencies and color contrast requirements
VAUL-6760: Fixed an issue where the Country field displayed incorrect or empty values when switching between Address records.
VAUL-5702: Changing the default field type now updates the label accordingly.
VAUL-6438: Standard records now appear in the top section and custom record types in the bottom section, each sorted independently with numerical first, followed by alphabetical.
VAUL-6436: Resolved an issue where the letter 'g' was cut off in custom templates.
VAUL-6758: Fixed an issue where the default password complexity wasn't saved during the initial rotation setup.
VAUL-6972: Fixed an issue where restored records did not update security scores until the user logged out and back in.
VAUL-5949: Fixed an issue where the Save button in Secrets Manager remained disabled after deleting a Gateway.
VAUL-5862: Fixed an issue preventing users from deleting a Gateway in Secrets Manager if multiple Gateways existed.
VAUL-5847: Fixed an issue where the sort header within the Secrets Manager did not reflect the selected sort option.
VAUL-6635: Fixed an issue where the tooltip did not describe the cron format, adding an explanation and examples for proper usage.
VAUL-6988: Fixed the update with the Login Buttons
VAUL-6983: Fixed an issue that restricted Unlimited, FP, and Trial users from accessing offline mode via the login page.
VAUL-6941: Fixed an issue where unreferenced records weren't deleted during sync down.
VAUL-6911: Fixed an issue where removing a record link deleted the linked record despite other existing references.
VAUL-6961: Resolved an issue where removing direct access to an owned record unintentionally removed ownership.
VAUL-6990: We've resolved an issue where uploading a file larger than 100MB would block the upload of other selected files.
VAUL-6977: We fixed the 'Internal Error' issue during offline logins.
VAUL-6995: We fixed the issues where discard changes are generated twice.
VAUL-6998: We fixed an issue where gateways were displayed randomly. They are now sorted numerically and alphabetically.
VAUL-6947: We've resolved an issue where records were unintentionally removed from shared folders during the sync-down process.
VAUL-7012: We fixed an issue with incorrect toast messages when trying to create duplicates without permission.
VAUL-6881: We've fixed an issue where breach watch results were only sometimes being returned when expected.
VAUL-6534: We've resolved an issue causing "bad request" errors during security data updates specifically for the vault client.
VAUL-6962: We've resolved an issue where records created in the BE weren't appearing in the BW.
VAUL-7019: We have fixed the issue with the secrets manager not showing up in SF/Records
VAUL-6750: Vault now uses the encrypted session token returned by accept_enterprise_invite instead of the previous session token.
VAUL-7025: We've fixed an issue where records with the password "hasOwnProperty" were causing various client crashes.
VAUL-7018: We fixed an issue where selecting "all" in an empty shared folder incorrectly showed "1 selected." Now, it correctly shows "0 selected" and unselecting the box removes the message.
VAUL-7036: We've fixed an issue where the Grid View Record Context Menu button was incorrectly positioned when focused.
VAUL-7039: We fixed an issue where the file_attachment_uploaded audit event was incorrectly triggered for file removals.
VAUL-7045: We've fixed an issue where vertical dividers were missing from the Security Audit.
VAUL-7053: We've fixed an issue where the UI didn't display throttle messages when entering incorrect passwords multiple times in offline mode.
VAUL-7059: We've fixed an issue where the cursor focus was incorrect after entering a password in the MP entry modal.
VAUL-7060: We've fixed an issue where the Offline Duration Setting required a browser refresh to take effect.
VAUL-7050: We've fixed an issue preventing MSPs from logging in offline.
VAUL-7058: We've fixed an issue where Free Trial users without a BW subscription encountered a "bad request" error when scanning records with strong passwords.
VAUL-7057: We've fixed an issue where the last scan date was incorrectly displayed as "N/A" in BW.
VAUL-7065: We've fixed an issue causing incorrect font display on the web vault.
VAUL-7068: We resolved an issue where the "Work Offline" button was incorrectly displayed for users without offline access, even after clearing the browser cache or logging out
VAUL-7076: We've fixed an issue causing the error "No key for encryption of security data" in Vault.
VAUL-7074: Sharing invitations can now be sent without errors.
VAUL-7080: We've fixed an issue preventing update_security_data from working on ECC-only enterprises.
VAUL-7079: We've fixed an issue causing several missing key warnings.
KDE-1346: We've fixed an issue with misaligned edit icons for KFFA hotkeys.
KDE-1423: We've fixed an issue where the Topsite list wasn't narrowing correctly as users typed in the title field
KDE-1428: We've fixed an issue preventing users from moving owned records into shared folders.
KDE-1500: We've fixed an issue where incorrect notifications were displayed for oversized file uploads
KDE-1048: We've fixed an issue where the Region Selector was cut off at the bottom in KFFA.
KDE-1538: We've fixed an issue where resetting Keeper from the Help Menu didn't clear the desktop app cache
KDE-1539: We've fixed an issue with the localization of the access expiration banner.
KDE-1544: We've fixed an issue preventing password re-entry in KFFA.
KDE-1545: We've fixed an issue where the offline edit indicator persisted after reconnecting to the server and logging.
KDE-1540: We've fixed an issue preventing users from downloading large file attachments, which caused the app to stall
KDE-1549: We've fixed an issue preventing Direct Import from LastPass due to a JavaScript error.
KDE-1551: We've fixed an issue preventing the import of simple phone data from LastPass for non-address records.
KDE-1552: We've fixed an issue that prevented new Enterprise Admin accounts from using a fresh install of KDE.
KDE-1478: We've fixed an issue where the "Securely Upload to My Vault" option did not clear after a drag-and-drop operation.
KDE-1553: We updated the macOS build environment from macOS 12 to macOS 13 in the build-desktop-vault.yml workflow.
KDE-1556: We updated the download links for the desktop app to point to the new CloudFront distribution.
KDE-1559: Fixed QA download page: now shows versions and directs users to the latest build.
KDE-1565: We've fixed an issue preventing KSM device configurations from being generated.
Vault Release 16.11.3
Released September 20, 2024
Enhancements
VAUL-6966: Updated the vault login screen animations to stop after 30 seconds
VAUL-6606: Updated the remaining router API endpoints to enhance performance and security.
VAUL-6785: Adjusted the location of the visibility "eyeball" icon for long passwords, ensuring consistent UI across all record views.
VAUL-6821: Introduced a new dialog that users are required to accept when being invited to a managed enterprise. Letting users know the enterprise administrator has the ability to manage their vault in accordance with company policies.
VAUL-6866: Updated URL handling to restrict it to standard HTTP/HTTPS protocols, improving security and validation.
VAUL-6869: Updated the title and meta description of the settings page to enhance SEO and search engine visibility.
Bug Fixes
VAUL-5853: Addressed formatting inconsistencies within custom record types for Security Q&A fields.
VAUL-5898:Fixed an issue where using the search and location filter together resulted in invalid or unexpected search results.
VAUL-6051: Fixed an issue where the UI adjusted incorrectly after closing an error message generated by an invalid value in the native app filler.
VAUL-6247: Fixed a bug where the "Success" message was missing after successfully removing users from shared records.
VAUL-6312: Resolved a security issue where creating a duplicate record allowed shared users to access the full history, including previous sensitive information.
VAUL-6385: Updated privacy screen for Teams / Owners, ensuring compliance with privacy requirements.
VAUL-6403: Fixed an issue where users with role-based enforcements preventing record creation in shared folders were not receiving feedback when using "Create Duplicate" on a V2 General record.
VAUL-6424: Fixed visual artifacts in the left navigation bar that appeared as unexpected white pixels.
VAUL-6598: Fixed an issue where dropdown menus opened via the enter key couldn't be navigated using arrow or tab keys, improving screen reader accessibility.
VAUL-6599: Resolved an issue where users needed to press the arrow key twice to focus on both icons and text when navigating the "Create New" menu or filter dropdowns via the Enter key.
VAUL-6609: Addressed an issue where attachments in the detail pane of V3 shared records were not being displayed properly after edit or sync.
VAUL-6652: Resolved UI issue where the PAM script model was cut off, improving the user experience.
VAUL-6806: Fixed an issue where security data updates were not occurring as expected, improving data reliability.
VAUL-6827: Resolved an issue where extra white space appeared in custom fields, improving layout consistency.
VAUL-6839: Addressed issues related to missing or bad security data being propagated in certain scenarios.
VAUL-6865: Removed the deprecated asmcrypto.js dependency, improving app performance and security.
VAUL-6882: Fixed a password complexity error that occurred during save, when using the password rotation setting in certain scenarios.
VAUL-6912: Resolved overlapping text issues on Mac/Chrome browsers when displaying tabs.
VAUL-6964: Fixed an issue where the logout timer enforcement was not working as intended.
VAUL-6967: Applied updates to sync timeline, loading vault records and then updating BreachWatch & Security Audit scores.
Vault Release 16.11.2
Released August 06, 2024
Enhancements:
VAUL-6715: Improved KeeperFill Installation Prompt: The installation prompt for KeeperFill has been enhanced to offer a better user experience.
VAUL-6716, VAUL-6789: Enhanced Import Functionality: When importing data from Keepass KDBX files, TOTP fields will now be correctly recognized and imported as Keeper TOTP fields, ensuring better accuracy and usability.
VAUL-6748: Password Complexity and Generation: Password complexity rules can now be applied independently without generating a new password, offering more flexibility in managing your passwords.
VAUL-6792: Better Folder Selection: We've improved the folder location selection in the new shared folder modal for a more intuitive experience.
VAUL-4959: Updated Referral Program: Our referral program has been enhanced with updated incentives to encourage more users to invite friends.
VAUL-6807: Password Policy Enforcement: The minimum password length is now set to 8 characters, with a maximum of 99 characters. Client applications will enforce this minimum length but allow users to increase it through their settings.
