1 of 100

User Guides

Keeper End-User Guides

Guides for consumer and business end-users on desktop and mobile devices.

About Our Security

Keeper is a Zero-Knowledge platform. The data stored in a Keeper vault is encrypted and decrypted locally on the user’s device. Check out this blog article which reviews how Keeper protects your information:

For a more in-depth technical description of our encryption model documentation.

Keeper Security employees have no ability to decrypt customer data, because the encryption keys are managed by the customer. In addition to zero knowledge architecture, Keeper supports a number of two-factor authentication methods including FIDO2 WebAuthn devices, Google Authenticator, Microsoft Authenticator and SMS. Keeper Security is SOC2 Certified, ISO 27001, 27017 and 27018 certified, FedRAMP Authorized, StateRAMP authorized.

User Guides

Web Vault & Desktop App
KeeperFill for Apps
KeeperFill for Chrome
KeeperFill for Firefox
KeeperFill for Safari
KeeperFill for Edge
KeeperFill for Opera
iOS
- Autofill & Passkey Setup for iOS
Android
- Autofill & Passkey Setup for Android
Passkeys
Enterprise End-User Setup (Master Password Login)
Enterprise End-User Setup (SSO Login)
Command-line CLI (Commander)

Enterprise Guides

Helpful Links

Quick Start Guides

The following Quick Start Guides will walk you through the setup steps and main features of Keeper for Web Vault & Desktop App, iOS, and Android.

Web Vault & Desktop App
iOS - iPhone & iPad
Android - Phone & Tablet
BreachWatch
Secure File Storage
Keeper Family Plan
KeeperFill for Apps
Import Passwords from Browsers
Tips & Tricks
Troubleshooting

Install for Chrome

Installation instructions for KeeperFill for Chrome, Brave and other Chromium-based browsers.

Chrome Web Store Install

Visit the link below to install Keeper Password Manager & Digital Vault from the Chrome Web Store.

In order for Keeper to be visible in your toolbar at all times, click on the puzzle icon and then the pin icon next to Keeper Password Manager.

Keeper needs to be enabled on all sites by default. To confirm, navigate to the extensions options screen. Site access should be enabled "On all sites".

Disable Chrome Built-In Password Manager

We recommend that you disable Chrome's built-in password saving features.

Navigate to: chrome://password-manager/settings and ensure all autofill features are disabled.

Install for Firefox

Installation instructions for KeeperFill for Firefox.

Firefox

Visit the link below to download Keeper Password Manager & Digital Vault from Firefox Browser Add-ons.

Once installed, the Keeper icon will appear in the upper right corner of your web browser window.

Next we recommend you disable your browser's built-in password saving features:

In the upper right corner of your browser click on the Menu Icon (3 horizontal lines) and select Settings > Privacy & Security.
Under "Logins and Passwords", uncheck the box next to "Ask to save logins and passwords for websites".

To ensure you are using the latest version of KeeperFill and allow Keeper to run in private windows, enable both of these settings (pictured below) from the Keeper extension menu. Right-click on the Keeper extension icon in the upper-right corner of your browser window and select "Manager Extension".

Private mode on Firefox only currently works if you login from the Web Vault. Logging in directly from the browser extension will not login to Keeper.

Install for Safari

Installation and usage instructions for the KeeperFill extension on Safari.

Safari

(1) Visit the link below to download Keeper for Safari from the Mac App Store.

(2) Open your Safari browser and navigate to Safari > Preferences > Extensions.

(3) If you have an existing KeeperFill extension, uninstall it.

(4) Activate the newly downloaded Keeper Password Manager extension by clicking the checkbox.

(5) At some point you will be asked for permissions. Make sure to select "Always Allow on Every Website" so that Keeper can work across websites that you visit.

(6) Now the KeeperFill extension should be displayed in your browser toolbar. However, you may need to restart Safari in order for the Keeper icon to appear.

(7) We recommend that you disable Safari's built-in autofill features. Open Safari > Preferences > AutoFill and disable "user names and passwords".

It is important to allow Keeper to operate on all websites. This permission allows Keeper to autofill passwords and save passwords on the sites you login to. Keeper is a zero-knowledge product and does not monitor, store or track any site you visit, or your browsing history. See our Privacy Policy with any questions or concerns.

Troubleshooting

Crash after install: If a user installs Keeper for Safari on both M1 Mac and Intel Mac at the same time via the "Share Across Devices" feature of Safari, it may require taking the following action:

Open your Safari browser and go to Safari > Preferences > Extensions.
Disable and enable the Keeper for Safari extensions.
Try to launch Keeper again.

Install for Edge

Installation instructions for KeeperFill for Edge.

Microsoft Edge

Visit the link below to download Keeper Password Manager & Digital Vault from Microsoft Edge Addons.

In order for Keeper to be visible in your toolbar at all times, click on the extensions puzzle icon then click on the eye icon next to Keeper Password Manager to "Show in Toolbar".

Disable Built-In Password Manager

Next, we recommend that you disable Edge's built-in autofill features.

Click on the Edge menu icon and select Settings and under "Microsoft Wallet".
Click Passwords > Settings.
Disable "Offer to save passwords" and "Autofill passwords and passkeys".

Install for Opera

Installation instructions for KeeperFill for Opera.

Opera

Visit the link below to download Keeper Password Manager & Digital Vault from the Chrome Web Store.

In order for Keeper to be visible in your toolbar at all times, click on the extensions box icon and then the pin icon next to Keeper Password Manager.

Enterprise Deployment

Deploying the Browser Extension through group policy

For business customers, see Keeper's Enterprise end-user deployment guide:

Autofill & Passkey Setup for iOS

Setup guide for Keeper's autofill & passkey features, KeeperFill for Apple iOS (iPhone, iPad) devices.

Overview

Keeper is fully integrated into the login experience of every website and app using the Passwords button that appears above your device's keyboard.

Autofill supports the following features:

Passwords
Two-Factor (TOTP) codes
Passkeys

Setup

iOS 18 and Above

With the update of iOS 18, you can enable KeeperFill directly from the Keeper app in one quick step. From the Settings menu, tap Enable KeeperFill > Turn On.

iOS 17 and Below

Before you can utilize KeeperFill's autofill features, you will first need to perform a few simple setup steps:

Open your device's Settings app.
Scroll down and select Passwords.
Tap Password Options and ensure "AutoFill Passwords" is toggled on.
Select Keeper below both "Allow filling from" and "Set up Verification Codes using"
Follow the prompt and uncheck all other password managers (including keychain).

To learn how to set up 2FA for websites and apps, click .

Autofill

Once the setup steps are complete, you will see a Passwords button appear above the keyboard when logging into an app or website. Tapping Passwords will launch KeeperFill.

If you subscribe to iCloud+, you may need to tap the key icon to the right of "Hide My Email" to open KeeperFill.

KeeperFill will present a matching record from your vault. Alternatively, you can search for a record or create a new record. If there is a record match, tap Fill to autofill your login credentials.

Two-factor codes will be automatically copied to your clipboard when possible. To copy a code manually, tap the copy icon next to the code and when prompted paste the code into the field provided.

Passkey Setup

Passkey Setup follows the same steps as turning on autofill however, the settings page on your device running iOS17+ will have updated verbiage to reflect the latest options.

Launch the Settings app on your iOS device and select Passwords.
Next, choose Password Options.
Toggle ON AutoFill Passwords and Passkeys.
Then tap Keeper so a blue tick appears. If you have used Autofill before, iCloud Passwords & Keychain may have a blue tick as well. For optimal accuracy when using Keeper for Passkeys, make sure to tap iCloud Passwords & Keychain to remove it as an option.

Passkeys

Once the setup steps are complete, websites or applications that support passkeys will either prompt you to create a passkey or will provide a setting in your account section to setup a passkey login.

Creating a passkey for a website or app is a simple process on your iOS device.
Tapping Create Passkey on a site or app will trigger Keeper to intercept the request. Keeper then prompts you to create a passkey for your associated login and saves it to your vault.
Returning to sites or apps where you have a stored passkey you will either be prompted to sign in with passkey or will be able to select Sign in with Passkey. Keeper does the rest!

Time-Limited Access

Time-Limited Access allows you to securely share records and folders with other Keeper users on a temporary basis.

Overview

Time-Limited Access allows you to securely share credentials or secrets with other Keeper users on a temporary basis, automatically revoking access at a specified time. Time-Limited Access prevents long standing privileges and ensures that information is removed from the recipient’s vault, greatly reducing the risk of unauthorized access.

Select the record from your vault and click Share, entering their email address or selecting it from your contacts list. Set their permission level and click Add.

Select the “Permissions” dropdown and click Set Expiration. Here you can select one of the default expirations or click custom date and time to set your own. Next, check the box if you would like the record owner, such as yourself, or users with edit access to be notified via email when the recipient's record access expires. Click Done to save.

The recipient of a shared record with time-limited access may have "view" and "edit" permissions but will not be able to share the record. If "share" permissions are applied, the expiration will be removed.

Open the shared folder from your vault and click the edit icon and from the “Users” tab, add the user or team you would like to share the folder with.

Set their permissions and from the dropdown menu click Set Expiration, following the same steps you would for a single record share (described above).

Next, check the box if you would like users with "can manage records" permissions over the folder to be notified via email when the recipient's record access expires. Click Done to save.

The recipient of a shared folder with time-limited access may have "can manage records" permissions, but the ability to "manage users" is restricted. If these permissions are applied, the expiration will be removed.

Self-Destructing Records

Self-Destructing Records allow you to share records with users outside of Keeper, while automatically deleting the record from your vault and disabling the share link at specified time.

Overview

Self-Destructing Record’s utilize Keeper’s existing One-Time Share technology which allows time-limited, secure sharing of a record to anyone, even if they don’t have a Keeper account.

Self-Destructing Records take our One-Time Share feature even further by automatically deleting the record from your vault once the share link is disabled and the recipient’s access is revoked. This reduces your workload to revoke record access and removing it from your vault at a later time.

Create a Self-Destructing Record

To create a Self-Destructing Record, create a new record as you normally would. Enter the record details and click Add Self-Destruct.

From the menu that is now presented, select when you want the share link to expire.

Once you've made your selection, click Save & Share to generate a One-Time Share link.

You have the option to copy the link directly, or send it in an invite or QR code format.

The recipient of a Self-Destructing Record simply clicks on the provided link and is instantly presented with the shared record in their web browser. One-Time Share links are bound to a single device, further strengthening security and preventing unauthorized distribution or viewing on multiple devices. The link will expire at the specified time or once the recipient has viewed the record for five minutes, whichever comes first.

Keeper's Self-Destructing Records allow you to securely share records with file attachments that self-destruct at a specified time.

Create a record as you normally would and click Add Attachments to upload your file, or simply drag and drop the file directly into your vault.

Click Add Self-Destruct, select when you want the share link to expire, then click Save & Share to generate a One-Time Share link.

The recipient of a Self-Destructing Record simply clicks on the provided link and is instantly presented with the shared record in their web browser. They can then click on the file to download it to their local device.

Delete a Self-Destructing Record

You can delete a Self-Destructing Record at any time, thus disabling the share link by clicking Delete Now. Deleted Self-Destructing Records will appear in your vault's “Deleted Items” with the option to "Restore".

Security Audit

Security Audit provides password security strength reporting in your vault.

Overview

The Security Audit screen gives the passwords stored in your vault an overall security score based on password strength. You can clearly view information about each record's password strength and reuse from this screen.

Calculation of Security Score

The calculation of password strength and reuse is performed continuously from your vault across all platforms including Keeper Desktop, Web Vault, iOS and Android devices.

Keeper's password "strength" is a calculated score based on the complexity of the password, with a score rating between 0 and 100 according to the metrics below:

Very Weak: < 20 Weak: 20-40 Good: 40-60 Strong: 60-80 Very Strong: 80+

For more information on how Security Scores are calculated, visit the following page:

You can easily view a record that contains a high-risk password by clicking on it from the provided list. To resolve the risk, you will be directed to change the password at the record's website and then update the corresponding record in your vault.

Click here to learn how to easily change your passwords using Keeper's browser extension, KeeperFill.

BreachWatch

User guide for BreachWatch on Keeper's Web Vault & Desktop App.

Overview

BreachWatch is a powerful, secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper Vault. BreachWatch delivers the most in-depth monitoring available to the public with a database of over a billion records while upholding Keeper's state-of-the-art, zero-knowledge security architecture.

BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.

User Experience

To sign up for BreachWatch from Keeper's Web Vault or mobile app, navigate to the BreachWatch screen and follow the on-screen prompts. You can also purchase BreachWatch directly from the . After signup, BreachWatch performs a local scan of passwords that are currently stored in your Keeper vault.

Once activated, BreachWatch will prompt the user on their device to Resolve the high risk password by changing it at the affected site and updating the corresponding record in their Keeper vault. If you Ignore the notification, then that record will be skipped on future scans until the password is reset. The user may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.

Benefits & Features

BreachWatch performs unlimited security scans of your passwords on all devices.
Users are automatically alerted to take action if any of the passwords in their vault have been used in a publicly known breach that could leave them vulnerable to a credential stuffing attack, or an account takeover.
BreachWatch continuously monitors for compromised credentials. Tracking over a billion known passwords while continuously adding new information as breaches are discovered on the dark web.
Keeper reports the latest scan date and time as well as tracks the resolution history of every breached password for historical auditing.

BreachWatch Scan

To start your BreachWatch scan, click BreachWatch in the left navigation menu, then click Let's Begin > Scan.

BreachWatch will then scan your records and report any risks associated with them. Clicking each record listed will allow you to view the steps needed to Resolve each risk. Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper Vault with the same password.

BreachWatch is also available for and .

Secure File Storage

User guide for Keeper's Secure File Storage for Web Vault & Desktop App, iOS and Android.

Overview

Keeper offers Secure File Storage to protect your confidential files, photos, and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper vault.

Files are encrypted during the upload process and the user holds the encryption key for complete privacy and security. Users also have the ability to securely share files with other Keeper users via record sharing, making Secure File Storage the best way to save and transfer the most sensitive of information.

Benefits & Features

Just like our password encryption technology, Keeper protects your confidential files with 256-bit AES encryption using record-level keys.
Secure file storage is available across all of your devices as a Secure Add-on, including iOS, Android, Web Vault and Desktop App.
Files can be easily and securely shared with other Keeper users, from vault-to-vault.
Like your other Keeper records, you can set sharing permissions for records that contain your secure files (can edit, can share, can edit & share, and read only).
File sizes are supported up to 100MB for Web Vault, 5GB for Desktop App, Android and iOS.