VAUL-6798: Feature Promotion: New features such as RBI and KSM are now more visible to users for better awareness.
Bug Fixes:
VAUL-6788: UID Generation: We've updated the UID generation logic to prevent creating UIDs that start with a dash.
VAUL-6746: Firefox Compatibility: Fixed an error occurring in Firefox related to unsupported table versions.
VAUL-6805: Privacy Screen: Resolved an issue where the privacy screen disabled URL edits for non-enforced URLs in shared records.
VAUL-6784: Sharing Screen: Corrected the sorting order of items in the sharing screen for better usability.
VAUL-6794: Account Registration: Addressed an issue where credentials were not properly handled when switching between login and account registration screens.
VAUL-6819: Banner Display: Updated the banner display and support tool to match rounding requirements for better accuracy (e.g. number of days left in trial).
VAUL-6786: Shared Folder Management: Fixed an issue where deleting a V2 record from a shared folder caused the folder to appear incorrectly. The record will now appear correctly.
VAUL-6780: GRE Import Error Handling: Improved error handling during GRE import to ensure proper messaging when users are restricted from creating folders.
VAUL-6808: App Stability: Fixed an issue where the app could crash if shared folder users were undefined, ensuring better stability.
Vault Release 16.11.1
Released June 17th, 2024
Improvements
VAUL-6523: Added pin code generator to "Pin Code" custom field
VAUL-6595: Improved 508 compliance for "Record Types" default actions
Escape key closes "Record Types"
VAUL-6596: Enhanced 508 compliance for "More Filters" default actions
Escape key closes "More Filters"
VAUL-6597: Fixed issues with 508 compliance regarding possible actions. Dropdown lists out of focus are automatically closed
VAUL-6648: Updated support information that appears in the vault directing users to: https://www.keepersecurity.com/support.html
Bug Fixes
VAUL-6550: Implemented a modal warning for trials expiring within 24 hours
VAUL-6747: Removed offensive words from the word list
VAUL-6613: Updated strength indicator to prevent it from turning green erroneously
VAUL-6721: Fixed the default passphrase separator issue
VAUL-6719: Corrected domain conflict alerts to display the appropriate text
VAUL-6519: Fixed issue with Chrome displaying a break in the password generator
VAUL-6728: Prevented users from saving passwords with domain conflicts
VAUL-6729: Ensured that users with privacy screens cannot view PIN codes
VAUL-6732: Introduced new alerts for different domain conflicts
VAUL-6737: Added missing strings for various languages
VAUL-6741: Improved vault UI responsiveness when saving new passwords
VAUL-6736: Resolved issues with the PIN-CODE and PIN Generator not working
VAUL-6740: Added missing translation for 'Your password has been saved'
VAUL-6754: Implemented in-app popup for expired trial warnings
VAUL-6753: Fixed issue with the privacy screen feature
VAUL-6759: Fixed the issue preventing saving passphrases with domain conflicts
VAUL-6761: Resolved incorrect display of consumer/enterprise settings
VAUL-6770: Ensured default configuration is correctly applied when new fields are unchecked
VAUL-6776: Fixed GUI issues in the password complexity feature
VAUL-6723: Fixed issues with losing ownership of a record in a shared folder
VAUL-6693: Corrected tooltip hover text display issues in shared folders
VAUL-6653: Fixed time selection issues in the date picker configuration
VAUL-6726: Resolved a white screen crash issue
VAUL-6688: Resolved UI issues with the new shared folder modal
VAUL-6733: Addressed issues with configuration records not being viewable
VAUL-6731: Fixed time picker for 24-hour time format in One-Time Share
VAUL-6734: Fixed file upload issues
VAUL-6738: Corrected viewing link display issues in One-Time Share
Vault Release 16.11.0
Released May 2, 2024
Features
The 16.11.0 release contains several new features, including Passphrases, Time-Limited Access, Self-Destructing Records and Shared Item Recovery.
Passphrases
Passphrases can now be generated and stored in the vault. The Password Generator includes advanced character/symbol policy preferences
Time-Limited Access
Launched Time-Limited Access, which allows temporary sharing of records and folders with other Keeper users.
Self -Destructing Records
Launched Self-Destructing Records, which allows sharing of records with other Keeper users for a time period after which the record is deleted for both parties.
Shared Item Recovery
Recently deleted shared records from within shared folders can now be recovered from the "Deleted Items" section of the Web Vault and Desktop app.
In the "Deleted Items" section of the vault, you'll see a new tab called "Shared Folder Contents". This tab contains records that were deleted by a user of the shared folder with "Can manage records" permission. Records which appear in this tab are able to be restored from any user who currently has access to the shared folder. This feature was created to make the restore process accessible from any shared folder participant when a record has been removed by any team member.
For security reasons, if a change was made to the record after it was removed from the shared folder, it cannot be restored and the original owner must re-share it.
Bug Fixes
VAUL-5271: Fixed an issue that prevented record type changes with some records
VAUL-5628: Fixed an issue that prevented some date fields from being searchable
VAUL-5842: Fixed various issues with consistently updating fields on language changes
VAUL-6163: Fixed an issue that allowed entry of more than the five allowed emergency access contacts
VAUL-6168: Fixed a display issue when certain record types are disabled
VAUL-6198: Fixed an issue that prevented error message from being shown when attempting to invite a user with an invalid email address
VAUL-6242: Fixed an issue that prevented hover text from being displayed on truncated records
VAUL-6301: Fixed an issue where some countries would not sort properly in records with a Country field
VAUL-6340: Implemented hashing algorithm for account mapping within the vault
VAUL-6345: Implemented proper handling of international phone numbers in records
VAUL-6353: Fixed a UI issue where a password slider artifact would appear over search results
VAUL-6365, VAUL-6373, VAUL-6392: More descriptive errors are now displayed when attempting to create a record, folder or shared folder using an account that does not have appropriate rights
VAUL-6370: Fixed an issue syncing teams to the vault on initial sync
VAUL-6383: Fixed an issue that prevented a user from creating a shared folder under certain Granular Sharing Enforcement policies
VAUL-6393: Granular Sharing Enforcements now apply even in the vault is in offline mode
VAUL-6397: Fixed an issue with syncing records after ownership transfer
VAUL-6427: Fixed an issue importing from Proton Pass on Windows
VAUL-6439: Fixed an issue that prevented the owner of a shared record from deleting records in some scenarios
Vault Release 16.10.12
Released on Jan 15, 2024
Features
VAUL-6001: Security Key can be set up as the only 2FA method
VAUL-6097: Support for Security Key and PIN enforcement policies
VAUL-6129: Users can now control if FIDO2 WebAuthn user verification (PIN) is required
Bug Fixes
VAUL-6395: KeeperPAM Router/Gateway connection issue in GovCloud environment
Vault Release 16.10.10
Released on Nov 16, 2023
Features
VAUL-6175: Added thousands of popular website logos to the Vault user interface.
The implementation of website logos preserves full zero knowledge encryption and privacy. The entire library of logo files are embedded within the vault application.
KDE-1403: Optional SSO login method through default web browser
If the new "Use Default Browser for SSO" option is enabled from the desktop application menu, the user will be routed to their default web browser on the device in order to login with their configured identity provider.
The primary reason for implementing this feature is to support SSO identity providers who support FIDO2 security keys or other authentication methods that are not technically supported from the Keeper Desktop embedded browser.
For Admins who would like to enforce this to all desktops, a new Enterprise Configuration item called UseDefaultBrowserSSO is available.
DR-265: Ability to specify time zone and hour of day for scheduled password rotations
VAUL-5620: Enhancements for Recently Deleted page
VAUL-5686: Security Audit screen now has a "Last Change" column
VAUL-6138: New "Advanced" settings menu which contains the following features:
Search overlay controls
Syncing delay to improve overall performance in high volume enterprise tenants
Showing numbering in the record list view
Bug Fixes
VAUL-6135: Currently only owner and share admin can update permissions, add/remove users, set/update expiration timers. User with can_share right should be also able to manage users up to its own level of privilege.
VAUL-5659: Multiple Record Selection is not working in Deleted Items
KDE-1421: Records created while in offline mode are not syncing properly when going online
KDE-1373: KeeperFill for Apps Window opens in wrong location when tray is not in visible dock
KDE-1395: Memory leak on Mac App from repeat launching through cmd+tab, clicking the dock item, etc. This leads to unintended event handlers being enabled.
VAUL-5675: User is not able to delete forever a Lost Record shared via Shared folder from Lost Access
VAUL-5737: Missing 'Add to My Vault' button for records details panel in Lost Access tab
VAUL-6009: If you have a role enforcement set to restrict all record types in the vault, the import option during onboarding is now hidden.
VAUL-6083: Filename not being added to title when drag-and-drop attachment in Chrome/Edge
VAUL-6204: Import from Thycotic / Delinea Secret Server missing notes field and SecretTemplates section
VAUL-6213: Record title auto-suggestion not working when there are multiple words
VAUL-6214: Date formatting error when Arabic language selected
KDE-1411: On Mac, keyboard layout is cached on first use. When filling a password with KeeperFill for Apps on Mac, a map of key codes to character mappings is generated and cached. This cache is not released when the keyboard layout changed with the app running, resulting in incorrect key codes being sent for some characters.
KDE-1422: The "Create Record" hot key is turned on when the app is initially not in focus, preventing that hotkey from being used by other apps.
KDE-1385: KeeperFill for Apps is not able to detect secure fields when a record uses the "native app filler" field type.
KDE-1426: After importing files, KeeperFill for Apps doesn’t show the records. This leads to assertion failures with BreachWatch data which require record keys to decrypt the data.
Security Updates
VAUL-6170: Security improvements using CryptoKey storage on Firefox browsers for device keys
VAUL-6179: Convert ECIES-encrypted Record Keys to Data Key-encrypted Record Keys upon login.
KDE-1406: New desktop app installs will now store device private keys in the Apple Keychain or Windows Credential Locker instead of Chrome CryptoKey local storage, for improved security for native app installation. Existing keys will not be transferred until a reset takes place.
KDE-1412: Upgraded Electron platform to v26.2.4. This was actually released to production already in version 16.10.9 on a standalone basis.
Other Improvements
KDE-1417: When filling into a remote desktop session using mstsc.exe, incorrect characters are used with a different keyboard layout than the host machine.
VAUL-6219: Improved the automatic team-user approvals upon logging in. This new method handles a large number of pending users.
VAUL-6200: When viewing a deleted record, file attachments cannot be downloaded until the record is restored.
DR-348: Hide or gray out "Rotate now" button on modifying rotation settings
VAUL-5926: Shared Folder and Direct Share screens will only list those Share Admins who are explicitly shared to the object, to reduce confusion.
VAUL-5738: Allow free trial users to view record history
VAUL-6128: Show long folder names on-hover
KDE-1399: Return focus to previous app/window when KeeperFill for Apps is closed
508 Compliance: Over 20 tickets related to 508 compliance / ergonomics improvements
VAUL-5875: Create Duplicate UI changes to support various use cases:
If privacy screen is enabled, do not allow duplication
If a user duplicates a record that has linked records such as address or payment records, allow duplication of the record, disallow duplication of linked records, and present a notification: “The record you are duplicating contains links to other records. The linked records will not duplicated.”
If a user duplicates a record that has attachments, allow duplication of the record, disallow duplication of the attachment, and present a notification: “The record you are duplicating contains attachments. Attachments will not be duplicated. In order to duplicate attachments, download the attachment from the original record and re-upload to the newly created record.”
KDE-1414: New font type "Outfit" to replace "Overpass". This is Keeper's new font that is being slow-rolled across all platforms and interfaces.
Known Issues
Migrating from LastPass using Okta SSO saying "Import Error"
In the Okta Admin portal under Applications, locate your "LastPass Okta Login" application. Under the "Sign-in redirect URIs" section, add the following URI: http://localhost/ then click "Save".
Vault Release 16.10.9
Released on Sep 29, 2023
Security Updates
KDE-1425: CVE-2023-5217 Heap buffer overflow vulnerability in the libvpx library. Updated Electron framework.
Vault Release 16.10.8
Released on Sept 14, 2023
Security Updates
KDE-1418: CVE-2023-4863 Heap buffer overflow vulnerability in the WebP Codec. Updated Electron framework.
Vault Release 16.10.6
Released on Aug 20, 2023
Vault Release 16.10.3
Released on August 10, 2023
Features
VAUL-5688: Support for Passkey record fields. Managing passkeys requires browser extension 16.6.0 which was released on Aug 7, 2023. Learn more about passkeys here.
VAUL-5977: Support for RESTRICT_IMPORT_SHARED_FOLDERS enforcement policy which will prevent users from importing shared folders from LastPass. See the Admin Console role enforcement policies to enable this setting.
VAUL-5502: Support for new paginated sync system on the backend API
VAUL-5999: Support for Swedish and Finnish languages
VAUL-5628: Date fields are searchable
VAUL-5580: Email addresses are auto-sanitized when pasting into sharing screens
Bug Fixes
KDE-1376: Desktop app can get stuck when the main app is closed too quickly
KDE-1381: Offline records not syncing up properly in Linux
KDE-1382: RPM desktop installer not compatible with RHEL9
VAUL-5726: Deleted items is missing right-click option
VAUL-5761: Remove RSA SecurID from GovCloud environment
VAUL-5960: Right Click New Shared Folder - Records are not being added to folder
VAUL-5945: After changing master password, user can login offline with old master password
VAUL-5981: TOTP URIs with leading white space are not parsed correctly by the vault
VAUL-5899: Large vault search speed is causing delays
VAUL-5986: Advanced search needs to dismiss results upon hitting <enter> key
VAUL-5983: The record owner is restricted from viewing the password on a V2 record that utilizes the enterprise domain enforcement
VAUL-5933: 508 compliance items (ensure image tags have alt attributes)
VAUL-5957: Drag/Drop file in the vault is adding to the prior record created
VAUL-5966: Drop target incorrect when file is dropped into the vault
VAUL-5968, VAUL-5969: Additional 508 compliance items
VAUL-5994: Select a shared folder and select a record not in the shared folder, right click and delete both. Vault will white screen.
VAUL-6053: Vault scrolls unexpectedly when clicking a folder
VAUL-6105: Security Audit: "reused" count includes owned records w/ the same password as a non-owned record
VAUL-6094: Multiple Share Relationship Invites are being sent after acceptance
Other Changes
VAUL-5899: Improved loading and search speed for large vaults
KDE-1343: Remove the deprecated browser extension for Safari users, point users to the new App Store version of the Safari extension
VAUL-6110: Removed the manual on/off toggle for logout timer. Users must specify a time (in minutes).
VAUL-5947: Account recovery setup is removed during the onboarding for SSO users.
VAUL-6143: If onboarding is disabled through role policy, disable any browser extension popup messages that lead to an installation.
Vault Release 16.10.2
Released on May 22, 2023
Vault Release 16.10.0
Released on May 2, 2023
New Features
VAUL-5652: Recovery Phrase. We have upgraded our account recovery process with a new and more secure 24-word “recovery phrase” feature. Read more on the Keeper Blog.
VAUL-5867: Support for TOTP seeds in CSV import method
VAUL-5177: Import from Thycotic Secret Server / Delinea
Bug Fixes
KDE-1364: Crash when double-clicking the Touch ID icon
KDE-1365: Entering an incorrectly formatted username in SSO Connect on an ASDF Domain causes a crash
Vault Release 16.9.0
Released April 6, 2023
Keeper is proud to announce our release of version 16.9.0 of our Web Vault and Desktop App. This new version includes a new design with a user interface refresh along with some new features and bug fixes.
See our blog post for additional details:
New Features
Keeper Desktop App now supports Import SSO LastPass vaults from Okta SSO and Azure SSO federated accounts
Advanced Search: Recently viewed records, search filters and more
Onboarding: New user onboarding has been improved
UI Refresh: Look and feel of the vault has been improved
MFA: When signing in with 2FA for the first time, there are now additional options. The Web Vault now offers 12-hour and 24-hour in addition to the previous options (every login, every 30 days, and don’t ask again on this device.)
Support for Google Authenticator QR code export format
Security Scores: "Security Data Sync" in the diagnostics menu will refresh your security scores
Lost Records: Shared records that have been removed from your vault, but are owned by you, can be recovered from the Deleted Items screen. The tab will only show if you have relevant records.
Bug Fixes
We truncated the view of super long URLs in the record detail screen
Vault Release 16.8.9
Released on Feb 13, 2023
Vault Release 16.8.6
Released on Jan 3, 2023
Vault Release 16.8.5
Released on Dec 20, 2022
Older
Releases notes older than last 10 releases
Older release note content is still available, but anything older than the last 10 updates is placed here.
Vault Release 16.8.4
Released on Nov 30, 2022
Vault Release 16.8.3
Released on Nov 29, 2022
Bug Fixes
VAUL-5551: Extension not auto-logged in if installed while Web Vault currently logged in
VAUL-5547: Right-click menu is showing different options when in different areas of the vault
VAUL-5529: Shared Folder "Add User" search/suggest list includes people already in the folder
VAUL-5563: Vault crashes when a user with "Prevent sharing records with file attachments" enforcement deletes a record.
Improvements
VAUL-5565, VAUL-5327, VAUL-5458, VAUL-5325, VAUL-5404: 508 Compliance items
VAUL-4772: Removed all legacy jquery/jquieryui references
VAUL-5559: Roboform import issues
VAUL-5090: Auto-select custom field title when clicking Edit
KDE-1308: Update Electron to latest v20 patch version
KDE-1314: Remove legacy Windows installers
Vault Release 16.8.1
Released on Oct 25, 2022
Vault Version 16.8.0
Released on Oct 20, 2022
Features
Share Admin Keeper's Share Admin feature is a role-based permission that gives administrators elevated access rights over your organization's shared folders and shared records. Share Admins have full user and record privileges for any shared record that they have access to. See: https://docs.keeper.io/enterprise-guide/share-admin
MSP to Managed Company Team Sharing Directly share folders to Managed Company teams
General to Record Type Conversion You can now right-click to change the type of any record, including migration from the legacy "General" record types. Multi-select + right click allows migration of multiple records at once.
Default Record Permissions Quickly set permissions during the creation of a Shared Folder
Default Folder Settings moved into the "Settings" tab In addition, you can now apply permission changes recursively and retroactively.
Shared Folder UI improved visibility Several enhancements to the UI which improve the visibility and management of Shared Folders.
Team Visibility There is now a "View Team" function in several locations so that you can see who you're sharing to.
Collapsed View of Records When a folder contains subfolders and records within subfolders, you can now collapse the view, in order to apply changes recursively. Select "Show subfolder records" to collapse the list.
Retroactively apply permissions When "Show subfolder records" is selected, the Settings tab will display a checkbox called "Apply permissions to all subfolders" which will apply the default folder settings to all existing records within folders and subfolders.