Web Vault & Desktop App

From within the vault, users can either create a new record or add an attachment to an existing record. While editing a record, click Add Attachments to upload your file, or simply drag and drop the file directly into your vault. Once the upload is complete, click Save.

By clicking the download icon next to the file or photo within a record, you can quickly View or Download it.

Users also have the ability to securely share files with other Keeper users via record sharing, making Secure File Storage the best way to save and transfer the most sensitive of information. Within the record click Share, then enter the email address(es) of the other Keeper user(s) you would like to share the record with.

To learn more about sharing, click .

iOS & Android

Secure File Storage is also available for iOS and Android. You can either add an attachment to any existing record or create a new record using the "File Attachment" record type. Within the record, tap Add Files or Photos to upload your file.

Users also have the ability to securely share files with other Keeper users via record sharing, making Secure File Storage the best way to save and transfer the most sensitive of information. While viewing the record, tap Share > Share with User and enter the email address(es) of the Keeper users you would like to share the record with.

Understanding Attachment Status Icon:

When viewing a record with file attachments, you may see an icon next to a file if it hasn't fully synced to your Keeper Vault.

File Not Yet Uploaded / Sync Pending:

If you see this icon (a cloud symbol with a line through it), it means that this specific file attachment has not yet successfully uploaded or synced to your Keeper Vault's cloud storage. The file is currently only stored locally on the device from which you attempted the upload.
File attachments require an active internet connection to upload. If you are offline, attachments cannot be added or uploaded. If this icon appears, it typically signifies an unexpected issue or an interruption (e.g., a lost internet connection, an error during transfer) that prevented the file from reaching the cloud.
While the icon is present, the file is not yet backed up to the cloud and may not be accessible from other devices or the Keeper Web Vault.
To ensure your file is securely backed up and accessible across all your devices, please verify your internet connection.

Emergency Access

Give trusted family and friends access to your Keeper Vault.

Give trusted family and friends access to your Keeper Vault in the event of an emergency or loss of life. You can designate up to five emergency contacts and decide how much time should pass before their access is granted.

Please note, the Emergency Access feature is only available for consumer accounts.

From the Account Dropdown Menu (your email address), select Account > Emergency Access.

Click Trusted Users and enter the email addresses of up to five contacts (Keeper users). Optionally, select a "Delay Access" duration from the dropdown menu for each user, then click Send.

The amount of time between your request to provide emergency access and access granted can be set up to three months per contact. If a delay is configured, the countdown begins the moment the trusted user attempts to login to your vault.

In order for the recipient to accept the request, you must first establish a "sharing" relationship if one hasn't already been established through Keeper's record/folder sharing features.

If prompted, click Send Invite.

If the recipient is not an existing Keeper user, they will receive an email inviting them to sign up for a Keeper account. Once they sign up and login to their account, they can accept the sharing relationship request.

Once the recipient accepts your sharing request, you will need to invite them to be your emergency contact once more from the “Emergency Access” section of your vault. This step is not necessary if a sharing relationship has previously been established.

Emergency Contact Workflow

Once a sharing relationship has been established, the recipient will notice a red notification indicator has appeared in the "Emergency Access" section of their Account screen. By clicking My Access they can Accept or Decline emergency access to your account.

Once accepted, clicking Login will allow them to access the account they have been granted access to (once the access delay has passed, if enabled).

View Status of Invites & Edit Contacts

To view the status of your emergency access invites click Account > Emergency Access > Trusted Users. From here, you can also delete your emergency contacts at any time.

KeeperChat

This guide provides a look at the benefits and features of KeeperChat, Keeper's secure messaging solution.

Overview

Keeper's secure messaging solution, KeeperChat, allows you to chat with friends, family member and colleagues with peace of mind knowing you are in control of the content you share and who you share it with. KeeperChat has best-in-class security with end-to-end encryption for messages at rest and in transit. KeeperChat runs on a variety of devices and platforms including Android, iOS, Windows, and Mac OS. Download KeeperChat from the or .

Benefits & Features

Like your passwords, your private messages are stored in a secure, digital vault which can be accessed using the same credentials or biometric login method (Fingerprint or Face ID) you use to login to Keeper Password Manager.
For increased security, two-factor authentication is available, providing an extra layer of protection against unauthorized access.
Just like our password encryption technology, Keeper protects your messages with zero knowledge, 256-bit AES encryption security architecture.
Self-destruct timer and message retraction remove unwanted or sensitive messages and files without a trace.
Message history and chat threads automatically sync across all your devices.
Securely share sensitive photos and videos with complete privacy. Photos and videos are saved to your private gallery without leaving a trace on your camera roll.

User Experience & Preview of Features

KeeperChat is free to use with all features. To access additional storage, unlimited self-destructs, and unlimited message retraction, upgrade to .

Access Two-Factor Authentication and Biometric Login Settings by navigating to KeeperDNA.

Self-Destruct & Retract

Before sending your message, tap the timer icon and use the slider to set the self-destruct timer.

To retract, edit or set the self-destruct timer for a message that has already been sent, long press (or click) on the message and make a selection from the generated menu.

Private Media Gallery

Navigate to the Gallery to upload and securely share sensitive photos and videos.

Group Chats

Select the create chat icon and then select Start a Group Chat to add contacts.

Privately communicate and collaborate with groups of friends, family members and coworkers.

For Business & Enterprise customers, KeeperChat supports team messaging and is integrated into the team management from the Admin Console.

Keeper Forcefield

End-user guide for Keeper Forcefield - Windows Endpoint Protection for Sensitive Data

Keeper Forcefield: Windows Endpoint Protection

Overview

Keeper Forcefield is an advanced endpoint security feature for Microsoft Windows that protects sensitive applications and processes from unauthorized access. It is specifically designed to defend against threats such as infostealers and password-stealing malware installed from phishing or other attacks.

Forcefield is bundled with the Keeper Desktop application for Windows and operates silently in the background to ensure data protection without impacting performance or usability.

This is the end-user guide for Keeper Forcefield. The includes more advanced depoyment options for administrators.

Getting Started

Installing Keeper Forcefield via Keeper Desktop

To activate Forcefield from the Keeper Desktop application, install the latest .

After installation:

Navigate to Settings > Security in Keeper Desktop
Visit the Forcefield screen and activate the service.

Once enabled, Forcefield will immediately begin protecting your computer.

Standalone Installation

The installation of the standalone version of Keeper Forcefield is available through an MSI installer based on the architecture.

x86/64-bit

ARM/64-bit

Status and Updates

The system tray provides a Forcefield status icon and the ability to check for a new version. Keeper will check on a daily basis for a new version, but the update must be explicitly installed by the user.

Applications Protected by ForceField

Forcefield is built to protect designated applications by verifying their process name, file name, and code signature. The following applications are secured using this validation approach:

Keeper Applications:

Keeper Desktop
Keeper Secrets Manager
Keeper Commander
Keeper Gateway
Keeper Bridge
KeeperChat
Keeper Importer

Web Browsers:

Chrome
Microsoft Edge
Firefox
Brave
Opera
Vivaldi

If you would like Keeper Forcefield to protect additional applications, please email us at [email protected] and we'll review your request.

Quick Testing

To verify that Keeper Forcefield is protecting your machine:

Open Task Manager.
Right-click on a protected process.
Choose Create memory dump file.
The .dmp file should be 0 bytes if blocked.

Forcefield is designed to protect specific applications. Contact us at [email protected] to request additional applications.

Advanced Documentation

For more in-depth information regarding Keeper Forcefield including technical specs and IT Admin rollout, see the Enterprise Guide:

Troubleshooting

This guide provides basic troubleshooting solutions to some of the more common questions users may have.

The proceeding pages in this section are dedicated to various troubleshooting guides. Have a suggestion? Email our team at .

Reporting Autofill Issues

How to report autofill issues to Keeper

Overview

Starting with version 17.1 of the Keeper Browser Extension, we have drastically increased the speed at which we can resolve autofill issues while also training Keeper's Machine Learning models to safeguard autofill accuracy across the web.

We've introduced a new "Snapshot Tool" in the Keeper Browser Extension that greatly simplifies the process of fixing autofill issues on customer-owned websites or internal tools that were previously difficult for our engineers to access. By submitting a snapshot to our team, we can turn around site-specific autofill improvements in a matter of minutes.

Reporting Autofill Issues with the Snapshot Tool

To report an Autofill Issue, there are 2 locations to access this feature: From the on-page form fill and the browser extension toolbar.

On-Page Form Fill

From the on-page form filling screen, click on the overflow menu > Report an Autofill Issue

From the browser extension toolbar window, click on the overflow menu > Report an Autofill Issue.

Submitting Snapshots & Reporting Issues

Next, click Take Snapshot to take a screen capture of your browser window.

If you are having trouble with a website's login page, simply select Report an Autofill Issue from the extension Options menu or from the fill tool.

Click Take Snapshot to take a screen capture of your current browser window. Click Next: Preview to review exactly what data will be sent to Keeper, ensuring there is no confidential information included before you proceed.

Next, select from the provided list of autofill issues or describe your own.

Keeper will NOT send credentials or confidential information. We only send the screenshot and HTML page structure exactly as displayed in the preview window.

Click Report Issue to send the information to the Keeper Team.

If you need to re-submit an issue for a website, return to the extension toolbar or fill tool and click Report an Autofill Issue > Retake.

Snapshot Resolution

The Keeper team will promptly receive the necessary information to diagnose and resolve the filling issue. Once a solution is implemented, an update will be released to all customers. You will receive an email notification confirming the update. In many cases, site-specific fixes can be turned around within the same day.

Troubleshoot Extension Issues

Steps to provide Keeper Support with Browser Extension debug information.

Autofill Issues

See the page to request a fix for a website that isn't filling properly. Our team can process fixes on the same day.

Check for Extension Updates (Chrome)

To experience the latest KeeperFill updates and features, you want to make sure you running the latest version of the Keeper Browser Extension. To update KeeperFill, follow the steps below:

In your browser's search bar, navigate to chrome://extensions.
In the upper right corner, toggle "Developer mode" on.
In the list of your current browser extensions, locate the "Keeper Password Manager & Digital Vault" extension and click Details.
In the upper left corner, click Update.

Check for Extension Updates (Firefox)

To update KeeperFill in Firefox, follow the steps below:

In your browser's search bar, navigate to about:addons.
In the upper right corner, click the gear icon and select "Check for Updates"
Ensure that Keeper is updated to the latest version.

Capturing Error Messages (Chrome)

If you are experiencing an error, it is helpful to provide Keeper support with any console errors that might be occurring. To capture the errors, follow the steps below.

In your browser's search bar, navigate to chrome://extensions.
In the upper right corner, toggle "Developer mode" on.
In the list of your current browser extensions, locate the "Keeper Password Manager & Digital Vault" extension and click on "background.html"
Click on the "Console" tab. Check for any errors in red. Take a screenshot of any error messages and send them to support.

Conflicting Extensions

Sometimes, other browser extensions or software installed on the computer can conflict with Keeper. Common examples are products which filter web content, block popups or perform any sort of website traffic manipulation.

If you are experiencing a strange issue with your KeeperFill browser extension, we recommend turning off all of your other 3rd party extensions to determine if there is a conflict. If you find a conflict, please provide this information to Keeper support.

Troubleshooting Video

This video explains how to capture errors from the KeeperFill extension when working with the support team.

Resetting the Chrome Extension

If you are unable to login to the KeeperFill Chrome extension, a reset of the extension may be required. To reset your KeeperFill Chrome extension, follow the below steps:

Open Chrome and select Chrome > Settings > Extensions
From the Keeper extension, select Details > Extension Options
Click on "Clear All Storage"
Restart Chrome

Resetting the Safari Extension

If you are unable to login to the KeeperFill Safari extension, a reset of the extension may be required. To reset your KeeperFill Safari extension, follow the below steps:

Open Safari and select Safari > Settings
From the Keeper extension, select Settings
Click on "Clear All Storage"
Restart Safari

Troubleshooting Vault Issues

Troubleshooting instructions for troubleshooting vault issues.

Please follow the steps below to provide Keeper Support with information to assist vault related errors.

(1) Using Chrome browser, open the Web Vault at:

(2) Click on View > Developer > Developer Tools.

(3) Login to your Keeper Vault.

(4) On the Developer Tools window, click on the "Console" tab and check for any errors in red.

(5) If there are errors, take a screenshot and/or copy-paste the information for the Keeper Team.

Clearing Your Browser Cache

Clear the browser and extension cache to reset Keeper on your device using Keeper's browser extension tool.

If you would like to reset Keeper on your web browser follow the steps below:

Navigate to the "Extensions" page in your preferred browser and select "Keeper Password Manager & Digital Vault".
Click "Extension options".

You will then have the option to clear local storage, IndexedDB storage or, all storage.

Website Developers

Helpful info for website developers

If you are a website developer and your users are experiencing a compatibility issue with Keeper's browser extension, please follow the steps below.

Keeper Icon Appearing in Wrong Field

Keeper uses pattern matching to determine if a field should display a lock icon. If a lock icon is showing on a form field in error, you can supply a CSS class of keeper-ignore to your form element. For example:

<input id="user_field" type="text" class="keeper-ignore my_class"/>

Internet Explorer

Accessing KeeperFill on Internet Explorer

Internet Explorer

Consider Switching to Edge With IE Mode

From the Microsoft website: "Since 1/12/16, Microsoft no longer provides security updates or technical support for old versions of Internet Explorer."

Although Keeper maintains the Internet Explorer 11 extension, we recommend that customers stop using IE or consider the latest Microsoft Edge with "IE Mode" as documented here: . If you still require the use of IE for legacy applications, please see the instructions below.

KeeperFill for IE installer is only available on request. After installing Keeper for Internet Explorer, you may need to perform the following actions:

Disable user names and passwords on forms:

Exit and restart the browser to activate Keeper.
Right-click along the top bar and ensure Command bar is selected for display.
Open Internet Explorer, click on the Tools icon, then Internet Options.
Click the Content tab.
Under "AutoComplete", click on Settings.
Disable 'User names and passwords on forms".