Vault Version 16.7.2
Released on July 29, 2022
Bug Fixes
KDE-1273: Touch ID shows as "enabled" for users after an app reset
KDS-1277: Custom Record Template showing "Discard Changes?" on save
VAUL-4849: Showing content security policy error in console on login
VAUL-5362: EU data center BreachWatch errors for users on a free trial
Improvements
Added support for Password Manager Pro import
Added support for generic .xls or .xlsx file import
Vault Version 16.7.1
Released July 17, 2022
Bug Fixes
Multiple Tickets: Several UI bugs, translations and visual fixes
VAUL-5307: SMS support for Trinidad and Tobago
VAUL-5260: Payment card phone number saves incorrectly
VAUL-5344: Removed Duplicate detection button for now due to inconsistencies
KDE-1255: Touch ID setting turns off when signing in with the Laptop lid open
KDE-1228: Canceling the Yubikey setup and login flow gives error
KDE-1254: Filling from KeeperFill for Apps with German keyboard issues
KDS-1244: Filling from KeeperFill for Apps with French keyboard issues
KDE-1269: After logout, KeeperFill for Apps not selecting proper region (Govcloud)
KDE-1274: KeeperFill for Apps with Privacy Screen not working in Microsoft Edge
Improvements
VAUL-5320: Additional confirmation upon deletion of a Shared Folder
KDE-1266: Added ability to delete account for Mac Store consumer version
Vault Version 16.7.0
Released on June 21, 2022
Features
VAUL-5165: Offline Create/Edit Record capability
VAUL-5181: New UI for login screens
VAUL-5031: Hundreds of new website logos added
VAUL-5208: Additional 508 compliance / accessibility updates
KDE-1253: Enterprise enforcements for Desktop App distribution defaults. This allows the Admin to define the default SSO Domain and Data Center location. Detailed instructions available at this link: https://docs.keeper.io/enterprise-guide/deploying-keeper-to-end-users/desktop-application#enterprise-configuration
Bug Fixes
VAUL-5295: CSV Import GUI fixes
VAUL-5095: Unable to ignore BreachWatch record which has edit rights
VAUL-5045: BreachWatch can indefinitely alert about a breached record
VAUL-5257: Second login required to send security audit data to the Admin Console.
VAUL-5251: Unable to export records with the Login record type restricted by admin.
VAUL-5248: Create Duplicate feature appearing for records that have Privacy Screen enabled.
VAUL-5270: Processing pending team members can sometimes cause the vault to display no data.
KDE-1220: KeeperFill for Apps compatibility issues with Apache Guacamole / Keeper Connection Manager running on a Mac host.
Several small UI bug fixes
Improvements
KDE-1246: Upgrade Electron framework
KDE-1261: 10x speed improvement on file uploads for large file attachments.
Vault Version 16.6.0
Released on May 4, 2022
Features
VAUL-5029: Introducing One-Time Share. See the Admin Guide and End-User guide for more details.
KDE-1214: Support for M1-based Macs. Our download page provides install links for the .dmg file and the Mac App Store. The .dmg file contains both Intel and M1 Mac binary builds.
Improvements
VAUL-5021: Additional support for 508 compliance in Secrets Manager and other functional areas.
Bug Fixes
VAUL-5228: Unable to recover account with WebAuthn as the 2FA method
VAUL-5233, VAUL-4958, VAUL-5232: Several issues with File Upload failures
VAUL-5164: Support for Dashlane import with Argon2D and PBKDF2 200k iterations
KDE-1233: Crash on Windows Server 2012 R2 on SSO Login
KDE-1237: Tab key not being sent to Citrix client use Native App Fill
Vault Version 16.5.0
Released on March 31, 2022
Features & Improvements
VAUL-5035: Ability to convert "general" to new Record Types
VAUL-4879: Role enforcement to activate Stay Logged In
VAUL-4893: Role enforcement to enable Self Destruct
VAUL-5201: Improved performance of uploads and downloads
Bug Fixes
VAUL-5187: QR Code upload fails for certain formats
VAUL-5202: MyKi and 1Password TOTP record imports are not autofilling*
(*) To resolve existing records, run the
verify-recordscommand in Keeper Commander.VAUL-5191: TOTP and custom fields not available in CSV export
VAUL-5195: Field validation on custom field Phone Number not working properly
KDE-1224: Linux app shows blank screen when using Yubikey
KDE-1222: Login on desktop app with Touch ID and Yubikey not working properly
KDE-1218: Default password generator in KeeperFill for Apps not including symbols
KDE-1223: Desktop App not maintaining disabled logout timer setting
Vault Version 16.4.6
Released on March 10, 2022
Features & Improvements
KDE-1090: Upgraded Electron framework to 17.x
KDE-1203: Added a new Hot Key for filling TOTP codes (Ctrl/Cmd+Shift+T)
KDE-1206: Added {SPACE} keystroke for KeeperFill for Apps typer feature
VAUL-5047: Added Passportal Import tool
VAUL-4597: Added Record UID to BreachWatch events for Advanced Reporting & Alerts module.
VAUL-5140: Improved speed for large vaults
VAUL-5160: Improved 1Password import which includes TOTP codes
VAUL-5184: Improved MyKi import to support TOTP codes
Bug Fixes
KDE-1200: Crash when running Keeper Desktop on Fedora 35
KDE-1207: KeeperFill hotkey filling improvements over VMWare, Datto RMM and other remote desktop tools.
KDE-1065: KeeperFill for Apps not working over RDP with french keyboard
KDE-1117: Touch ID with IP restriction and offline access not working
KDE-1087: "Unable to connect" error when using KeeperFill for Apps
KDE-1118: KeeperFill for Apps with Touch ID and Webauthn hangs on login
KDE-1181: Whichever method signed in last (master password or biometric) is only able to be used offline. So if you last signed in with master password, signing in offline with master password works. But if you last signed in with touch id, signing in with touch id offline works.
KDE-1132: KeeperFill for Apps using "Generate password" has issues when loading the main desktop app.
KDE-1183: Native App Filler clicking tray changes focus
KDE-1099: Offline mode not working with IP restriction is activated
KDE-1186: SSO user logging in with Biometric is logged out to the wrong screen
KDE-1209, KDE-1210: LastPass import improvements and error handling
KDE-1213: Crash when setting up the OnlyKey security key hardware device
KDE-1217: Searching for Typed records within Shared Folder paths fails
VAUL-5092: Copying UID from Safari 15 user interface fails
VAUL-5102: Switching to Keeper DNA push method not showing correct screen
VAUL-5113: Secrets Manager app details GUI not showing correct permissions
VAUL-5107: Allow viewing and copying of Notes if the masking and privacy settings are activated.
VAUL-5098: After deleting a security key, toggle of 2FA doesn't visually show the action
VAUL-5114: Enforcement policy of re-authentication when revealing password was not working properly
VAUL-5153: Web Vault is saving phone number fields with formatting, which caused other client apps to crash.
VAUL-5155: Automatically fixes formatting issues from Android record data
VAUL-5156: Re-sharing a shared Record Type record that contains file attachments fails
VAUL-5154: UI issues when linking to Emergency Access screens
VAUL-5144: Multi-select and bulk edit not working properly in List View
VAUL-4933: Repaired Avast import
VAUL-5157: Import from legacy records missing TOTP field
VAUL-5163: QR codes from Okta Verify are showing empty fields
VAUL-4949: Can't type spaces when searching through the country names
VAUL-5185: Searching not matching on general record types with custom field values
Vault Version 16.4.3
Released on Feb 3, 2022
Vault Version 16.4.2
Released on Feb 2, 2022
Features & Improvements
KDE-1193: Include TOTP fields in LastPass automated import
KDE-1178: Include file attachments in LastPass automated import
VAUL-5133: Add checkbox to make LastPass shared folder imports optional
Bug Fixes
VAUL-5143: Error message first time you drag-and-drop a file attachment into a record
Vault Version 16.3.1
Released on Nov 17, 2021
Vault Version 16.3.0
Released on Nov 5, 2021
New Features and Improvements
VAUL-4710: Secrets Manager user interface is now generally available on the Keeper Web Vault and Desktop App. For more information about Keeper Secrets Manager, see:
VAUL-4904: Visual improvements and workflow improvements for Record Types template creation.
VAUL-5062: Added MyKi password manager to Keeper Import screen
Security Updates
VAUL-5038: Migrated from webpack4 to webpack5
KDE-1163: Additional changes to ensure that logout clears all memory. User-initiated logout performs full restart of the Keeper Desktop application.
Bug Fixes
KDE-1164: KeeperFill for Apps will only process hotkeys when a record has been selected. This prevents conflicts between existing hotkeys and KeeperFill.
KDE-1169: Sync errors after deleting a Shared Folder
KDE-1168: "Object no longer exists" error when switching between KFFA and Desktop App
VAUL-5039: Record Type fields saving the translated label
VAUL-5041: Importing CSV with limited columns can throw an error
VAUL-5042: Can't view notes when Privacy Screen is ON and Masking is ON
VAUL-5049: Can't change the record type (causes crash)
Vault Version 16.2.6
Released on Oct 22, 2021
Improvements
KDE-1150: Support for CCH Axcess native app autofill
VAUL-4991: Changed Software License Number to a hidden field
Bug Fixes
KDE-1157: Improved support for Azure Conditional Access
KDE-1156: Remove use of legacy windows registry key which generates a report in Cybereason
VAUL-5036: Restore of Record Type records
VAUL-5018: Showing "unexpected error" when creating user accounts with a pending transfer acceptance
VAUL-5000: Prevent record copy when Record Type is restricted by role enforcement
VAUL-4978: When sharing is disabled, the action silently fails when adding a user to a shared folder.
VAUL-5014: Edit and Delete actions in the Grid View don't work
VAUL-4964: "Unknown sharing error" when the user's email has never been verified.
VAUL-4999: Error when trying to edit a custom Record Type when the type is restricted.
VAUL-5030: Importing records can generate an app crash
VAUL-4869: Import column selections don't persist when there are many fields to map
VAUL-5001: During import of CSV, column changes are lost when scrolling horizontally
VAUL-4934: Large number of image attachments in a record can generate errors when loading thumbnails.
Vault Version 16.2.5
Release ETA on Oct 18, 2021
Bug Fixes
VAUL-5024: Record Type records not syncing after activating Record Types
VAUL-5018: Showing "unexpected error" when creating account with a pending transfer acceptance
VAUL-4578: Account recovery failure on a new device
VAUL-5000: Prevent record copy when record type is restricted by role enforcement
VAUL-4978: When sharing is restricted, user receives no visible error when sharing and it fails silently
VAUL-4906: Unknown Sharing Error when email is not verified
VAUL-5023, VAUL-5017: Record type errors with Bank Account and Payment Cards
VAUL-5030: Browser Extension causes forced logout after importing records
Vault Version 16.2.3
Released on Oct 8, 2021
Support for Safari 15 automated password import
Vault Version 16.2.0
Released on September 14, 2021
New Features & Improvements
Support for Azure Conditional Access on the Keeper Desktop application for users who login with Single Sign On. Previously, Azure Conditional Access policies could not be added to Keeper.
Increased the number of special characters used in the password generator to this set:
!@#$%()+;<>=?[]{}^.,Support for cookie persistence on the Keeper Desktop application for users who login with Single Sign On. This reduces friction and steps for users who sign in often.
Support for additional SAML SSO identity providers and elimination of any browser type recognition issues.
Keeper Desktop now allows users to remain logged into their SSO identity provider. If you choose to remove Single Logout (SLO) from the SSO configuration, the user will not be logged out of their identity provider when they logout from Keeper. For more information about Single Logout configuration see the link below: https://docs.keeper.io/sso-connect-cloud/logout-configuration
🇺🇸 Support for the Amazon AWS GovCloud environment. Keeper is currently FedRAMP in-process and public sector entities can now establish their Keeper tenant in the GovCloud environment. Contact the public sector sales team at govsales@keepersecurity.com for more information.
Support for the upcoming Compliance Reports feature. The Vault will encrypt appropriate compliance data from records and send it to the Admin Console. There is no change to the end user experience in the Vault.
Added a Region Selector in login screens and KeeperFill for Apps
Users on the Web Vault are encouraged to download the Desktop App for performing automated transfer from LastPass.
Import from Bitwarden now supports TOTP seeds for Two-Factor Authentication.
Import from Bitwarden now supports multiple URL fields.
Bug Fixes
VAUL-4848: 1Password import not importing secure notes field
VAUL-4851: Safari Sierra and High Sierra not importing passwords
VAUL-4852: Import token invalid in AU region
VAUL-4543: User cannot save an address that does not have a title
VAUL-4586: Access Delay for Emergency Access displays incorrectly
VAUL-4640: Long security answer blocks user from using Account Recovery
VAUL-4797: Clicking the dice button on an existing record should not reduce the complexity.
VAUL-4911: Kaspersky import fails when the data contains certain reserved words
VAUL-4946: Card type not being displayed when typing in the credit card number
VAUL-4960: File drag-and-drop into a New record is not being saved on first try
VAUL-4941: Hebrew language is showing the TOTP code in reverse order
Multiple Record Types bug fixes. Learn More about the upcoming record types feature.
Vault Version 16.1.0
Released on June 28, 2021
Accessibility (508 Compliance)
Keeper has been making UI changes across all web-applications and browser extensions to comply with Section 508 of the Rehabilitation Act (29 U.S.C. § 794d). The Keeper Web Vault and Desktop App now supports keyboard navigation and they are compatible with popular screen readers and other assistive technology.
Features and Improvements
KDE-1079: Packaged an all new Safari browser extension with the latest features as Chrome, Firefox and Edge extension.
KDE-1080: Added support for Windows Hello role enforcement policy
KDE-1081: Upgraded the Electron framework to v12.0.9
VAUL-4692: Add clarification around the minimum security answer length requirements
VAUL-4588: Initial Support for 508 Compliance across Web Vault and Desktop Application
VAUL-4694: Unless disabled by role enforcement policies, users will be required to configure Account Recovery instead of indefinitely delaying
VAUL-4750: Simplified the new customer experience when purchasing Keeper prior to creating free Vault account.
VAUL-4822: Improved the embedded image viewer
VAUL-4092: Added Bitwarden to the available import formats
Bug Fixes
KDE-1092: LastPass automated import broken for certain users due to iterations settings.
VAUL-4830: 2FA enforcement with SSO user causes extension and vault to be out of sync during login.
VAUL-4836: Auto-suggestion drop-down fills the entire screen when there are very long URLs stored in the vault.
VAUL-4838: "Ghost" records in vault when deleting a shared folder containing an owned record
VAUL-4840: Gracefully handle scenarios where team keys cannot be decrypted
KDE-1073: UI issues caused when the vault logs out while push notifications are in front.
KDE-1085: Denying the password importer prompts can lead to a frozen Keeper Desktop app.
Vault Version 16.0.1
Released on May 21, 2021
This is a bug fix release that mainly focuses on the new Record Types feature (still in beta). Therefore most customers are not affected by the bug fixes listed below.
Bug Fixes
KDE-1077: Logout from KeeperFill for Apps generates an error
KDE-1067: Record Type creation not using the generated password
VAUL-4811: Australia data center link to Keeper Importer generates 404
VAUL-4784: Edit button missing
VAUL-4790: Decryption issue with Linked Record Types
VAUL-4786: Privacy Screen is hiding notes and custom fields
VAUL-4789: Uploading large number of files produces "throttle" errors
VAUL-4791: Decryption errors inside Shared Folders with Record Types
VAUL-4667: Error message when using Account Recovery flow
VAUL-4524: BreachWatch status failure with "status 400"
VAUL-4787: Vault grid view now showing new Record Type icons
VAUL-4800: Sharing and Emergency Access showing confusing messages
VAUL-4805: Deleting shared record not showing in Deleted Items
VAUL-4810: Newly attached files not creating record links, produces error with Record Types
VAUL-4825: BreachWatch admin reports not getting updated
Improvements
KDE-1072: Update Electron Framework to 12.0.6
Vault Version 16.0.0
Released April 26, 2021
New Features and Improvements
Introducing Record Types for Web Vault & Desktop App (Limited Release) This release introduces a powerful new feature called "Record Types", which gives users the ability to create records of various template types, grouped into categories, each containing a unique collection of field types and functionality fields within the record. Record templates can be created by Admins that are custom to the needs of the business. This feature is only available for Enterprise customers, activated on an individual basis at this time, because the Browser Extension, iOS and Android apps are still under development. If you are interested in being an early adopter of Record Types, please contact your customer success team member at Keeper and we'll activate the feature.
Generate a Password in KeeperFill for Apps Keeper's password generator is now within easy reach in the KeeperFill for Apps toolbar landing screen. Users can generate and copy the secure password or use it to create a new record.
Comprehensive Keyboard Command Functionality for KeeperFill for Apps
Support for NTLM Authentication for Microsoft Windows Customers
Bug Fixes
KDE-959: The "Session Timed Out" dialogue appears when logging into a different account after a session timeout occurs
KDE-1034: When a user attempts to switch from US to EU region at login, an Uncaught TypeError is returned
KDE-977: Selecting "Create an Account" in KFFA opens the login page on Keeper Desktop
VAUL-4721: The "Admin Console" button in the Vault fails to redirect Enterprise users to the console
VAUL-4516: Users are prompted for their 2FA code twice when logging into EU SSO Cloud account
Vault Version 15.2.0
Released April 3, 2021
Vault Version 15.1.0
Released on March 8, 2021
New Features
New "Shared Records Report" added to the Export screen: https://docs.keeper.io/user-guides/export-and-reports/shared-records-report
Bug Fixes
Operations that required re-authentication (e.g. export, reset master password, etc) were not accepting the password, if the session was resumed from a page reload or "Stay Logged In". This has been resolved.
Vault Version 15.0.18
Released on March 4, 2021
Features
KDE-990: Support for logout timer with more than 1440 minutes
Bug Fixes
KDE-1021: Errors when logging into Azure
VAUL-4643: Login hangs when a user converts from Master Password to Cloud SSO
VAUL-4644: Record "info" screen is not showing the user who made the change
KDE-839: Update Electron framework dependencies
KDE-1009: Update Electron framework
KDE-1005: Touch ID + Yubikey + using a backup 2FA method fails login
KDE-1007: Signing in on KeeperFill for Apps using SSO and Duo not receiving verification email
KDE-1013: Clicking to copy a field sometimes didn't copy
KDE-1011: Better handling of Logout Timer setting
KDE-990: Logout Timer improved handling and support for more than 1440 minutes
KDE-1018: Windows Hello activation issue on Microsoft Store version
Vault Version 15.0.16
Released on February 15, 2021
Vault Version 15.0.15
Estimated Release Date: February 5, 2021
Vault Version 15.0.14
Estimated Release Date: January 22, 2021
Improvements
VAUL-4589: Support for Avast password import
Bug Fixes
KDE-991: KFFA allows for special characters during hotkeys setup
KDE-993: Defined hotkeys are still active when the Vault window is closed
KDE-994: Keeper Desktop app fails to install on Windows 10 20H2
VAUL-4557: Error message intermittently appears upon logout
Vault Version 15.0.13
Estimated Release Date: January 8, 2021
Vault Version 15.0.12
Estimated Release Date: December 31, 2020
Improvements
VAUL-4547: Support for Kaspersky password import
VAUL-4552: Admins now receive a warning before removing themselves from a shared folder
VAUL-4566: Improved performance handling of vaults with large data sets
VAUL-4551: Enterprise users to receive notification with explanation for Master Password change and complexity requirements upon login
Bug Fixes
KDE-945: User receives error message after closing Desktop App and relaunching
KDE-962: "About Keeper" options menu fails to appear after first launch of Desktop App on Windows
KDE-972: KeeperFill for Apps fails to respond to hotkeys when switching between apps
KDE-973: Recipient of a shared record is required to login again after the shared record has been edited
KDE-903: Hotkey "CMD+TAB" focuses on KeeperFill for Apps when hidden instead of Desktop App (Mac)
VAUL-4560: Deleting a record shortcut also deletes the original record
VAUL-4468: Importing CSV records with "can edit" permission does not set permission
VAUL-4562: Entering an email address with a trailing space at login generates an error message
VAUL-4574: Sharing a folder causes login errors for the sharing user
Vault Version 15.0.11
Released December 14, 2020
Bug Fixes
VAUL-4549: Unable to reset Master Password with Browser Extension v15.0.2 installed
VAUL-4548: Master Password reset hangs when session is resumes via "Stay Logged In" feature
VAUL-4556: Shared folder/record invitation is not appearing on login
KDE-975: Javascript error appears when opening Desktop Electron from Safari Extension
Vault Version 15.0.10
Published on December 8, 2020
Special Notes
Password Complexity requirements are checked upon every login, not just during Master Password Reset. If you have a user being asked to change your Master Password, they are likely using a password that does not meet the policy requirements.