Disable enhanced protected mode & enable third-party browser extension:

Open Internet Explorer, click on the tools icon, then Internet Options.
Click on the Advanced tab.
Under the "Security" section, ensure that enhanced protected mode is disabled.
Under the "Browsing" section, Enable third-party browsing extensions.

IE11 - Trusted Sites Policy

Customers who login to Keeper with SSO, or customers who are on corporate networks that deploy group policies for Internet Explorer, ensure that the following entries exist in your Trusted Sites settings under Tools > Internet Options > Security.

US / Global Customers:

keepersecurity.com

*.keepersecurity.com

US Public Sector / GovCloud:

govcloud.keepersecurity.us

*.govcloud.keepersecurity.us

EU Data Center Customers (Dublin, Ireland):

keepersecurity.eu

*.keepersecurity.eu

AU Data Center:

keepersecurity.com.au

*.keepersecurity.com.au

CA Data Center:

keepersecurity.ca

*.keepersecurity.ca

JP Data Center:

keepersecurity.jp

*.keepersecurity.jp

Enterprise customers must push group policies to end-users with these Trusted Sites in order to fully function with SSO and other critical features.

Tips & Tricks

This guide provides access to our top "tips & tricks" and assists users in optimizing their experience with Keeper on both desktop and mobile devices.

The proceeding pages in this section are dedicated to various FAQs, site-specific guides and other tips & tricks. Have a suggestion? Email our team at .

Protecting your Keeper Vault

Recommendations for protecting access to your vault

Overview

At the foundation, Keeper is an encryption platform with policies and controls in place to protect customer data. In this security model, the customer is also responsible for protecting access to their vault by following recommended security practices. This document outlines key recommendations that will help you secure the data stored within your vault.

Create a Strong Master Password

For customers who login to Keeper with a Master Password, the key to decrypt and encrypt the Data Key is derived from the Master Password using the password-based key derivation function (PBKDF2), with 1,000,000 iterations by default. All customers who login to the vault are automatically migrated to 1,000,000 iterations.

After the user types their Master Password, the key is derived locally and then unwraps the user's 256-bit AES Data Key. After the Data Key is decrypted, it is used to unwrap the individual 256-bit AES record keys and folder keys. The Record Key then decrypts each of the stored record contents locally.

Keeper implements several mitigations against unauthorized access, device verification, throttling and other protections in the Amazon AWS environment. Enforcing a strong Master Password complexity significantly reduces any risk of offline brute force attack on a user's encrypted vault.

The National Institute of Standards and Technology (NIST) provides password guidelines in: . The guidelines promote a balance between usability and security; Or in other words, passwords should be easy to remember but hard to guess. The NIST instruction recommends an eight character minimum but a higher value will ultimately result in a harder to guess/crack password. Keeper enforces a minimum of 12 character master passwords.

Enable 2FA on Your Keeper Account

2FA can be added to any consumer or business account. Business customers can enforce the use of 2FA with various levels of control and security options. The 2FA step comes before the Master Password entry. Performing the device verification and 2FA step prior to the Master Password entry phase offers mitigation of several attack vectors including brute force attack, password testing and account enumeration.

To activate Two-Factor Authentication, visit the Settings screen of the Keeper Web App, Desktop App or mobile application.

Keeper also supports FIDO2-compatible WebAuthn hardware-based security key devices such as YubiKey and Google Titan keys as a second factor. Security keys provide a convenient and secure way to perform two-factor authentication.

Enable 2FA on Your Email Account

Access to your email account is a key component in the overall security of your personal information. Ensure that your email account uses a strong auto-generated password created by Keeper. And ensure that you are protecting your email account with multi-factor authentication. Follow the steps provided by your email provider to lock down your account with the most restrictive methods possible.

We recommend that customers protect email accounts using a hardware-based Yubikey or Google Titan key when possible. If this is not available from your email provider, or if you don't own a Yubikey device, the next best thing is using a TOTP code generator.

Keeper supports the ability to store TOTP codes for logging into your email account or other service. To learn more about protecting TOTP codes in your Keeper Vault, .

While using SMS as a two-factor authentication setting is better than having nothing at all, we don't recommend relying on SMS due to well documented .

Be Careful of Browser Extensions

As a general security practice, we recommend that our customers be very cautious with installation of 3rd party browser plugins / browser extensions, such as ad blockers, coupon tools and other "helpful" utilities. Many browser extensions request elevated permissions which have the ability to access any information within any website or browser-based application that you visit. Make sure you fully trust the company who developed the browser extension, and look for their security certifications before you install it.

If you have any other security related questions, feel free to email our team at [email protected].

Stay Logged In

This guide reviews how to enable the new Stay Logged In feature and extend your Logout Timer setting.

Overview

By default, users are logged out of Keeper if their browser closes, or if their computer restarts. Keeper's "Stay Logged In" feature allows you to instead remain logged into for a configurable duration. Continuing reading to learn how to enable Stay Logged In in the Keeper Web Vault, Desktop App and the KeeperFill Browser Extension.

Web Vault & Desktop App

Sign in to the Keeper Web Vault or Desktop App and click the Account Dropdown Menu (your account email) > Settings > Security and turn "Stay Logged In" on.

Keeper will then recommend that you also enable the "Auto-Logout" setting, to protect your account if you walk away from your device. Also known as the "Inactivity Logout Timer", this automatically logs you out of Keeper after a period of inactivity. You can set this timer to the duration you prefer and it will continue to count down if you close your browser.

If you've downloaded the KeeperFill Browser Extension, you can manage the Auto-Logout setting from the extension's security settings menu (more on this in the section below).

Business customers should note that your Keeper Administrator may disable or limit this feature based on the security settings of your organization.

Browser Extension

If you've downloaded the KeeperFill Browser Extension you can enable both the Stay Logged In and Logout Timer features from the extension's security menu.

Click Settings > Security and enable (or disable) "Stay Logged In Between Sessions" and set a "Inactivity Logout Timer".

For security reasons, we recommend setting a reasonable logout timer duration when Stay Logged In is enabled.

Android

To enable Stay Logged In on your Android device, navigate to Keeper's Settings menu and toggle "Stay Logged In" on. Once enabled, the setting will apply to all of your devices.

Security

Keeper's Stay Logged In feature uses . The user's Master Password is NOT stored on the device or computer when using the Stay Logged In feature. Keeper utilizes advanced encryption, session management tokens and device authorization capabilities to protect your vault.

Using Keeper TOTP with Azure or Office 365

How to use Keeper to manage TOTP codes for protecting your Office 365 accounts.

Microsoft 2FA Configuration

Keeper can protect Azure AD / Office 365 logins with our TOTP (time-based one-time password) feature. By default, Microsoft provides a different type of code which supports their push method. Below are the step by step instructions to setting up Office 365 TOTP code support properly.

(1) From your Microsoft Azure / Office 365 Profile Screen, visit your security settings screen. The Microsoft site seems to change often, so we won't add a hyperlink here. Click on "Add Method" to set up two factor authentication on your Microsoft account.

(2) Select "I want to use a different authenticator app" as your preferred option

The QR code will be generated and displayed:

(3) On Keeper from your record, click on "Add Two-Factor Code". Or if you're using the mobile app, you can tap on "Add Two-Factor Code" to scan it with the camera.

(4) Enter the verification code as displayed in your Keeper app

(5) Click Next and then Save the record in the Keeper vault.

Make sure to save the Keeper record before exiting the setup

(6) To ensure that Autofill works with all the various Microsoft sites you may be using, we recommend adding several custom fields to your Keeper record similar to the screen below.

Logging in with Two Factor Code

When logging into Microsoft Online, use Keeper's right-click menu as a simple way to fill the TOTP code.

Changing Passwords Using KeeperFill

KeeperFill provides unique features to help you change/rotate passwords on any website.

Login to the site using the KeeperFill browser extension
Visit the site's "Change Password" Page
Follow Keeper's on-screen instructions

See the below example video using Twitter.

Free Family License for Personal Use

This guide provides an overview of how Enterprise and Business users can create a free, Keeper Family Plan and once created, how to easily switch between their Keeper accounts.

Create a Free Family Plan from a Business or Enterprise Account

All Keeper Enterprise users can create a free, Keeper Family Plan for up to 5 family members with unlimited devices. To create your personal vault, follow the steps below:

This vault is intended for personal use only. All business-related credentials must be stored within your company issued vault.

(1) Log into the Keeper Web Vault or Desktop App.

(2) Click on the Account Dropdown Menu (your email address).

(3) Select Account.

(4) Enter your personal email within the "Keeper Family License for Personal Use" section and click Send Email.

(5) Logout from your business vault on your browser by clicking on the Account Dropdown Menu > Logout.

Create Family Account

(1) Open the Keeper invitation sent to your personal email and click Verify Email Address.

(2) You will then be redirected to Sign Up by creating a master password for your personal account.

Important Note About Data Center Location

If you follow the link sent on your desktop computer, you'll be properly routed to the same geographic data center that is associated with your Keeper Business Vault. Therefore we recommend using your Desktop computer to create your personal Keeper Vault.

If you decide to use your mobile device for creating your personal vault, see the instructions below.

Creating Account on Mobile

If you decide to create your personal account on an iOS or Android device, please ensure you are in the correct data center location.

If you set up your personal Keeper account in the wrong region, you'll need to contact Keeper support to delete and re-create your account.

Confirming License Activation

After your personal account has been created, it will appear in your business vault Account Menu.

Important Notes Regarding Your Linked Personal Account

Your linked personal account is licensed as a Keeper Family Plan account with 10GB of secure file storage and BreachWatch dark web monitoring.
The company managing your Business vault does not have any access rights or ability to decrypt information stored in your personal vault.
Your linked personal account will remain free on unlimited devices for as long as the business account is active.
If you leave the business, or if the business does not renew their subscription with Keeper, your Family license converts into a Keeper Free subscription. You may continue to use your personal license on one device, or purchase a Family or Unlimited subscription for all of the premium features.
Your Business Admin may remove the ability to share records from the business vault to the linked personal vault.

This vault is intended for personal use only. All business-related credentials must be stored within your company issued vault.

Switch Between Accounts

You can easily switch between your business/enterprise and personal accounts on Keeper for Web Vault, iOS and Android.

From your Web Vault, click the Account Dropdown Menu (your email address) > Account > Switch Account.

You will then be redirected to sign into that account using your master password.

If you have not already logged into the account you would like to switch to on the device you are using, you will first need to tap Add Account and enter your login credentials. Once added, it will appear in the list of accounts that you can switch between.

Account switching is also available on and .

One Record with Multiple URL Domains

One Record with Multiple Domains

Some sites have more than one domain (website address) that require the same exact login/password. If this is the case for any of your records, rather than creating an entirely separate record, Keeper allows you to store multiple website domains within one record.

So no matter what domain you are logging in from, KeeperFill will recognize that domain as an alias and allow you to log in with the same stored credentials.

To store multiple website domains within a single record:

While viewing the record, click Edit.
Click the + Custom Field button.
Select URL from the Custom Field types
In Website Address, enter the site's alternate domain name.
To finish, click Save.
You can continue to repeat this process for additional domain names by clicking the + Custom Field button again.

KeeperFill Right-Click Context Menu

If a website form field does not display the Keeper lock icon, users can right-click on the field to produce a context menu with KeeperFill features. The context menu offers the ability to fill logins, payment cards, addresses and create new passwords.

The KeeperFill right-click context menu provides the following features:

Filling record login fields
Filling payment card fields
Filling billing and address fields
Filling TOTP Codes
Creating a new record
Opening the extension window
Launching the Web Vault
Logging out of your account

Keyboard Shortcuts

If you prefer to use keyboard shortcuts instead of mouse clicks to make the process of auto filling your passwords even more seamless, follow the steps below:

Navigate to the site you would like to log in to.
Type command+shift+k (for Mac OS) or alt+k (for Windows).
In the field provided, begin typing your search terms.
Use the up and down arrows on your keyboard to find and highlight the record you are searching for.
Use the enter key to quickly fill and log in to the site.

Resetting Keeper Desktop App

Learn how to reset Keeper on Mac and Windows.

If you encounter an issue with the Keeper Desktop application and you need to reset the content and settings, follow the steps below.

Mac & Windows

While in the Keeper Desktop App, navigate to Help > Reset Keeper.

Mac Store Version

Additional information may need to be deleted manually if you installed Keeper from the Mac App Store. Open the "Terminal" application from your Applications > Utilities menu then run the below command:

rm -rf ~/Library/Application\ Support/Keeper\ Password\ Manager/

Login to Keeper with Windows Hello

How to configure Keeper Desktop with Windows Hello biometric login.

Windows Hello integration currently works with the Keeper Desktop App only.

Keeper is compatible with Windows Hello, a biometrics-based technology that allows users to authenticate and log into their Windows device using biometric facial recognition, fingerprint reader, or pin (available on Windows 10). If Windows Hello is configured on a user's device and enabled in Keeper, this eliminates the requirement for users to enter their master password at the Keeper login screen, further expediting the login process.

Enable Windows Hello:

Open the Account Dropdown Menu.
Click Settings > Security.
Toggle "Windows Hello Login" on.
Once you have read the warning notification, click Enable to accept.

Windows Hello Setup

If Windows Hello is not yet configured on your device, you will receive a prompt to open your Windows Settings to configure it. Once you have configured Windows Hello, close out of the Settings window and return to your Vault to proceed with steps 3 & 4 above (Enabling Windows Hello).

Logging in with Windows Hello

Next time you log in to Keeper, Windows Hello will first attempt to authenticate your identity. Once authenticated, your vault will be decrypted and you will be automatically logged into Keeper.

By clicking Cancel you will be returned to the login screen to log in with your Master Password instead.

Windows Hello login became available in March 2020 in our new unified App Installer when Keeper Desktop is installed from the download page of our website or the Microsoft Store. Customers on a prior version will not receive the Windows Hello feature until they install the proper version. The Windows Hello-compatible version of Keeper can be installed one of two ways:

1. Via the link on our website download page 2. From the download site

Login to Keeper on macOS with Touch ID

How to login to Keeper with Touch ID on your Mac

Keeper is compatible with Touch ID on macOS, a biometrics-based technology that allows users to authenticate and log into their device using a fingerprint. If Touch ID is configured on a user's device and enabled in Keeper, this eliminates the requirement for users to use SSO or enter their Master Password at the Keeper login screen, further expediting the login process.