Keeper prompts for 2FA prior to Master Password entry. This is part of our new Login V3 security model.
New Features
VAUL-4470: Addition of "Stay Logged In" on the Settings > Security screen.
VAUL-4539: Automated Safari / iCloud Keychain password import
Improvements
KDE-868: Improved handling of KeeperFill for Apps filling through ConnectWise Control
KDE-951: Improved handling of Microsoft 2FA token when scanning into the vault record
KDE-870: Implementation of more secure "Copy" feature utilizing Microsoft API (Learn More)
KDE-948: Allow KeeperFill for Apps widget to be moveable
KDE-950: Implement basic keyboard navigation for KeeperFill for Apps menu system
VAUL-4499: Increase length of Password Generator maximum length
VAUL-4190: Right-click on "My Vault" to provide quick functionality within the vault
VAUL-4495: Direct all new users to install of v15 Browser Extension instead of v14
VAUL-4470: Improved handling of "Stay Logged In" feature across Vault, Desktop App and Extension
Bug Fixes
VAUL-4502: Very large Keepass imports timing out
VAUL-4492: Duo Push not adhering to 2FA duration setting for re-prompt
VAUL-4511: PDF Export failing with error
Stay Logged In
This feature keeps the user's session active for the amount of time as set by their Logout Timer, even between browser and computer restarts.
For example if your logout timer is set to 30 minutes, you'll stay logged into Keeper for 30 minutes no matter which browsers you open and close, or if you restart your computer. "Stay Logged In" has been our most highly requested feature from customers.
Turning Off Stay Logged In
If you don't want this feature enabled, and you would like to disable this capability for yourself or all your users, there are two ways of controlling it:
(1) From the Admin Console go into the Role > Enforcement Policies > Account Settings and turn on the "Disable Stay Logged In" option. This will restrict the feature for users in the role and they will be unable to turn this feature on.
(2) For your own account, open the Keeper Desktop Application and go into Settings > Security and turn off Stay Logged In.
Vault Version 15.0.9
Published on October 22, 2020
Bug Fixes
VAUL-4472: "Salt/Iterations" error message when Master Password user tries to login with the SSO Alternate Master Password login screen.
VAUL-4491: Unable to login on Chromium Edge from Extension in Microsoft Store version.
VAUL-4494: Occasional failure to process Admin Approval for device approval step.
VAUL-4265: Pressing "Enter" key while entering text in Japanese characters had unexpected results.
KDE-941: Unexpected Logout occurring even if "Stay Logged In" enabled.
Vault Version 15.0.8
Released on October 16, 2020 @ 10PM PST
Bug Fixes
VAUL-4487: Users who created their account prior to several years ago, who are part of an Enterprise without a Master Password policy, with a Master Password that is less than 10 characters, are being prompted to change their Master Password upon logging into the vault. However, the resulting flow is not enforcing the 10-character minimum, so the user may enter into a confusing loop. This issue is being fixed EOB today.
Improvements
KDE-940: Removed legacy PBKDF2 Iteration settings
KDE-939: "Stay Logged In" setting now appears on the Keeper Desktop application.
Vault Version 15.0.7
Released October 16, 2020
Bug Fixes
KDE-933: Fix for minor UI display issue
KDE-932: User unable to proceed past 2FA timeout screen and return to login upon clicking "OK" button when prompted
VAULT-4478: Unable to login with SSO Cloud v15 in these scenarios: (1) Existing vault user, adds v15 extension, logging into the vault doesn't also login to the extension. (2) New vault device and new browser extension device, unable to login to the vault. The "push" screen blinks and hangs.
VAUL-4482: User receives "You do not have the required privilege to perform this operation." when resetting their Master Password.
VAUL-4483: User registration emails to create Vault with a Master Password do not work if the browser extension is pre-loaded on the device prior to receiving the invitation.
VAUL-4484: User logging into the Extension is forced to change Master Password when complexity rules change. However, the Web Vault was not forcing prompt.
VUL-4479: Account Recovery + Duo Push providing "invalid code" after submitting.
Vault Version 15.0.6
Released October 10, 2020
Enhancements & Benefits
VAUL-4459: SSO Cloud users are able to auto-login and logout to the vault and browser extension simultaneously.
VAUL-4400: Implementation of file attachment support for KDBX file format
KDE-929: At login, the region automatically defaults to the region the user most recently has used
Bug Fixes
VAUL-4471: The vault stores a cache for vault_login, overwriting new user Enterprise email invitations
VAUL-4463: Excessive update_security_data requests are dispatched
VAUL-4427: User unable to connect via Cloud SSO using Edge 44 and Firefox browsers
VAUL-4311: Fix to allow the import of empty custom field values
KDE-926: DUO push fails in EU accounts
KDE-923: Windows Hello login fails in EU accounts
KDE-919: "Clipboard Expiration" option missing from Settings menu
Vault Version 15.0.5
Released September 1, 2020
Features & Enhancements
Login V3 General Availability (GA) More information available here: https://docs.keeper.io/enterprise-guide/login-api-v3
Support provided for Touch ID and Windows Hello Login at the expired session screen
Bug Fixes
Fixed: Accounts containing imported passwords do not calculate audit scores correctly.
Fixed: Various login screen display issues causing various login/logout side effects (Safari).
Fixed: When a user attempts to close the quick start module upon first login to the Web Vault, an error is triggered and window closes.
Fixed: Logging out while in Offline Mode, generates an "Internal Error" message.
Fixed: Canceling a Windows Hello Login, generates an "Error" message.
Fixed: KeeperFill for Apps crashes when user attempts to search their records.
Fixed: User unable to back out of the login screen once "Touch ID " is selected (Mac OS).
Vault Version 15.0.4
Released September 18, 2020
Vault Version 15.0.3
Released September 11, 2020
Benefits & Enhancements
Support Email Address Change - Enterprise (SSO) users now have the ability to change their email address from their Vault (if role enforcement policies allow).
Bug Fixes
Fixed: The "record_open" ARAM event sends duplicate requests to the server when users are opening a record.
Fixed: Users are prompted for 2FA Keeper Push approval twice.
Fixed: First time login to the web vault from the browser extension fails in Firefox browsers.
Vault Version 15.0.1
Released September 4, 2020
Vault Version 15.0.0
Released September 3, 2020
Benefits & Features
New "Help" Button - A "Get Help" button has been integrated into the Vault login page. Upon clicking this button, the user will be prompted to select either "Forgot Master Password" or "Get Help". "Get Help" redirects the user to Keeper's Support page where our user guides and Support Team can be reached.
Enhanced Enterprise Authentication Flow - Keeper has launched a new authentication flow for our customers with Enterprise plans that simplifies deployment and usability while enhancing security.
If Keeper recognizes an end user’s email domain as an SSO-enabled Enterprise, the user will be automatically routed to their identity provider instead of having to type in the Enterprise Domain string.
For Master Password users, if a device is recognized, and 2FA is activated, the user will receive a prompt prior to typing in their Master Password.
Keeper Push, Keeper’s proprietary notification-based device approval system, simplifies the device approval process without compromising security. Keeper will now support 2FA code entry from a TOTP or text message, or a push notification to an existing, recognized device.
Bug Fixes
Fixed: An error message fails to appear when a user has reached device approval limit.
Fixed: Upon logging into the vault, the device approval Keeper Push prompt displays a key value.
Fixed: When an SSO user attempts to delete all their owned records they a incorrectly prompted to enter a Master Password.
Fixed: An internal error message appears after a user denies DUO push verification.
Fixed: InvalidKey error message appears in place of the correct KeePass translation string during import process.
Vault Version 14.14.1
Released June 12, 2020
Bug Fixes
Fixed: The import instructions from a ZOHO file are incorrect causing fields to not parse correctly.
Fixed: User receives error when attempting to import a .csv file with three fields.
Fixed: Import instructions missing for JSON files.
Fixed: Automated import form LastPass is unresponsive and no longer displays progress animation.
Vault Version 14.14.0
Released June 9, 2020
Features & Enhancements
Privacy Screen - Admins now have the ability to control the viewing (unmasking) of passwords based on a specified domain. Additionally, it prevents the user from changing the website URL after the record has been saved. This policy is enforceable by the Admin for individual domains within each of their Generated Password Complexity settings by enabling "Apply Privacy Screen".
Master Password Re-entry Enforcement - This role enforcement allows Admins to require their users to re-enter their Master Password in order to unmask or copy a password.
Sharing & Uploading Enforcement Policy - This role enforcement policy allows Admins to prevent their users from importing records from Web App and Desktop App.