To enable Touch ID, click Account Dropdown Menu > Settings > Security and toggle "Touch ID" on.

Touch ID Setup

If Touch ID is not yet configured on your Mac, you will need to first enable the feature from your device settings. Once you have configured Touch ID , close out of the Settings window and return to your vault to proceed with the steps above.

Logging In with Touch ID

Next time you log in to Keeper, tap on the Touch ID icon from the login screen. Once authenticated, your vault will be decrypted and you will be automatically logged into Keeper.

By clicking Cancel you will be returned to the login screen to log in with your master password or SSO instead.

Using Windows Hello or Touch ID with SSO

Logging in with Windows Hello to a vault tied to SSO.

Keeper supports the ability to login with Windows Hello or Touch ID on a vault that is tied to an SSO provider such as Microsoft Azure. To set this up, please follow the instructions below.

(1) Login to your vault using your SSO as usual, and click the Account Dropdown Menu (your email) > Settings > Security.

(2) Enable Windows Hello (or Touch ID if you're on a Mac). Note that if you previously tried using this setting, you should turn it OFF and ON in order to reset the master password storage in your device.

(3) The next time you login to the Keeper Desktop App, simply click the "Windows Hello" or "Touch ID" button.

(4) You will now be able to login seamlessly to your vault using Windows Hello or Touch ID, without having to constantly login using your SSO provider.

If you receive an error when attempting to login with Windows Hello or Touch ID, please turn the setting off then on.

Logging in with DUO

User guide for Enterprise customers who login using DUO for Two-Factor Authentication.

If you are new to logging into Keeper using DUO for Two-Factor Authentication, the videos below will demonstrate the process for Web Vault, iOS, and Android users. To learn more about DUO's Two-Factor Authentication method for Enterprise, click here.

To login with DUO you must first activate it in your Keeper account's Two-Factor Authentication settings.

Web Vault

To receive login requests from DUO, notifications must be turned on for both DUO and Keeper on your mobile device. If you use iOS, you must tap the DUO notification pull-down when it appears on you mobile device.

iOS

To receive login requests from DUO, notifications must be turned on for both DUO and Keeper on your mobile device. To verify your identity, you must tap the DUO notification pull-down when it appears on you mobile device.

Android

To receive login requests from DUO, notifications must be turned on for both DUO and Keeper on your mobile device.

Import Records

Import Overview

Importing Passwords, Folders and Shared Folders into Keeper

Import Methods

Keeper provides several methods of importing data into the vault. Each method is fully documented with screenshots and example data in the subsequent pages of this user guide.

Records created in any platform will instantly sync to the your other devices. Records that are shared among users will receive updates in real time.

Importing from other password managers

Import from Chrome via export

This guide contains instructions on how to manually export saved passwords from Chrome and import them to Keeper.

IMPORTANT: Keeper can import password directly from your web browsers such as Chrome, using the automated import tool found in your Keeper Web Vault and Desktop App Settings. The import tool is an easy to use application that runs on your computer to quickly locate and import your passwords. Click for further instruction on how to automate the import of your passwords from a web browser such as Chrome.

If you have attempted to use Keeper's automated import tool and have been unsuccessful, or you are running Linux OS, follow the directions below to complete the process manually. You will first need to perform a manual export of your passwords from Chrome and then import the file to Keeper as a Text File (.csv).

From your Chrome Browser, click Settings > Passwords then click

A popup will appear, click Export Passwords... and complete the necessary steps to save the passwords to your computer as .csv file.

From Keeper, click Settings > Import > Text file (.csv)

Drag and drop the exported file into the target window "Drop a File Here"

Use the dropdown menus to set the column headers to the following: Title, URL, Login, Password, then click Import

For more on importing from a text file (.csv) and field mapping click .

Import from Excel

Instructions on how to import passwords from Microsoft Excel into Keeper.

Import from Excel

(1) If you are importing your passwords from Excel, first save the file in CSV format (UTF-8 encoded).

(2) Log into your Keeper web vault at https://keepersecurity.com/vault/

(3) Click on your account email in the upper right-hand corner, then click on Settings > Import.

(4) Select “Text file (.csv)” from the list of options.

CSV files must be UTF-8 encoded to ensure that all symbols and characters are imported properly.

(5) Drag and drop the exported file into the target window.

(6) You can use the drop-down menu in each column to map to the correct Keeper field.

(7) Click Next.

(8) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

(9) Click Import.

Import from 1Password

Instructions on how to import passwords from 1Password to Keeper

Instructions

To import from 1Password, you must export your records from the 1Password application on MacOS or Windows.

MacOS

(1) Log into your 1Password account using a desktop computer.

(2) Select the vault you want to export.

(3) Choose File > Export > Your Vault

(4) Enter your Master Password to unlock

(5) Choose the file format: 1PUX or CSV, then click Export Data. The 1PUX format is preferred since it contains all data.

(6) Choose a location to save the export. Make sure to delete this file after the import is complete.

Windows

(1) Open and unlock 1Password.

(2) Select the vault you want to export.

(3) Click on the 3 vertical dot menu and choose Export > Your Vault

(4) Choose the file format: 1PUX or CSV, then click Export Data. The 1PUX format is preferred since it contains all data.

(5) Choose a location to save the export.

Import to Keeper

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose 1Password from the list.

(5) Drag the exported file into the target window "Drop a File Here"

If you intend to share all top-level folders with other people, check the box "Import Root Level Folders as Shared". Otherwise leave it unchecked.

(6) Click on Import.

Make sure to delete the local 1Password .csv or .1pux file locally on your computer.

CLI Import with Keeper Commander

Keeper Commander also supports a 1Password import that allows more configurable options, such as default folder permissions. See the below link for more details:

Import from Avast

Instructions on how to transfer records from Avast Passwords to Keeper

Export

To import from Avast Passwords, you must export your records first.

(1) Launch Avast Passwords and log in to your account

(2) Select Import/export data (3) Click Export to File (4) Name the file and click Save

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Avast from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Bitwarden

Instructions on how to export/import records from Bitwarden.

Export

To import from Bitwarden, you must export your records first.

Option 1: From Windows & Mac

(1) Launch the Bitwarden Desktop App and log in to your account.

(2) Select File > Export Vault.

(3) Select file format .csv from the dropdown and enter your Master Password.

(4) Click the Submit button and Export Vault.

(5) Select your destination for the .csv file and click Save.

Option 2: From Bitwarden Web Vault

(1) Click on Tools > Export Vault.

(2) Select file format .csv from the dropdown and enter your Master Password.

(3). Click Export Vault twice to confirm the action.

(4) Open the file to save it. Select your destination for the .csv file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Bitwarden from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Dashlane

Instructions on how to export/import records from Dashlane.

Export

To import from Dashlane, you must export your records first.

Dashlane Web Client

DASH: Dashlane Secure Archive

Login into https://www.dashlane.com.
Under My Account, select Settings, Export Data.

3. Under DASH: Dashlane Secure Archive click on Export to Dash.

4. Create a password and confirm it in the second field.

5. Click on Export data.

6. A file called Dashlane Export.dash will be made where you have assigned downloads to go.

CSV: Non Secure Export

Login into https://www.dashlane.com.
Under My Account, select Settings, Export Data.

3. Under CSV, click on Export to CSV.

4. A file called "dashlane-credential-export.zip" will be made where you have assigned downloads to go. Warning: This can be read by anyone.

Import Into Keeper

Once your files have been exported from Dashlane using one of the two methods above, continue to Keeper's Web Client or Desktop App to import.

DASH: Dashlane Secure Archive

Log into the Keeper Web Vault or Desktop App.
Click on your account email in the upper right-hand corner.
Click on Settings > Import.
Choose Dashlane from the list.

5. Drag your Dashlane Export.dash file to the Drop a File Here. window.

6. Enter the Dashlane password you assigned it during the export.

7. Use the drop-down menus in blue to map each column to a Keeper field. Click Next.

8. If you intend to share all first level folders, check the box Import Root Level Folders as Shared.

9. Review and approve the import by pressing the “Import” button.

CSV: Non Secure Export

Log into the Keeper Web Vault or Desktop App.
Click on your account email in the upper right-hand corner.
Click on Settings > Import.
Choose Text File (.csv) from the list.

5. Your file from Dashlane may be zipped, un-zip it and select the right .csv you want imported. Dashlane separates files by credentials, ids, payments, personal info, secure notes.

6. Select the .csv you want imported and drag it to Drop a File Here.

7. Use the drop-down menus in blue to map each column to a Keeper field.

8. If you intend to share all first level folders, check the box Import Root Level Folders as Shared.

9. Review and approve the import by pressing the Import button.

Import from EnPass

Instructions on how to export/import records from EnPass.

To import from Enpass CSV file please reference the generic Import Text File (.csv) section.

Export

To import from EnPass, you must export your records from first.

Mac

(1) Click File > Export.

(2) Select .json as your file format.

(3) Choose the location to save the file.

(4) Name the file and click Save.

Windows

(1) Click on the menu in the upper left-hand side.

(2) Click on File > Export.

(3) Select .json as your file format.

(4) Choose the location to save the file.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose EnPass from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

(7) Click on Import.

Import from Kaspersky

Instructions for migrating from Kaspersky to Keeper

Export

To import from Kaspersky, you must export your records first.

(1) Click Settings > Import/Export

(2) Export to text file and Save

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Kaspersky from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from KeePass (.kdbx)

Instructions on how to import records directly from KeePass encrypted .kdbx files.

.KDBX File Import Overview

Keeper supports the ability to import directly from encrypted Keepass files in .kdbx file format. Keeper can import both password-protected and private key-protected formats. All versions of .kdbx files are supported.

This import includes Folders, Password, Custom Fields and even File Attachments! 🥳

To import into Keeper, please locate your encrypted .kdbx file, and if you are protecting your Keepass file with a private key, you will need that file as well.

Import Steps

(1) Login to Keeper on your computer

(US)
(EU)

Or, download the Keeper Desktop App:

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose KeePass (.kdbx).

(5) Type in your KeePass Password.

(6) Click on the Key File + button and navigate to your Key File if one was used.

(7) Locate your .KDBX file and drag and drop it the target labeled "Drop a File Here".

Please note that import from the latest KeePass KDBX4 file format is slow and might take up to 30 seconds or more. When importing, please be patient :)

(8) If necessary, use the drop-down menu in each column to map to a Keeper field. For KeePass files, the structure is automatically mapped so you should not need to perform any manual mapping.

(9) Click on Import to complete the process.

If you run into any issues, you may need to first update your Keepass application to a newer version, or export your Keepass database to a newer format.

Note: Importing records with File Attachments is restricted to paid Keeper customers with Secure File Storage plan.

Import from KeePass .XML

Instructions on how to import records from KeePass XML format.

Keeper supports direct KeePass .kdbx file import which supports more content and file attachments. Please see those instructions here.

Export

To import from KeePass, you must export your records first.

Windows

(1) Click File > Export > KeePass XML File. Use XML for KeePass 2.0 and above. XML supports folder organization. If you use KeePass 1.X, export as a CSV file. If you have a .kdbx file, use the Import from KeePass KDBX instructions instead.

(2) Provide a filename and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose KeePass. If you have a .kdbx file, see Importing fom KeePass KDBX.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from MacPass

Instructions on how to export/import records from MacPass.

Keeper supports direct KeePass .kdbx file import which supports more content and file attachments. Please see those instructions here.

Export

To import from MacPass, you must export your records first.

Mac

(1) Click File > Export as XML.

(2) Name the file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose MacPass from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(8) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(7) Click on Import.

Import from mSecure

Instructions on how to export/import records from mSecure.

Export

To import from mSecure, you must export your records first.

Mac

(1) Click File > Export CSV.

(2) Accept the warning by clicking OK.

(3) Select Export All Records.

(4) Name the file and click Export.

Windows

(1) Click on the Settings Icon

(2) Click on Backups > Export.

(3) Name file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose mSecure from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from MyKi

Instructions for migrating from MyKi to Keeper

Export

To import from MyKi, you must export your MyKi records first.

On Windows

(1) Click Settings > Import/Export

(2) Export to text file and Save

On Mac

(1) Click on File > Export CSV

(2) Select folder destination and Save

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose MyKi from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Passpack

Instructions on how to export/import records from Passpack.

Export

To import from Passpack, you must export your records first.

Web Vault

(1) Click Settings > Export.

(2) Click on Download.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Passpack from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Passportal

Passportal users can quickly migrate their data to Keeper

Export

To import from Passportal, you must export your records first.

(1) Click Settings > Import/Export

(2) Select checkbox to include field headers

(3) Click Export and save the file.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Passportal from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

(8) Click on Import.

Import from Password Boss

Instructions on how to export/import records from Password Boss.

Export

To import from Password Boss, you must export your records first.

Mac & Windows

(1) Click File > Export Data.

(2) Choose Password Boss JSON - Not Encrypted.

(3) Navigate to where you want to save the file. Click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Password Boss from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Proton Pass

Instructions on how to import passwords from Proton Pass to Keeper

Export

To import from Proton Pass, you must export your passwords first.

(1) Open the Proton Pass browser extension for Chrome or Firefox and click Settings.

(2) Click on the Export tab. Ensure "Encrypt your Proton Pass data export file" is unchecked.

(3) Click Export. A file title "Proton Pass_export_[date].zip" will be saved to your computer's downloads.

Import

(1) Log into the Keeper Web Vault or Desktop App.

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Proton Pass from the list of password managers.

(5) Drag-and-drop the exported zip file into the target window "Drop a File Here".

(6) If you intend to share all first level folders, check the box "Import Root Level Folders as Shared". By selecting this option, all first level folders will become shared.

(7) Click Import.

Make sure to delete the local Proton Pass zip file from your computer.

Import from Psono

Psono users can quickly migrate to Keeper

Export

To import from Psono, you must export your records first.

(1) From Psono, click email address on upper right then 'Other'

(2) Click 'Export' then select JSON

(3) Save the file.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Psono from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

(8) Click on Import.

Import from RoboForm

Instructions on how to export/import records from RoboForm

Export

To import from RoboForm, you must export your records first.

Macintosh

(1) Before proceeding, make sure you do not have your Passcards organized in folders in RoboForm.

(2) Click File > Print List > Logins or Identities or SafeNotes

(3) Right-Click HTML page and choose Save As...

(4) Select the format as Webpage, HTML Only.