Bug Fixes
Fixed: "Can Edit" and "Can Manage" text is not translated when a user attempts to import from a JSON file. Instructions for the JSON import feature have been updated and can be referenced here.
Fixed: New user accounts prematurely display step 3 of the "Quick Start" walkthrough as completed.
Fixed: Various issues related to the privacy screen feature within the Admin Console.
Fixed: KeeperFill for Apps crashes when unlocking in offline mode.
Fixed: The Keeper icon is missing from the dock on Linux operating systems.
Vault Version 14.13.3
Released May 19, 2020
Benefits & Enhancements
Password Importer Update - The Keeper Import Tool has been updated to version 14.0.6, supporting Brave, Chromium and Edge browsers along with several bug fixes.
Bug Fixes
Fixed: KeeperFill for Apps crashes when a viewed record is deleted or transferred.
Fixed: Record edits made in KeeperFill for Apps are not displayed until after the user logouts/logins.
Fixed: 401 error appears when a user redirects between US and EU accounts.
Fixed: Users receive "exceeded_depth" error message in an attempt to delete a root folder with a large quantity of subfolders.
Fixed: Issues with DUO push for back-up Two-Factor Authentication method and "Forgot Password" flow.
Vault Version 14.13.2
Released May 5, 2020
Benefits & Enhancements
Support for Chrome v80 Password Import - Support established for the import of passwords from Chrome v80 and newer on Windows devices.
Bug Fixes
Fixed: A blank page appears when a user navigates first to the Sharing feature of a record then to Security Audit.
Fixed: A user receives "device_id" error upon editing an record.
Fixed: Issue preventing a user from saving Personal Info after an edit has been made.
Fixed: After the 2FA duration enforcement change has been made, system is unresponsive to DUO Push verification.
Fixed: Creating a new account following a login to an SSO account, triggers an error notification.
Vault Version 14.13.0
Released April 16, 2020 for Desktop App
Benefits & Enhancements
KeeperFill for Apps Redesign - This release entails a comprehensive design and technical update of KeeperFill for Apps, dramatically enhancing the user experience with the Keeper Desktop App. The Desktop App window can now be closed but remain running and accessed through the system tray via the familiar Keeper icon.
Many of the existing features of Keeper's Desktop App can now be applied through KeeperFill for Apps, such as: filling credentials and launching websites, viewing all records and favorites, adjusting settings, and accessing Keeper's User Guides. Additionally, within the Settings menu, the following KeeperFill hotkey actions can be customized by the user, further streamlining their experience with Keeper for Desktop:
Launch KeeperFill
Fill Username
Fill Password
Open Desktop App
Logout
Bug Fixes
Fixed: Users are not able to save a new billing address when it is created within the New Payment Card window.
Fixed: The shadow of KeeperFill for Apps remains behind after the window has been closed.
Fixed: In certain scenarios, a password import from newer versions of Firefox cause the Keeper Desktop App to crash.
Vault Version 14.13.1
Released April 12, 2020
Vault Version 14.13.0
Released April 8, 2020 for Web Vault
Benefits & Enhancements
Imported Browser Password are Now Viewable - In order for users to verify what passwords have been successfully imported from their browser, the password characters are now viewable by clicking on the eye icon upon import.
Bug Fixes
Fixed: Users receive two error messages during the import process from the KeePass database causing the import to fail.
Fixed: An error message is received when a user attempts to cancel out of "Find Duplicates" from the Settings menu.
Fixed: Empty subfolders are not included in a user's attempt to export from a .csv file.
Fixed: The Recent Activity log in the admin console incorrectly reports a "changed identity" event when a user creates a new identity in the Personal Info section of their vault.
Vault Version 14.12.5
Released April 7, 2020
Vault Version 14.12.2
Released March 24, 2020
Bug Fixes
Fixed: "Sharing" screen fails to open when accessed from BreachWatch view.
Fixed: Following a user's attempt to "Reset Keeper", the application fails to close.
Fixed: Uploaded files over 4GB hang indefinitely at the end of buffering, preventing the user from saving the record.
Fixed: Google IDP prevents some users from logging into SSO due to disabling Google's "Less secure app access".
Vault Version 14.12.1
Released March 19, 2020
Bug Fixes
Fixed: A blue error screen appears when logging into the desktop app with U2F (universal 2nd factor)
on MacOS (High Sierra).
Fixed: Encrypted files are not uploading properly causing the user to receive an error message.
Fixed: The "Empty Trash" function within Recently Deleted records is not working properly.
Vault Version 14.12.0
Released February 28, 2020
Features & Enhancements
Support for Windows Hello This release introduces Keeper's compatibility with Windows Hello (available on Windows 10), a biometrics-based technology that allows users to authentic and log in to their Windows device using biometric facial recognition, fingerprint reader, or pin.
If Windows Hello is enabled on a user's device, this eliminates the requirement for users to enter their Master Password at the Keeper login screen, further expediting the login process.
Users can enable "Windows Hello Login" within their Vault's security settings. In doing so, at their next login to Keeper, Windows Hello will attempt to authenticate the user's identity. Once authenticated, the user will automatically be logged into Keeper.
Support for Windows Hello for Business is also included in this release.
Bug Fixes
Fixed: Imported records from Password Boss are missing the URLs if they are contained under the "login_url" key.
Fixed: Users that have an apostrophe in their email address receive an error message denying them access at the login screen.
Fixed: Creating record shortcuts between shared folders are unsuccessful in certain scenarios.
Vault Version 14.10.4
Released February 20, 2020
Vault Version 14.10.3
Released February 13, 2020
Vault Version 14.10.2
Released February 5, 2020
Features & Enhancements
Support for Chromium-based Edge Extension - Keeper now supports communication with the Chromium-based Edge Extension recently available in the Microsoft Edge Addons Store.
Password Import Instructions Update - password import instructions for csv files have been created for various password managers.
Bug Fixes
Fixed: Some third party components of the Keeper desktop app that are not up to date.
Fixed: External displays not detecting previous position of desktop app and returning it to the primary or current display if disconnection occurs.
Fixed: Incorrect prompt received when user launches site from a record's URL on the updated Chromium-based Microsoft Edge browser.
Fixed: Issue causing the Web Vault to prompt for the 2FA token after user logs into the browser extension and opts to remember 2FA token.
Fixed: When creating an account, emails containing special characters are incorrectly being rejected, prompting an invalid error message.
Fixed: Password Boss import failures.
Fixed: Errors received when a user proceeds to log in to the Keeper browser extension upon logging out of their Web Vault (Firefox).
Fixed: Importing records into a shared folder does not inherit the default folder settings that are enabled.
Vault Version 14.10.1
Released January 10, 2020
Vault Version 14.10.0
Released January 2, 2020
Features & Enhancements
Launch Icon - A launch icon has been integrated into KeeperFill, allowing users to quickly navigate to a record's URL with one click from within their Vault.
Password Boss Added as Import Option - Password Boss has been added to the extensive list of existing password managers users are able to import their passwords from (JSON file).
Bug Fixes:
Fixed: Once configured, custom hotkeys for KeeperFill are not functioning properly when user closes and reopens app.
Fixed: Desktop version does not retain the device token for two-factor authentication if a Web Vault enforcement is set (Enterprise customers).
Fixed: Issues regarding Touch ID, including the added visibility of a prompt to initiate Touch ID at the login screen.
Fixed: When registering for a new account (SSO), user receives an error message indicating their email address is already in use with that Enterprise SSO Login.
Fixed: A blank screen appears when records are filtered to view only those with TOTP codes.
Fixed: Language updates are not automatically reflected in the "Identity & Payments" section.
Vault Version 14.9.12
Released December 23, 2019
Vault Version 14.9.10
Released December 23, 2019
Vault Version 14.9.9
Released on December 23, 2019
Vault Version 14.9.8
Released on December 23, 2019
Vault Version 14.9.7
Released on December 23, 2019
Bug Fixes:
Fixed: Breach Watch performs an infinite scan when account contains 1000+ records.
Fixed: Double error message appearing in personal information section when logging in with emergency access.
Fixed: Duplicate records are not recognized when importing a previously exported .csv file.
Fixed: After session timeout at login screen, email field is locked and user unable to input email address.
Vault Version 14.9.5
Released on December 23, 2019
Vault Version 14.9.4
Released on October 17, 2019
Features & Benefits
Support for 2FA using Duo + Yubikey hardware security keys in OTP mode. When presented with Duo authentication, simply tap the Yubikey device and the OTP code is verified by the Duo Auth API integration.
Improved the search algorithm of KeeperFill for Apps to mirror the search results of the Keeper Desktop main screen. This includes finding records stored within shared folders as well as custom fields.
Upgraded the electron framework from 6.0.7 to 6.0.11.
Upgraded the Keeper Safari Extension version to mirror the latest features and enhancements of KeeperFill Browser Extension v12.5.8.
Enhanced the Import/Export capabilities to include stored Two-Factor Codes.
Added color codes at the record level inside "Grid View".
After auto-logout, user can tap on Touch ID in touch bar to activate biometric login.
In the Folder View, you can now click on the chevron icon to expand/collapse the folder without selecting the folder.
Bug Fixes
Fixed: When IP allowlisting on a role is enabled, logging into Keeper Desktop gets a dialog that has "Work Offline" as an option, but this does not work.
If offline mode is allowed, the user should be able to work offline if IP is blocked.
Fixed: Small UI and visual alignments.
Fixed: When using KeeperFill for Apps over a remote connection (e.g. Remote Desktop or other remote access tools), the password injection sometimes sends the wrong character codes.
Fixed: Push notifications received while editing a record cancel the operation.
Fixed: Some competitor imports are not mapping every field.
Fixed: Shared folder names are not included in PDF export feature.
Fixed: Account recovery fails with confusing error message when the user is attempting the recovery within the wrong data center login domain.
Security Updates
Resolved: A potential cross-site scripting exploit was found by Adam Roberts of NCC Group in one of the Keeper Desktop application popups related to the security certificate warning when connecting to a network proxy. The popup message on the Keeper Desktop application included information from the signed certificate to the user via the proxy. An iFrame in the certificate warning pulled information from the network proxy which could contain injected content. Although Keeper's Content-Security-Policy disallows inline scripts from executing, Adam pointed out that an iFrame can open a local asset and potentially be a source of vulnerability. In order to exploit this, a user would need to first download a file to their local desktop and then connect to a network proxy which injected content via the certificate content. To prevent this from becoming a vulnerability, we now disallow iFrames via the Content-Security-Policy. Special thanks to Adam Roberts of NCC Group for reporting this bug.
Vault Version 14.9.2
Released on September 23, 2019
Features & Benefits
Support for HTTP Proxy devices in Enterprise environments
Bug Fixes
Improved the ability to edit long notes
Fixed: Copy Function on IE is not consistently copying data to clipboard
Fixed: Importing password screen is not working correctly on IE
Fixed: Cannot upgrade free trial account in IE 11
Update "Try Keeper for Business" link to new landing page.
Vault Version 14.9.1
Released on September 15, 2018
Features & Benefits
Implemented more efficient record import that uses one API call instead of one per record.
Improved messaging when re-directing a user from US to EU data center (or vice-versa)
Changed the default password generator length to 20 characters
Notify user on the Web Vault to download the Desktop App in order to utilize the 2FA scanning feature.
Replaced Lastpass export instructions with automated export instructions
Bug Fixes
Removed Hard-coded error string when account recovery not available
Fixed: 2FA screen localizations
Fixed: List view not showing color tags
Fixed: 2FA Duration storage setting ignored on initial setup
Fixed: Unable to setup 2FA if self destruct checkbox was toggled off/on
Fixed: 2FA Code Duration enforcements are are not honored by the client user interface (forcing users to enter 2FA every login). Visual issue, not any 2FA bypass or security vulnerability.
Fixed: Deep link into account recovery does not bring up the recovery UI
Fixed: Pasting info to the notes section using the right-click overwrites the selection
Fixed: Right click > Paste doesn't work for 2FA TOTP codes in Facebook
Fixed: Master Password verification window for PDF Export inconsistent among browsers.
Fixed: Records with German UTF8 characters fails to Import correctly
Vault Version 14.9.0
Released on August 29th, 2019
Enhancements & Benefits
This release encompasses the new two-factor authentication functionality including TOTP and a couple of feature improvements along with bug fixes. Below you can find the summary of these items and their benefits.
Two-factor Authentication - This release adds new two-factor authentication functionality to our existing list of capabilities. The new method using TOTP (Time-based One-time Password) adds
tokens to records which are unique time-based multi-digit codes commonly used by websites and apps for two factor authentication and makes the capability available across the Chrome Web Store, Mozilla Add-ons and Windows Store. TOTP covers the following functionality:
Protects Two-Factor Codes in an encrypted vault record
Prevents lost access to a Two-Factor Code due to continuous backup
Synchronize Two-Factor Codes to multiple devices and computers
Sharing of Two-Factor Code among individual users & teams
Autofill capability for Two-Factor Codes
Emergency Access to your vault
Account Transfer of a user’s vault with Two-Factor codes to admin when off-boarding
Free trial users are restricted to 2 TOTP-enabled records
Improvement of the account recovery process
Bug Fixes:
Fixes related to Apple Watch 2FA verification
Fixing issues with export to .csv functionality
Fixing breadcrumb being cut-off in the event that the text is too long
Vault Version 14.7.0
Released on July 25, 2019
Features & Benefits
Added support for Password Generator Complexity enforcement policy
Added ability to immediately transfer ownership of a record to another Keeper user from the "Share" screen.
Note: If more than one email is specified, the first user will receive ownership and the subsequent emails will be re-shared back to the record.
Bug Fixes
Astericks (*) in Website URLs are removed
Payment Card country selector improvement
Password strength meter disappeared on certain views
Password generator bug fixes
Vault Version 14.5.1
Released on May 16, 2019
Bug Fixes
Resolved: User moved from non-SSO to SSO enabled node unable to complete registration
Resolved: Self Destruct on Mac Store App version not working
Resolved: SSO Login to vault not compatible with Keeper SSO Connect v11.
Resolved: IE Extension vault redirect produces error message
Resolved: Vault Safari install links pointing to old Safari version
Vault Version 14.5.0
Released on May 14, 2019.
Features & Benefits
Added new "Duplicate Record" feature that is available from the right-click menu and the record "Options" view. This feature will duplicate all record fields including file attachments and place the record in the same folder location. Shares will NOT be duplicated.
Added generic "Copy" and "Paste" items to the right-click menu inside vault.
Record History moved into the (info) screen:
Known Limitations
"Create Duplicate" feature only works for owned records
Bug Fixes
IE language selection
SSO login issues with IE
Enterprise Admin receiving upgrade prompt on file storage
Various encryption related bug fixes
German translation issues
Additional handling for Offline Mode if Amazon AWS has any outage situations
Ensure Self Destruct is activated when the incorrect password is entered while offline
Ensure proper redirects occur if US-based user attempts to login to EU data center
Blocked user unable to accept transfer consent
Drag & Drop file upload issues with Mac Store App
Vault Version 14.4.7
Released on April 30, 2019
Features & Benefits
Added capability for supporting the new Safari 14.1 extension
Bug Fixes
Resolved SSO Login issues when a mixed-case email is provisioned
Resolved SSO account registration failure if a different user previously logged in with "Remember Email" set.
Resolved "Bad client key" error
Several other minor bug fixes
Vault Version 14.4.1
Released on April 16, 2019
This release is focused on bug fixes and performance improvements for the Web Vault and Desktop App platform.
Desktop App Issues Resolved
Step 2 of onboarding was skipped in certain flows
Shortcut key to quit in Fedora Linux didn't work
Improve speed of vault lockout when logout timer triggered
Two-Factor Authentication SMS codes generated when network connection changes state
Web Vault Issues Resolved
CPU and Memory usage spikes due to enhanced crypto levels
Thumbnail empty after restoring record
Region redirect between US and EU regions resolved
Localization / Translation outstanding issues
Admin Console link from Internet Explorer not working
"Action Restricted" error message
Dragging a file into the vault duplicates the file
Clicking "x" on the share invite popup denies the invite
Design of Payment Card screens does not match design spec
Security Question box shrinks on the screen on certain browsers
Error messages when attempting to share a record within Emergency Access
Phone number should not be required to save a personal information object
Inconsistency with the number of "dots" displayed when masking passwords
On launch website using "Don't Ask Again" open the site in frameless window
German translations missing in BreachWatch screens
UI / Design issues in Internet Explorer
Enrollment in Duo with redirects are resolved
"Next" button on onboarding flow does nothing in certain cases
SSO Domains with whitespace break hyperlink invites
Issues with Safari 11 accessing the vault on older Mac OS versions
First install of extension logs you out of vault and SSO
Mixed-case email address fails account recovery (forgot password)
New Features & Benefits
New "Launch" feature integrated into the Tile and List views on rollover to reduce clicks
Improved user interface and animations
Added additional "Emergency Access" delay timers (up to 3 months) for consumer customers
Vault Version 14.4.0
Released on March 28, 2019
Features & Benefits
For Business & Enterprise users the web vault now supports the ability to work offline. When an online connection is lost the vault will switch over to "Offline Mode" as indicated at bottom of vault.
While offline users can view the vault contents in a read-only manner, a won't be able to add new records or folders.
The offline vault is updated whenever you are back online. When logging in a "lightning bolt" next to your email address will indicate whether your vault will be available when offline.
If you don't want to vault to be stored on your local device you can click the "x" by your login email name.
Added "Right Click" option to create a new record from the vault screen
Added Admin Console link on the left-hand navigation (for Admins Only)
Bug Fixes
Resolved password importer issues with Internet Explorer
UI issues in custom fields and long notes
Properly redirect the user to EU vault when logging in on the US vault
Removing image on personal info screen does nothing
Can't view a file immediately after uploading
Master password strength not reported to Admin Console until record creation
BreachWatch screen showing old scan results for free users
Reduced number of duplicate records created by Import Tool when using multiple browsers
Special Notes
SSO Users can login with Master Password option only if permitted by Keeper Administrator
Offline mode must be enabled by the Keeper Administrator
Vault Version 14.3.0
Released on February 28, 2019.
Enhancements & Benefits
New modern user interface with expandable side-menu navigation
Improved clarity around Shared Record and Shared Folder permissions
KeeperFill for Apps now supports YubiKey / U2F authentication
KeeperFill for Apps provides more feedback on login flow
Password importer on Web Vault includes a process flow update to improve reliability
Available on Web, via Browser Extensions, and for the Apple Mac desktop.
Video Demo
For a demo of the new Web Vault see the video below.
Bug Fixes
Logout Timer enforcement policy is now set to the exact value specified by the Keeper Administrator. The user can reduce the logout timer setting from the default, since that will increase the security level.
Restoring a record causes the "Resolved" checkbox to show.
Other visual / UI related fixes
Coming Soon
Version 15.0 is a major release coming soon which contains the below features:
100% full offline mode on the Web Vault and Desktop App platform
Ability to set a Master Password for SSO users to login while offline or disconnected from the identity provider (enabled via Admin Console)
Vault Version 14.2.1
Released on January 22, 2019
This release was an emergency update to fix a bug introduced in version 14.1.1. This bug was responsible for increased network traffic and API calls to the Keeper backend system, which caused latency and API failures. More details were posted on the Keeper Security Status Page (https://statuspage.keeper.io).