(5) Navigate to where you want to save the file and click Save.

Windows App

(1) Click on the RoboForm dropdown menu in the upper left column.

(2) Choose Options, then Account & Data.

(3) Choose Export.

(4) Under Format, select CSV file.

(5) Browse the location to save and choose Export.

Windows Extension

(1) Select the RoboForm icon on your taskbar or toolbar.

(2) Click on the Overflow Menu.

(3) Choose Options then Account & Data.

(4) Choose Export.

(5) Under Format, select CSV file.

(6) Browse the location to save and choose Export.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose RoboForm from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Safari

Instructions on how to export/import records from Safari

Export

To import from Safari, you must export your records first.

(1) From Safari, click on Safari > Settings then select the 'Passwords' tab.

(2) Select '...' then select 'Export All Passwords...'

(3) Save the Passwords.csv file.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Text file (.csv) from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

The mappings are as follows:

Title: Title
URL: URL
Login: Username
Password: Password
Notes: Notes
Two-Factor Code: OTPAuth

(8) Click on Import.

Import from SplashID

Instructions on how to export/import records from SplashID.

Export

To import from SplashID, you must export your records first.

Mac

(1) Click File > Export > CSV.

(2) Name the file and click Save.

Windows

(1) Click the SplashID Icon > Export > Export to CSV.

(2) Name the file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose SplashID from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Sticky Password

Instructions on how to export/import records from Sticky Password.

Export

To import from Sticky Password, you must export your records first.

Mac

(1) Click on File > Export > Unencrypted.

(2) Name the file and click Save.

Windows

(1) Click Menu > Export.

(2) Click Export All or Export only selected items.

(3) Select Sticky Password 6 XML.

(4) Click Next.

(5) Name the file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose Sticky Password from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(8) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(7) Click on Import.

Import from True Key

Instructions on how to export/import records from True Key.

Export

To import from True Key, you must export your records first.

Mac

(1) Click on the Settings icon.

(2) Click App Settings > Export Data > Export.

(3) After warning appears, click Continue.

(4) Enter your Master Password.

(5) Name your file and click Save.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose True Key from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from ZOHO

Instructions on how to export/import records from ZOHO.

Export

To import from ZOHO, you must export your records first.

Web Vault

(1) Click the Tools tab and choose Export Secrets on the left panel.

(2) You can either export all the secrets or export only the ones that belong to a particular secret type

(3) Choose General CSV and click on the Export Secrets button.

Import

(1) Log into the Keeper Web Vault or Desktop App

(2) Click on your account email in the upper right-hand corner.

(3) Click on Settings > Import.

(4) Choose ZOHO from the list.

(5) Drag the exported file into the target window "Drop a File Here".

(6) Use the drop-down menu in each column to map to a Keeper field.

(7) If you intend to share all first level folders, check the box Import Root Level Folders as Shared. By selecting this option, all first level folders will become shared.

If you only wish to share some of the folders, you will need to split the CSV file into two separate files prior to importing each accordingly.

(8) Click on Import.

Import from Commander CLI

Automated import through the Keeper Commander CLI

The Keeper Commander SDK provides command-line or scripted capabilities to import records and folders into your Keeper Vault. Supported import formats are below:

JSON import files can contain records, folders, subfolders, shared folders, default folder permissions and user/team permissions
CSV import files contain records, folders, subfolders, shared folders and default shared folder permissions
delinea/thycotic import includes private folders, shared folders, permissions, file attachments, TOTP codes
Keepass files will transfer records, file attachments, folders and subfolders
lastpass file format is supported, however for end-users we recommend the which supports folders, shared folders and file attachments.
lastpass full enterprise import supports shared folders
myki import method supports records and folders
1password method supports records, folders and file attachments
manageengine method supports records, folders and file attachments

Most features available in the Keeper Admin Console are available through Commander's interactive shell and SDK interface.

Learn more about Keeper Commander import methods at

Microsoft Store App

This page has moved:

Web Vault & Desktop App

Export and Reports

Vault Export

Export and Reporting Capabilities

The Keeper Web Vault and Desktop application provide export and reporting capabilities. For consumer accounts, this is available for all users. On Enterprise accounts, this may be restricted by the Keeper Administrator.

For Enterprise users, role policies must allow export.

Export Options

CSV

Keeper's CSV format supports Folders, Subfolders and Shared Folders. CSV files can be imported and exported with Keeper.

File Format:

Folder,Title,Login,Password,Website Address,Notes,Shared Folder,Custom Fields

More information about Keeper's CSV format is available .

JSON

The JSON format is structured as an array of Shared Folder objects, and an array of Record objects. The JSON format is compatible with Keeper's import tools and the Keeper Commander CLI.

More information about Keeper's JSON format is available .

PDF

For a printer-friendly version of records, the PDF version is also available.

To print the PDF, click on the printer icon at the bottom:

Encrypted Keepass (.kdbx)

Web Vault and Desktop App

Keeper supports encrypted KeePass export through the Web Vault, Keeper Desktop application and Keeper Commander CLI which is available to all customers.

From the Web Vault and Desktop App, select KDBX export format and you'll be asked to provide the desired KeePass Master Password. You can also provide a Key File to encrypt the KeePass file. The Master Password you provide here is used to encrypt the KeePass file - this is NOT your Keeper Master Password.

Commander

Keeper Commander, our Command-line CLI and SDK platform also provides a flexible KeePass export option.

To install Keeper Commander, visit this link:

The command to run is the export command, documented at this link below:

Browser Extensions

User guides for the KeeperFill Browser Extension for Chrome, Firefox, Safari, Microsoft Edge, Opera and other Chromium-based browsers.

Overview

KeeperFill is Keeper’s powerful, autofilling browser extension. Once you install the Keeper Browser Extension, you can conveniently autofill your logins, passwords, passkeys and save new records that you create to your Keeper Vault. The KeeperFill browser extension is available for every web browser including Chrome, Firefox, Safari, Edge, Opera and other Chromium-based browsers.

Installation & Setup

Below you will find browser-specific installation and setup instructions. Instructions will vary across different browsers and operating systems.

Chrome
Firefox
Safari
Edge
Opera
Other Chromium-based browsers such as Brave

Logging In

Most users can log into the KeeperFill browser extension with their email address and master password. If you are part of an Enterprise rollout, you may be directed to log in with your Enterprise SSO login credentials.

When you log in or out of your Keeper Web Vault you will be simultaneously logged in or out of KeeperFill and vice-versa.

For customers who log in with SSO, typically entering the email address will route to the corresponding identity provider login screen. If your Keeper administrator requires a specific Enterprise Domain entry, click on Enterprise SSO Login.

If Keeper does not automatically route you to the proper data center location or identity provider, please contact your Keeper administrator.

For GovCloud customers, ensure that the "US (GOV)" region is selected.

Stay Logged In

By default, users are logged out of Keeper if their browser window closes, or if their computer restarts. Keeper's "Stay Logged In" feature allows you to remain logged into Keeper for a configurable duration.

To enable Stay Logged In, click the options icon > Settings > Security, then enable "Stay Logged In".

Keeper recommends that you also set the "Inactivity Logout Timer" which automatically logs you out of Keeper after a period of inactivity. You can set this timer to the duration you prefer (minutes, hours, or days) and your session will resume even once you close your browser.

Record Overview

Records now conveniently appear directly on the home screen as a list, with “Suggested Record(s)” at the top to easily fill the credentials that match the website you're on.

Select a record to view all its details as well as conveniently take common actions like launching, sharing, editing, and accessing the record's options menu.

Suggested Records, Sort & Filter

Vault records appear directly on the browser extension home screen, making it quick and easy to find exactly what you are looking for.

Easily fill credentials with suggested records that match the website you're on. Favorite records will appear on top when more than one suggested record is shown.

Sort records by most recently used, name, or date modified. Filter by favorites, record type, and more.

Autofill Your Passwords

The KeeperFill Browser Extension allows you to autofill your passwords and save new login credentials you create to your vault.

If it's the first time you are logging into a site with KeeperFill, you will be asked if you would like Keeper to autofill your login.

Keep in mind, you must already have created a Keeper record for this site containing the website address for Keeper to recognize, match and fill your login. Upon clicking Yes, your credentials will be autofilled into the login form and you will be logged in.

Records appear directly on the home screen as a list, with “Suggested Records” at the top to easily fill the credentials that match the website you're on. Select the record, then click Autofill to fill the credentials into the site's log in form.

Searching Your Vault

The KeeperFill toolbar provides easy access to all of your vault records You can quickly search for a website login or anything else stored in your vault. The search feature is case insensitive and will match any record within your vault as you type.

Understanding Record Matching

When logging into a website, KeeperFill will provide a list of matching records. The matching is performed by looking at the "Website Address" field of the record as well as the custom fields.

The list of matching records is determined by looking at the URLs stored within your Keeper record. Once the list is generated, a series of logical steps determines the sort order of the selection list and which specific record is selected as the default choice.

(1) If the page you're visiting has a subdomain (e.g. xyz.google.com), then Keeper first looks at the subdomain for the closest match in your vault records. The best matches are sorted by the last time they were used.

(2) After checking subdomain, Keeper looks at the "path" information (e.g. xzy.google.com/some/path) and compares it to the path stored within your Keeper record. The best matches are again sorted by the last time they were used.

(3) If the page contains an email address on the screen (such as a pre-filled email field) then Keeper will pre-select the record from the subdomain and path criteria which contains the email field.

Create a New Record

With KeeperFill, there are multiple paths to create a new record and save it to your vault.

You can quickly create a record from the KeeperFill toolbar at any time by clicking the yellow plus button. If you have no suggested records for the website you are on, Keeper will display an Add Record button instead. Click this button to "quick add" a record by auto-generating its "Title" and "URL" based on the website you are visiting.

You can also choose which folders any given record is stored in. Record location can be selected on existing records as well as new records you are in the process of creating. Simply click the "Location" dropdown menu to select the folder or subfolder you would like the record to reside in.

Check the box for "Trim URL" if you would like Keeper to automatically simplify the URL and improve matching across different pages of the website.

Fill Prompt

Alternatively, you can create a new record from a website's "account creation" or "sign in" page by selecting the Keeper icon in the form field. On "account creation" pages, click the Create a Record or Add to Keeper button that appears to be routed to a secure Extension Tab, where you can create a new vault record. On "sign in" pages, the same Create a Record and Add to Keeper buttons will appear if you have no matching records for that website.

If you do have matching record(s) and you'd like to create a new record, use the options menu in the prompt that appears to begin creating a new record in the secure Extension Tab.

When you begin creating a record in Keeper's Extension Tab, the record "URL" and "Title" will be auto-generated. If you entered any data into the site's username or password fields before opening the Extension Tab, those values will be automatically populated into the new record form as well.

Upon reviewing and saving the record details, the Extension Tab will close and you will be automatically routed back to the website you came from. For additional convenience, Keeper will auto-fill the username and password fields on this website, if they are not already populated.

Save Prompt

Keeper will offer to save a password to the vault, if you login manually on a site by typing or pasting in the login and password. The "Save Password Prompt" feature is enabled by default, and can be disabled in the browser extension settings menu. For Enterprise customers, this feature can also be enforced on or off.

Note: For enterprise environments, the "Save Password Prompt" will only appear if the password entered by the user meets the complexity requirements enforced by the Keeper Administrator. See for more information on password complexity enforcements.

Add Additional Website Address

When creating a new record or editing an existing record, users can add additional website addresses to the record by clicking the Add Website Address button. This functionality allows users to efficiently store and organize all related website domains for a record directly from the browser extension.

Add as many website addresses as you'd like and easily reorder them with drag-and-drop.

Click the option icon to the right of a website address to:

Set it as the primary address (this will swap the selected address with the record's primary address)
Edit the field label
Remove the website address

Passkeys

A passkey is a cryptographic key that allows you to log into your accounts and apps without having to enter a password or second factor.

Storing passkeys in your Keeper Vault allows them to be used across different browsers and operating systems. They can also be shared with other users like any other record in your vault.

Passkeys can be used as a replacement for any FIDO2 security key for either first factor or second factor login to supported websites.

Passkeys as a primary login factor only work on websites and applications that have been specifically built to support them. The list of supported sites is growing every day.

Create a Passkey

To create and save a passkey for a site, typically you'll need to visit the "Security" or "Account Settings" page of the website.

Upon clicking "Create Passkey" at the desired site, Keeper will intercept the request. Click Create Passkey to create and save the passkey to your vault.

Log In With a Passkey

The next time you visit a website that supports passkey login, locate the "Sign in with a Passkey" or similar action button on the site, then click Use Passkey in the KeeperFill window to log in.

To learn more about Keeper and Passkeys, including Passkeys for mobile, click here.

Password & Passphrase Generators

Long, random passwords that are created for each account help protect your information and reduce your exposure to data breaches. Alternatively, by combining multiple words, passphrases are an even more secure alternative to traditional passwords.

Keeper's password generator can create and securely store strong, random passwords or passphrases for all of your sites and apps.

Generate a Password

To begin, click the dice icon within a new or existing record. You can customize your password by character length (8-99 characters) and choose to include lowercase and uppercase letters, numbers and symbols.

Check the box at the bottom of the toolbar if you'd like to make your selections the default setting for all passwords moving forward. Select Use Password to update the record or Copy Password to copy it to your clipboard.

Generate a Passphrase

Click the dice icon within a new or existing record and from the dropdown menu next to "Type", select Passphrase.

You can customize your passphrase by setting the length, including capitals and numbers in the passphrase and choosing from various symbols to separate the words.

Passphrases can be up to 20 words long, with a minimum length of 5 words and each word including at least 3 characters.

Check the box at the bottom of the toolbar if you'd like to make your selections the default setting for all passphrases moving forward. Select Use Passphrase to update the record or Copy Passphrase to copy it to your clipboard.

This will NOT automatically change the website's existing login password. You must still visit the corresponding website's "Change Password" form to update the old password to match the new, stronger password. Click here to learn how to easily change your password with KeeperFill.

Alternatively, you can generate a standalone password or passphrase by clicking the Options Menu > Password Generator.

Generator History

To view your password/passphrase history, click the clock icon within the generator screen. Hover your cursor over a password to either view it or copy it to your clipboard.

Your password generator history can be cleared at any time by clicking Clear History.

Password Enforcement Policies

For Enterprise customers, the password generator on end-user vaults will adhere to the minimum character length, minimum number of lowercase/uppercase/numbers/symbols and allowed list of symbols as defined by your Keeper Administrator.

The passphrase generator on end-user vaults is enabled by default, but can be disabled by your admin. Passphrases will adhere to the minimum number of words and can be configured to include capital letters and numbers. The separators between words will be selected from the list of allowed symbols.

For more information on record password enforcement policies, please see our Enterprise Guide.

Change a Password

KeeperFill makes it easy to change your passwords. When a user visits a site's "Change Password" page, you will receive a prompt from Keeper asking if you would like help changing your password. By clicking Yes, Keeper will run a wizard that walks you through a few quick steps to change your password and simultaneously update the record in your vault. These steps will include a series of prompts detailing the following actions:

Autofill your old/current password
Automatically generate and autofill a new secure password
Confirm the changes and save them to your vault

Autofill Custom Fields

Keeper can automatically fill custom fields into login forms. From the Keeper Web Vault, create a custom field in your record, ensuring the label matches that of the field you want to fill. (e.g. "Last 4 digits of SSN").

You can also fill the the custom field value via the fill window.

Keyboard Shortcuts

If you prefer to use keyboard shortcuts instead of mouse clicks to autofill your passwords, follow the steps below:

Navigate to the site you would like to log in to.
To open the KeeperFill extension, enter shift+command+K (Mac) or Alt+K (Windows).
In the field provided, enter your search terms.
Use the up and down arrows on your keyboard to find and select the record you are searching for.
Use the enter/return key to open the record details and shift+enter/return keys to launch and fill a record.

You can modify the shortcut command to your preference in your browser's extension settings.

Two-Factor Codes for TOTP

Autofilling 2FA Codes

Upon autofilling your username and password via KeeperFill, when prompted, a stored two-factor code will also be autofilled into the field provided.

Alternatively, you can click the copy icon next to the code and paste it into the field provided.

Storing two-factor codes in your Keeper Vault has several advantages:

Keeper two-factor codes are more secure than using SMS text messages.
Two-factor codes stored in Keeper are protected with strong zero-knowledge encryption.
They can be auto-filled quickly while logging in to a site, saving time and reducing friction.
Keeper records are securely backed up so if you lose a device you don’t have to reset all the codes.
Keeper records are shareable. If you have multiple people that need to log in with the same credentials, they won’t need to track down the person who has the only device containing the code.

TOTP Scanner

When configuring multi-factor authentication for any account, you can capture TOTP codes directly through the Browser Extension without switching between apps.

Simply navigate to the relevant record in your Browser Extension and click "Settings," then select "Scan 2FA Code." The extension will automatically detect and save the authentication code to your Keeper record, making it instantly available for future logins.

TOTP codes can also be quickly added from the record "Create" and "Edit" screens. If a secret key is provided instead of a QR code, you can manually enter it to generate your two-factor code.

Payment Cards & Addresses

From the fill window you can view and fill the payment cards and addresses that are stored in your vault.

KeeperFill is fully integrated with your browser's right-click context menu and offers an alternative filling method. Simply right-click on a login field to produce a context menu. Select Keeper to fill logins, two-factor codes, payment cards, addresses and create and edit records.

For security reasons, only records with a matching domain name for the site you visit will display in the menu of autofill options.

Tools & Settings

All your KeeperFill tools and settings are consolidated in an easy to use Options Menu found in the upper right corner of the KeeperFill toolbar.

The Settings Menu covers everything from security settings, appearance, autofill and autosubmit functionality, the various KeeperFill prompts, and much more.

Landscape Mode

Users can customize their viewing experience with the ability to expand the extension window via “Landscape Mode”. The dual-pane window allows you to view your record details and records list at the same time – providing seamless access to what you need most.

You can easily switch between “Landscape” and “Portrait” mode with a single click of a button on your extension toolbar.

Reporting Autofill Issues with the Snapshot Tool

From time to time, users inform us that autofill is not functioning as expected on certain websites. The Snapshot Tool greatly simplifies the process of reporting and fixing autofill issues by seamlessly providing Keeper's Engineering Team with key website information.

To report an Autofill Issue, there are 2 locations to access this feature: From the on-page form fill and the browser extension toolbar.

On-Page Form Fill

From the on-page form filling screen, click on the overflow menu > Report an Autofill Issue

Activation

This works on:

Login pages (Username, Password)
TOTP code pages
Payment and identity pages

Reporting Issues

If you are having trouble with a website's login page, simply select Report an Autofill Issue from the extension Options menu or from the fill tool.

From the browser extension toolbar window, click on the overflow menu > Report an Autofill Issue.

Next, select from the provided list of autofill issues or describe your own.

Keeper will NOT send credentials or confidential information. We only send the screenshot and HTML page structure exactly as displayed in the preview window.

Click Report Issue to send the information to the Keeper Team.

If you need to re-submit an issue for a website, return to the extension toolbar or fill tool and click Report an Autofill Issue > Retake.

Autofill Fixes

The Keeper Team will promptly receive the necessary information to diagnose and resolve the filling issue. Once a solution is implemented, an update will be released to all customers. You will receive an email notification confirming the update. In many cases, site-specific fixes can be turned around within the same day.

Keeper supports biometric login with a passkey, allowing users to authenticate using a device-bound passkey that replaces all traditional login methods – including master password, SSO, and 2FA.

Biometric login with Passkeys is available on Chrome, Edge and other Chromium-based browsers. Mozilla Firefox support will be available with Firefox release 147 or 148 pending this Mozilla ticket. Safari is also pending native passkey support from Apple.

To activate biometric login, navigate to the extension "Settings" menu and Select Biometric Login. When you toggle biometric login “on”, Keeper will prompt you to create a Passkey and the platform will request a biometric or PIN authentication, depending upon the capabilities of your device.

For Business and Enterprise users, the use of Biometric Login may be restricted by your Keeper Administrator.

Once created, the passkey login acts as a complete replacement for both your first factor – master password or SSO and the second factor such as TOTP, SMS, or DUO (if configured).

You can now unlock the Keeper Browser Extension using your device’s built-in biometric authentication. Click Biometric Login at Keeper's login screen and use your fingerprint or facial recognition to access your vault instantly.

Multiple Passkeys can be stored in your Keeper account to account for the various platforms you may use. In this example, a passkey is available in iCloud Keychain, Windows Hello and Google Chrome. On each platform where you use Keeper, click Manage Passkeys to create a new one.

Advanced Settings

Keeper offers two advanced settings for individual records tailored to certain autofill use cases.

Overwrite Field Content

This setting allows users to control whether a record’s Custom Fields can autofill into fields on a webpage that are already populated. Previously, Custom Field content wouldn't autofill into an already-populated field.

Autofill on Subsequent Pages

This setting will prevent Keeper from attempting to autofill any given record on multiple pages in a row. Disabling this setting can help prevent accidental “false positive” autofill scenarios, where Keeper autofills on a page you don’t want it to.

To access the Advanced Settings menu, select the record overflow menu/options icon.

Field Icons

Users have the option to entirely disable form field icons – these are the Keeper icons that appear within website login fields. This will allow you to disable the icons without disabling KeeperFill’s autofill and auto submit functionality.

Clipboard Expiration

If "Clipboard Expiration" is enabled, Keeper will automatically clear your computer’s clipboard after a short delay whenever you copy information from your browser extension. Durations range from 30 to 120 seconds. This security feature mitigates the risk of confidential data remaining on your clipboard for extended periods, thereby reducing potential exposure to other applications.

Autofill on Page Load

If "Autofill on page load" is enabled, Keeper will automatically fill a matching record into the login fields of the website. Users can enable this feature on an individual record basis.

Autosubmit After Autofill

If "Autosubmit After Autofill" is enabled, Keeper will automatically submit the form and log in to the website after autofilling your username and password. Users can enable this feature on an individual record basis, or universally enable it for all of your records within KeeperFill's Settings Menu.

Accessibility

With the accessibility setting, users have the ability to control tabbing behavior and focus on the Keeper icon within form fields.

Select the Options Menu > Settings > Accessibility to disable this setting, preventing focus on the Keeper icons when tabbing through form fields with keyboard controls.

Match on Subdomain

The "Match on Subdomain" setting enables KeeperFill to differentiate a record's subdomain (if present) from its domain. In doing so, Keeper will only display records matches based on strict subdomain matching to the website you are currently visiting.

Example: If a user has a record with a website address containing a subdomain and domain such as "subdomain1.company.com" and another record with the website address containing only the domain "company.com" and attempts to log in to "subdomain1.company.com, the only record match that will appear is "subdomain1.company.com".

To enable this feature, select the Options Menu > Settings > Match on Subdomain.

Web Vault & Desktop App (Legacy, Abridged)

End-user guide for the Keeper Web Vault and cross-platform, Keeper Desktop Application.

Your Keeper Vault

With Keeper, your passwords, logins and other personal information are saved in a private and secure digital vault. It is here where you can view and edit all of your website login credentials and details, as well as store important files and photos.

New User Account Creation

If you are a new user, click Create Account at the login page and enter your email address. You will then be asked to create and confirm a Master Password. This will be the only password you have to remember -- don't forget your Master Password! Lastly, you will be asked to enter the verification code that was sent to your email.

Once your Keeper vault is created, you will be guided through a "Quick Start" walkthrough, that will help you either import passwords from your browser or other password manager or manually create new records.

Enterprise (SSO) users, please refer to our supplemental "Enterprise End-User (SSO)" guide located in the sub-section of this guide for details on account creation, login flows and device approvals.

Creating New Records

Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital Vault (as "Records") and are encrypted on your device using 256-bit AES. To begin, simply click + Create New > Record.

Name Your Record
Enter Your Email or Username
Enter Your Password or Tap the Dice to Generate One (more on that here)
Enter the Website Address
Enter Additional Notes, Custom Fields, and Securely Add Files & Photos
Click Save to Finish

Importing Passwords

Keeper can also import logins and passwords directly from your web browser, another password manager or a text file (.csv).

Click Next to install the Keeper import tool and begin the import process.

After installing the import tool, you'll be asked to copy-paste a code or "token" from the vault into the import tool.

Keeper will report websites and their associated logins and passwords directly from your web browser. You can then scroll though the report and uncheck those you do not wish to import. Once you have finished reviewing the report, click Add to Keeper to import the selected password.

If you are using an existing password manager or if your passwords are stored in a text file (.csv), you can import those passwords by first selecting your import source from the list and then clicking View Import Instructions to follow the provided instructions.

Enterprise Users, importing Passwords may not be available as determined by your Keeper Administrator.

Download Keeper Applications

Download Keeper to access your Keeper Vault from any platform and be able to use it for native applications across all of your devices.

Visit: https://keepersecurity.com/download to download the Keeper App for all of your desktop and mobile devices.

Note: Keeper Browser Extension v15 and newer is required for SSO Cloud users.

Organization

Folders & Subfolders

Keeper allows you to organize your records by folders and subfolders. To create a folder, click on + Create New > Folder.

To create a subfolder, right-click on the existing/parent folder and click New Folder.

Moving & Shortcuts

Drag-and-drop the record(s) you would like to store in a folder or subfolder and click Move or Create shortcut. To move multiple records, hold "shift" and click the items to drag-and-drop.

Shortcuts like alias files, can exist in two or more places and when edited, change together.

Moving and shortcuts can also be performed by right-clicking on a record or folder to generate a contextual options menu.

Favorites

By right-clicking on a record you can create a record "Favorite", which is used to easily locate your most frequently visited sites.

Securely create, share and manage records and folders with existing Keeper users such as family, friends and colleagues.

While viewing a record click Options > Sharing.

Enter the email(s) of the Keeper users then choose their permission type from the dropdown menu.

Permission Type

Permission Level

Can Edit

Users in folder can edit this record

Can Share

Users in folder can share this record

Can Edit & Share

Users in folder can edit and share this record

Read Only

Users can only view the record

Transfer Ownership

User will own the record and control the sharing permissions

Click Create New > Shared Folder.

Click the dropdown to select where you would like to nest the shared folder. Click Edit to add record(s), user(s), set permission types and the default folder settings.

Default Folder Settings

Permission Type

Permission Level

Can Manage Users

Can add or remove users

Can Manage Records

Can add or remove records

Can Manage Users & Records

Can add or remove users and records

No User Permission

Can view only

Once the default configuration is set, it will only affect users and records added after the change was made. To change users or records added prior to the default configuration, those items will need to be changed either individually or through a bulk change.

Identity & Payments

Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.

From the left navigation menu, click Identity & Payments, enter a username and click + Phone Number and + Address to enter your corresponding information.

Key Features

Password Generator

Custom Fields

Custom Fields allow you to store additional important data, like the answer to a site's security question or your passport number. Custom fields are created in pairs: "Custom Field Name" and "Custom Field Value".

Please note, "masked" custom field values are only available for Keeper Enterprise customers.

Auto-Launch

Auto-launch allows you securely and quickly navigate to your favorite websites. Simply click a record's Website URL to launch and login with Keeper in a new window.

Security Audit

Security Audit gives your passwords an overall security score and lets you clearly see what passwords are weak from a password strength visual indicator (red being the weakest, green being the strongest).

You can edit a record's password by clicking on the record from the provided list (you will still need to update the password at the record's website to match the new, corresponding password in your vault).

2FA for Websites & Apps

(1) At your target website, visit the two-factor authentication screen which is usually located within security settings. It is sometimes referred to as "login verification" or "two-step verification". Screengrab the QR pattern or copy the secret code to clipboard.

(2) Within a Keeper record, select Edit > Add Two-Factor Code

(3) Upload the screengrab of the Two-Factor QR pattern (with security key) associated with the site or application. If there isn't a QR pattern, use the manual entry method. Enter the code given under “Secret Key”, often a 32-digit code and fill out the rest of the fields.

(4) After adding the security key to the vault record a Two-Factor Code will be generated inside the Keeper record.

(5) The two-factor code will be regenerated frequently and can then be copied and filled into the site or app when prompted after logging in with a username and password.

KeeperFill

With the KeeperFill browser extension, you can autofill your passwords and save new login credentials to your vault. KeeperFill is available for every web browser (Chrome, Firefox, Safari, IE, Edge and Opera).

Download KeeperFill for your browser by visiting our Downloads Page.

Autofill with KeeperFill

Once downloaded, the KeeperFill browser extension will appear in the upper-right corner of your browser window (for Safari, it will appear left of center).

You will be automatically logged into the KeeperFill Browser Extension upon signing into the Keeper Web Vault. Alternatively, you can log in by clicking the Keeper icon located in your browser toolbar and entering your email address and Master Password.

If this is your first time logging into a site while logged into KeeperFill, you will be asked if you would like to auto-fill your login, to do so, click Yes

Alternatively, clicking on the Keeper lock in a login field allows you to view and edit the record match (or create a new one). Click the fill button to fill your login credentials or click Show More to view/fill individual fields.

KeeperFill's easily accessible search bar, allows you to search within your vault to quickly locate and fill the desired login credentials, payment cards and personal info such as addresses.

Create New Records

Keeper recognizes when you are at a site's login form and will prompt you to create a record if one has not yet been created.

Click + Create New Record

Review and edit the details of the Keeper generated record and click the check mark to fill and save the record to your Keeper vault.

Changing Passwords

KeeperFill makes it easy to change your passwords. When visiting a site's "Change Password" form, you will receive a prompt from Keeper asking if you would like help changing your password. By clicking Yes Keeper will walk you through a few quick steps to change your password and simultaneously update the record in your vault. These steps will include a series of prompts detailing the following actions:

Autofill your old/current password
Automatically generate and autofill a new secure password
Confirm the changes and save them to your vault

KeeperFill's Prompt to Change a Password

Secure Add-Ons

Secure File Storage

Keeper offers Secure File Storage to protect your confidential files, photos and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper vault.

Files can either be added to an existing record or you can create a standalone record to store the file independently of other login information.

Click + Files or Photos to upload a file or simply drag-and-drop the file directly into your vault.

BreachWatch

BreachWatch is a powerful secure add-on feature that monitors the internet and dark web for breached accounts, matching records stored within your Keeper vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.

To start your BreachWatch scan, from the left navigation menu, click BreachWatch > Let's Begin.

BreachWatch will then scan your records and report any risks associated with them. Clicking each record listed will allow you view the steps needed to resolve each risk.

Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper Vault with the same password.

If you click Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.

Two-Factor Authentication Setup

Two-Factor Authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.

Enabling Two-Factor Authentication is advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).

To enable 2FA for your Keeper vault, from the Account Dropdown Menu, click Settings > Security , toggle "Two-Factor Authentication" on and select your 2FA method.

Text Message Setup:

(1) The Text Message toggle is on by default. Select a Region from the dropdown (US+1 by default), enter your 10 digit phone number including your area code and click Next

(2) To verify that you trust this number and device, enter the Keeper Web code that was sent to the phone number you provided. Select your 2FA code duration from the dropdown menu and click Next

You will be prompted for 2FA every time you login to your Vault unless you select an alternative code duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.

Codes will only last for a minute; if you need another code sent, click Send a new code

(3) Backup codes will be shown next. If you are unable to receive Two-Factor codes via the phone number you entered, you can enter one of the codes listed instead. Click I have written these codes downto finish.

Google and Microsoft Authenticator (TOTP) Setup:

(1) Toggle "Google and Microsoft Authenticator (TOTP)" on and click Next

(2) Using the device that runs the Google or Microsoft Authenticator App, scan the QR code provided. The app will then acknowledge the QR code and produce a verification code.

(3) Enter that verification code and click Next

(4) Backup codes will be shown next. If you are unable to receive Two-Factor codes via the phone number you entered, you can enter one of the codes listed instead. Click I have written these codes down to finish.

In order for Azure MFA (using the Microsoft Authenticator app.) to be utilized as a TOTP, the Azure administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.

KeeperDNA Setup:

Keeper DNA is a Two-Factor Authentication method that uses your smart watch as your second factor.

To use this feature, toggle the switch next to Keeper DNA, then follow these links to set up KeeperDNA on your preferred platform:

Keeper DNA for iOS and Apple Watch
Keeper DNA on Android devices is undergoing a revision and planned for a future release. Legacy versions will function as expected.

Settings

Users can change specific features like language, theme and Two-Factor Authentication in the Settings menu. You can access the Settings menu from the Account Dropdown Menu.

General

Choose a New Color Theme
Set Clipboard Expiration
Choose another language: English US & UK, Spanish, Japanese, Romanian, Chinese Simplified & Traditional, French, Korean, Russian, Arabic, Greek, Dutch, Slovak, Brazilian Portuguese, Hebrew, Polish, German, Italian, and Portuguese
Reset Master Password
Reset Security Question
Change Email Address
Locate and Delete Duplicate Records
Delete All Owned Records

Security

Enable Auto-Logout
Enable Stay Logged In (Desktop App)
Enable Self-Destruct
Setup Two-Factor Authentication
Setup Security Keys
Windows Hello Login (PC Only)
Adjust PBKDF2 Iterations

KeeperFill

Uninstall

The instructions below are for uninstalling Keeper Desktop App (Keeper Password Manager) for Mac and Windows OS.

Uninstalling the Keeper Password Manager will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.

Mac

Drag the Keeper Password Manager app to the Trash.
Empty the Trash.

Uninstalling Keeper Password Manager will also remove KeeperFill Browser Extension from Safari. Data stored in Keeper's Cloud Security Vault will NOT be erased.

Windows

Navigate to the Windows Start Menu > Settings > Apps & Features.
Within Apps & features, click the Keeper Password Manager application.
Click Uninstall.
You will be warned that the app and its related info will be uninstalled, click Uninstall to confirm.
User Account Control will ask you to confirm making changes to your device, confirm the changes by clicking Yes.

Additional user tutorial videos are available at: https://keepersecurity.com/support

Android Phone & Tablet

Comprehensive guide for Keeper on Android phones and tablets.

Your Keeper Vault

With Keeper, your passwords, logins and other personal information are saved in a private, digital vault. It is here where you can view and edit all of your website login credentials and details, as well as store important files and photos.

Signing up for Keeper's Android mobile app is easy. Simply visit the Google Play Store on your device and install the Keeper Password Manager. Watch the video below to learn more about account creation and login.

New Users

To create your Keeper account, first enter your email address then you will be asked to create and confirm a Master Password which will be the only password you have to remember. We recommend that you choose a strong Master Password that is only used for Keeper — don't forget your Master Password!

To finalize your account and proceed to your vault, you will be asked to enter the security verification code that was sent to your email.

Enterprise users who log in with SSO do not require selection of a Master Password.

Existing Users

If you are an existing user, tap Login and enter your email address. If you are attempting to log in on an unrecognized device, a device approval must take place before you can proceed to your Keeper Vault. Users have three methods of approval to choose from:

Email Verification
Keeper Push
Two-Factor Method

Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.

If you select Send Keeper Push, a notification (push) will appear in your Keeper Vault in an alternate, approved device or browser.

On the alternate device, log in to Keeper and tap Yes to approve the new device. You must be actively logged in on an approved device to receive the notification.

Once your device has been approved, you will be prompted for 2FA (if enabled) and asked to enter your master password to proceed to your vault.

If you are an Enterprise customer using SSO Login, you can enter your email address and tap Next to login through SSO. Alternatively, you can tap Use Enterprise SSO Login and enter the enterprise domain provided by your Keeper administrator and tap Connect.

Next, you will be directed to the Safari browser for web-based SSO Enterprise authentication. After you have successfully entered your SSO credentials and two-factor authentication code (if enabled), you will be returned to Keeper to complete the login. You may be required to approve your device using Keeper Push or administrator approval after the SSO login process has been completed.

For more information about Enterprise SSO login, click here.

Importing Passwords

When you first log in to your vault, Keeper will prompt you with two options: Import Passwords or Later. If you choose Import Passwords, you can import directly from Google via a CSV file upload.

Importing from other password managers is still supported via the Keeper Web Vault. If you're not near a desktop computer, you can select Later to perform the import at a later time using the Keeper Web Vault. Password Import is always available from the left menu.

Import from Google

Open the Keeper App: Launch the Keeper app on your Android device.
Access the Menu: Tap on the Hamburger Menu (three horizontal lines) in the top-left corner.
Select Import Passwords: From the menu, choose Import Passwords.
Choose Import Source: In the import options, select Import from Google.
Export Passwords: You will be redirected to passwords.google.com/options. Here, select Export passwords. -- If you have multiple Google accounts, make sure to confirm you are logged into the proper account.
Confirm Export: An Export Passwords Dialog will appear. Tap on Export to begin downloading your passwords CSV file.
Download Confirmation: Once the file is downloaded, you will see a confirmation message letting you know your file has been saved to your device.
Select the Downloaded File:
- The download confirmation prompt has an "Open" option, clicking this will display the "Open With:" dialog at the bottom of your screen, select Keeper to continue importing from your CSV.
- If using the back button: Choose Upload a CSV in the Keeper app to locate and select your downloaded file.
- You can also navigate to the file manager: Locate the exported CSV file and select it to open with the Keeper app. This will take you directly to the Selected File screen.
Import in Progress: Keeper will display a screen showing the progress of the import and encryption of your passwords.
Import Complete: A notification in your Vault will be displayed letting you know how many passwords have been successfully imported.

Import from a CSV File

If you already have your Google Password CSV file on your Android device:

Open the Keeper App: Launch the Keeper app on your device.
Select Import Passwords: Go to the Hamburger Menu and choose Import Passwords.
Choose CSV Import: When prompted, select the Upload CSV File option. This will open the Files app, filtering to show only CSV files.
Select the CSV File: Browse through your files and select the desired CSV file for import.
Import in Progress: Keeper will display a screen showing the progress of the import and encryption of your passwords.
Import Complete: A notification in your Vault will be displayed letting you know how many passwords have been successfully imported.

Keeper on Android directly supports importing from Google Password Manager via CSV file. While CSV files from other sources may work, their compatibility can vary based on formatting—only Google’s export is guaranteed to function seamlessly.

Import from Other Password Managers

If you're importing from another password manager:

Keeper will ask you to navigate to keepersecurity.com/setup on your desktop computer to begin the process of importing your passwords.
For detailed instructions on importing passwords from web browsers and other password managers to your Keeper Web Vault, click here.

Creating New Records

Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital vault (as "Records") and are encrypted on your device using 256-bit AES.

Tap the create icon (+) select Create New Record.

Enter a Title for the record
Choose a Record Type from the dropdown menu ("Login" is the default type). Depending on the record type you select, the default record fields will vary.
Enter the Username
Enter the Password or tap the dice icon to generate one (more on that here)
Enter the Website Address (if one wasn't already entered for you)
Enter Notes, add Files & Photos, a Two-Factor Code and Custom Fields
Tap Save to finish

Organization

With Keeper you can organize your records into folders and subfolders. To create a folder, tap the create icon (+) and select Create New Folder, then enter a name for the folder. To add records to the folder, Tap + and Add Existing Record or you can tap Create New Record to add a new record to the folder.

To create a subfolder within the folder, tap + and Create New Folder.

Please note, once created, regular folders cannot be converted to a shared folder. To learn how to create a shared folder, click here.

Moving & Shortcuts

Keeper makes it easy to move records around within your vault. Individual or multiple records and folders can be moved and shortcuts can be created. Shortcuts, like alias files, can exist in two or more places and when edited, change together.

To move or shortcut a folder, record or multiples thereof, long press on the record or folder and select any additional folder(s) or record(s) you would like to move or shortcut. Next, select the action you would like to perform by selecting an icon located in the upper right corner of your screen. The options include:

Create a Shortcut
Move to a New Folder
Move to an Existing Folder
Change the record(s) "Type"
Delete

You can shortcut or move a single record by selecting Create Shortcut or Move from the Options menu within the record detail screen.

Favorites

Adding a record to your Favorites list is an easy way to locate your most frequently used records and websites. You can add a record to your vault Favorites or Watch Favorites (for Wear OS) from the Options menu within the record detail screen.

Securely create, share and manage records and folders with other Keeper users such as friends, family, friends and colleagues.

Open the record you would like to share and tap Share > Share with User. Enter the user's email address, then use the toggle switches to select permissions (Can Edit, Can Share, Make Owner) then tap the checkmark icon to save.

If this is the first time you are sharing with this person, you will first need to establish a "sharing relationship". The user will receive an email prompting them to login to Keeper and either accept or deny the share request. Once you establish a sharing relationship, the user will appear in the email dropdown list.

Keeper "One-Time Share" provides time-limited secure sharing of a record to anyone without requiring them to create a Keeper account. One-Time Share is the most secure way to send confidential information to a friend, family member or co-worker without exposing information over email, text message or messaging.

To Create a One-Time Share:

Open the record you would like to share then tap Share > One-Time Share.

Tap the share icon in the lower right corner of your screen.
Select a record access expiration from the provided options or select a custom date and time.
Once the share link has been created, tap Share, Copy Link (to paste into a message) or the recipient can scan the provided QR code to view the record. When the recipient of the share link opens the record, it will open in their web browser and will be bound to their device. The record access will automatically expire after the set amount of time.

Click here for more information on Keeper's One-Time Share feature.

Shared folders allow you to share multiple records at once with others and new records can be added to the folder as needed.

Tap the create icon (+) and select Create Shared Folder.

Enter a name for the folder and tap Save.
Tap the options icon in the upper right corner of your screen and select Manage Users & Records.

Tap Add Users and enter the email addresses of the user(s) (or Team name for Enterprise users) you would like to share the folder with and tap the checkmark to save.
You can assign permissions for each user by tapping on their email address under the "Users" tab (Can Manage Users, Can Manage Records).

Add Records

To add records to the folder, switch to the "Records" tab and tap Add Records.

Select the record(s) you would like to add to the shared folder and tap the checkmark icon to save.

Once a record has been added, select it from the list to assign permissions (Can Edit, Can Share).

Identity & Payments

Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.

Payment cards can also be stored in your vault as records using the "Payment Card" record type which allows them to be shared with other users. See our Record Types Guide for more information.

Key Features

Password & Passphrase Generators

Keeper's password generator can create and securely store strong, random passwords or passphrases for all of your sites and apps.

Generate a Password

To begin, tap the dice icon within a new or existing record. You can customize your password by character length (8-99 characters) and choose to include lowercase and uppercase letters, numbers and symbols.

Check the box at the bottom of your screen if you'd like to make your selections the default setting for all passwords moving forward. Tap Use Password to update the record or Copy Password to copy it to your device's clipboard.

Generate a Passphrase

Tap the dice icon and from the dropdown menu next to "Type" and select Passphrase.

You can customize your passphrase by setting the length, including capital letters and numbers in the passphrase and choosing from various symbols to separate the words.

Passphrases can be up to 20 words long, with a minimum length of 5 words and each word including at least 3 characters.

Check the box at the bottom of your screen if you'd like to make your selections the default setting for all passphrases moving forward. Tap Use Passphrase to update the record or Copy Passphrase to copy it to your device's clipboard.

To generate a password or passphrase from your vault home screen, tap the yellow create icon (+)and select Generate Password. Select either password or passphrase next to "Type". You can either use the password/passphrase to create a new record or copy it to your device’s clipboard to use elsewhere.

Generator History

To view your password/passphrase history, tap Generate Password from either your vault home screen or create one within a record and tap the clock icon. You can delete your generator history at any time by tapping on the trash icon.

Password Zoom

To produce a zoomed-in view of a record's password or passphrase, tap the eye icon then long press on the password field. An enlarged view of your password/passphrase will appear at the bottom of the screen. Any numbers and symbols can be easily identified by blue and red color-coding.

Password Enforcement Policies (Business/Enterprise Users)

The password generator on end-user vaults will adhere to the minimum character length, minimum number of lowercase/uppercase/numbers/symbols and allowed list of symbols as defined by your Keeper Administrator.

For more information on record password enforcement policies, please see our Enterprise Guide.

Security Audit

If a record is indicated as having a high risk password, Keeper recommends changing the password at the affected site immediately and updating the corresponding record in your Keeper Vault.

Record History

Users also have the ability to conveniently restore previous versions of a record. While viewing a record, tap the menu icon in the upper right corner of your screen and select Record History.

To restore a record back to a previous state, tap on the version you would like to restore. Review the record information by tapping the info icon then tap Restore.

A few notes on Record History:

Restoring a record does not place it back into the original folder structure.
Record History is only available as part of the paid consumer and business plans.
Deleted records can be reviewed and restored by visiting "Deleted Items" in the left navigation menu.

KeeperFill

Use KeeperFill to quickly autofill passwords into web browsers such as Chrome, Firefox, Edge, Brave, DuckDuckGo and all other native apps like banking and social media. Once enabled, KeeperFill login prompts and fill results are seamlessly integrated into your device's keyboard.

KeeperFill is currently supported for Android versions 9 and above.

Setup

To enable KeeperFill, navigate to Keeper's Settings menu, then toggle "KeeperFill" on.

You will then prompted to enable various settings on your device including:

Selecting Keeper as the Autofill service
Enabling KeeperFill in Chrome by selecting "Autofill using another service" (if Chrome is set as the default browser on your device)

Autofill for Apps & Web Browsers

From the app or website login screen, tap Sign in to Keeper located above the keyboard and enter your Keeper master password.

If Keeper identifies a record match, your login will then be displayed. Simply tap on your login next to the Keeper icon to autofill your credentials and log in.

Some apps and sites have more than one login screen and may require you to tap your login on each screen.

If your device's keyboard does not support autofill, KeeperFill's appearance and location will vary like in the example below.

Passkeys on Android

Passkeys on Android devices, a highly anticipated feature for enhanced security and convenience, is now available on Android devices running Android 14+. This update marks a significant enhancement in our mobile applications capabilities, offering users an even more secure and streamlined experience. To learn more about Passkeys with Keeper, click HERE.

Passkeys work on websites and applications that have been specifically built to support them. Keeper maintains a passkey directory, which can be found HERE.

Creating a passkey for a website or app is a simple process on your Android device.
Tapping Create Passkey on a site or app will triggerKeeper to intercept the request. Keeper then prompts you to create a passkey for your associated login and saves it to your vault.
Returning to sites or apps where you have a stored passkey you will either be prompted to sign in with passkey or will be able to select Sign in with Passkey. Keeper does the rest!

Passkey functionality is not enabled by default on Android devices. To enable passkeys with Keeper follow the steps below.

Passkey Setup

Some Android devices do not have passkeys enabled by default. To enable passkeys on your device follow these steps:

Open Chrome or Chromium based browser on your Android device.
Enter chrome://flags into the address bar.
Next, enter "Passkeys" in the search bar.
Under "Android Credential Management for passkeys" select Enabled for Google Password Manager and 3rd Party Passkeys from the dropdown menu, then click the Relaunch button that appears at the bottom of the browser.

Record Search & Creation

If you would like to search for a record in your vault or create a new record, tap the Search/Add button above your keyboard.

You can then tap Create New Record, enter the record details, then Fill & Save to save the record to your vault and autofill the newly created login into the app or site.

Or if you'd like to search for an existing record, select the record from your records list and tap Fill to autofill the login into the app or site.

Keeper for Wear OS

Available for download in the Google Play Store, Keeper's smartwatch app for Wear OS provides users with quick access to their favorite records as well as a convenient two-factor method for logging in to your Keeper Vault.

For the best experience, the Keeper Wear OS app requires a phone running Android 9.0 (API level 28) or newer and a watch running Wear OS 5.0 or greater.

Two-Factor Authentication

To setup two-factor authentication for you Keeper Vault using Keeper for Wear OS as your second factor, first ensure your smartwatch is paired with your mobile phone.

On your phone, navigate to Keeper's Settings menu and tap Two-Factor Authentication. From the "Authentication Method" dropdown menu, select Smartwatch then follow the prompts to verify your identity.

If you don't receive notifications, they may not be enabled for Keeper. To turn on notifications, from your phone, navigate to Settings > Notifications > Keeper and toggle "Allow Notifications" on.

Next time you login to Keeper, you will receive a push verification request on your smartwatch to approve or deny the login attempt.

Alternatively, you can enter the time-based verification code from the Keeper app home screen. This is especially useful in cases where the Keeper Push notification times out.

Secure Add-Ons

Secure File Storage

Keeper offers Secure File Storage to protect your confidential files, photos and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper Vault.

You can either add an attachment to any existing record or create a new record (optionally using the "File Attachment" record type). Tap Attach Files, Photos & Videos to upload your file.

To learn more about Secure File Storage, click here.

BreachWatch

BreachWatch is a powerful, secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper Vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.

To start your BreachWatch scan, tap BreachWatch in the lower menu of your screen tap then Let's Begin > Scan.

BreachWatch will then scan your records and report any risks associated with them. Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper vault with the same password.

If you tap Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.

To learn more about BreachWatch, click here.

Settings

The Settings menu allows you to customize the display, personalization and security features of the application, including:

Dark Mode
Theme
Login Options (Two-Factor Authentication, Biometric Login, Allow Offline Access, Stay Logged In, Auto-Logout)
Security (Enable Self-Destruct)
Fast Login Mode
KeeperFill
Auto-Approve Devices from Recognized IP Address(es)
Prevent Screenshots
Clipboard Expiration
Hide Passwords
Show Numbers in List View
Sort Record Types
Change Email Address
Account Recovery
Reset Master Password

Please note that some security settings may be enforced by your Keeper Administrator if you are part of a Keeper Business account.

Dark Mode

You can enable Dark Mode from the Settings menu. Tap the Match System dropdown menu to turn Dark Mode for Keeper on or off. By default, the app will match your device's system display settings.

Account Recovery

If you forget your master password, Account Recovery will help you quickly regain access.

Settings > Account Recovery
Confirm your Master Password and tap Generate New Phrase.
Once your recovery phrase has been generated, be sure to store it in a safe place. For added convenience, you will be given the option to copy or download it.
Check the confirmation box to confirm that you've stored your Recovery Phrase.
Tap Set Recovery Phrase.

Reset Master Password

Settings > Reset Master Password.
Enter your current master password.
Create and confirm a new master password.

If you have Biometric Login enabled, you won't be required to enter your current master password.

If you are unable to login with your current master password, and you've set a recovery phrase, go to Forgotten Master Password & Account Recovery to recover your account.

Two-Factor Authentication

Two-Factor authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.

Enabling two-factor authentication is especially advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).

Keeper offers two ways to take advantage of 2FA:

To log into your Keeper Vault.
To log into any site or application from your Keeper Vault by embedding a TOTP (time-based one-time password) into your records.

2FA for Your Keeper Vault

To enable 2FA for your Keeper Vault, tap Settings > Two-Factor Authentication, tap the dropdown menu under "Primary Method" and select a method from the list of options.

Text Message Setup:

Select a Region (US+1 by default), enter your 10 digit phone number including your area code and tap the checkmark icon to save.
Select how long you want the two-factor method to be valid for (not again for the device, every 30 days, 24 hours, 12 hours or at every login).

Business customers may be required to enter the code every login as determined by their Keeper Administrator.

Enter the code that was sent to the phone number you provided then tap the checkmark icon to save. Codes will only last for a minute; if you need another code sent, tap Send a new code.

Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.

If you are not receiving SMS messages from Keeper, please use the TOTP method or submit a support ticket at https://www.keepersecurity.com/support.html.

Authenticator App (TOTP) Setup:

Once you select "Authenticator App" tap the checkmark icon to save.
Select how long you want the two-factor method to be valid for (not again for the device, every 30 days, 24 hours, 12 hours or at every login).

Business customers may be required to enter the code every login as determined by their Keeper Administrator.

You will be prompted to scan the QR code or enter your secret key into your authenticator or TOTP app. If you don’t have an authenticator app installed, the app will show the QR code for you to scan directly. If you already have one or more authenticator apps installed on your Android device, a menu will appear at the bottom of the screen, allowing you to select the app you wish to use.

If you have multiple authenticator apps installed: Choose the app you want to use. The selected app will open and ask you if you want to add the token.
If you only have one authenticator app installed: The installed app will automatically open, and you'll be asked if you want to add the token.
Save the Token in Your Authenticator App
- For a single app: The authenticator app will automatically prompt you to add the token. Tap to confirm.
- For multiple apps: After selecting your authenticator app, the app will prompt you to add the token. Tap to confirm.
Important: After registering the token in your authenticator app, there is no obvious "Go back to Keeper" button. You will need to manually switch back to Keeper by either:
- Using the "Recent Apps" button to switch back to Keeper, or
- Using the swipe gesture (depending on your device settings) to return to Keeper.

Once the token is registered in your authenticator app, return to Keeper and enter the TOTP code provided by your app to complete the setup.

Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.

In order for Azure MFA (using the Microsoft Authenticator app) to be utilized as a TOTP, the Azure Administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.

Keeper for Wear OS Setup:

To setup two-factor authentication for you Keeper Vault using Keeper for Wear OS as your second factor, first ensure your smartwatch is paired with your mobile phone.

Next time you login to Keeper, you will receive a push verification request on your smartwatch to approve or deny the login attempt. Alternatively, you can enter the time-based verification code from the Keeper app home screen. This is especially useful in cases where the Keeper Push notification times out.

For more information about the Keeper WearOS app, click here.

2FA Frequency

You can manage how often you are prompted to sign in on your device with your selected two-factor method at any time. Once you have set up two-factor authentication for your vault (following the steps above), the 2FA Frequency setting will be available within the "Settings" menu. Tap 2FA Frequency and select from: every login, every 12 hours, every 24 hours, every 30 days, or don't ask again on this device.

2FA for Websites & Apps

Keeper can fill 2FA codes on any website or application that supports TOTP by scanning a QR code to generate a code (requires a second device).

Open and edit the Keeper record on your mobile device and tap Add Two-Factor Code (this will open your device's camera).

In order to open your device's camera you must first "allow" Keeper permission when prompted.

On a secondary device (e.g. tablet, computer), navigate to the corresponding record's 2FA set up screen to retrieve the site's QR code.
Scan the QR code with your mobile device. You will see the code has been added to the record.
Tap the checkmark icon to save, then tap the code to copy it to your device's clipboard.
Return to the site to paste the code to complete the setup.

From the Settings menu, toggle "Biometric Login" on.

For security reasons, Android has designated only certain biometric authentication methods as secure. Samsung face biometric is considered insecure by the Android operating system (because it can be fooled by a photo). Keeper Security does not permit insecure biometric access to the vault.

Once enabled, at the Keeper login screen, tap Biometric Login and touch the fingerprint sensor when prompted (or use Face/Iris Authentication where available).

FIDO2 WebAuthn Security Keys

Keeper provides two-factor authentication (2FA) on Android with compatible hardware keys such as the YubiKey 5 NFC, YubiKey 5C NFC and YubiKey 5Ci. Listed below are supported physical keys on Android.

Supported Physical Keys

NFC Support

Plug-in Support

Yubikey 5 NFC

✅

❌

YubiKey 5C NFC

✅

YubiKey 5Ci

❌

✅

Identiv uTrust NFC

✅

❌

Feittian ePass K9 NFC

✅

❌

GoTrust Idem NFC

❌

✅

Thetis Pro NFC

✅

Keeper is committed to enhancing the security and flexibility of your experience. Support for more plug-in style physical keys will come with a future release.

Setup & Registration

Before you add a security key, a two-factor authentication method must be in place as a backup.
Navigate to Settings > Two-Factor Authentication and tap Add next to "Security Keys".
Tap + Add Key and enter a name for the security key, then tap REGISTER.
Select NFC Security key from the list of devices.
Hold your key flat against the back of your device until it stops vibrating.

Your security key has been registered. You can register up to 5 security keys. Any one of those keys will unlock the account.

Prompt Frequency & Offline Access

The FIDO2 WebAuthn device will be required for login based on the configuration of the first 2FA method. For example:

If the first 2FA method is set to "Prompt Every Login", then the Yubikey will be required on every login, and offline login will be disabled.
If the first 2FA method is set to "Every 30 days", then the Yubikey will be required every 30 days, and offline login will be disabled.
If the first 2FA method is set to "Remember Forever", then the Yubikey will only be required one time on each new device. Offline vault login will be enabled.

Account Switching

Keeper supports the use of multiple vaults on the same device allowing you to switch between a personal account and business account, for example.

To switch to another account on your device, tap Account then tap the dropdown menu icon to the right of your email address. Select the account you would like to switch to or tap Add Account to register another account on that device.

You can also switch and add accounts from the Keeper login screen.

2FA Prompting Behavior & Offline Access

When 2FA is activated on an account, it protects the user on all devices and all platforms because 2FA is protecting access to the backend cloud system.

By definition, two-factor authentication protects access to the cloud and it protects access to online accounts. It therefore requires an online connection to be prompted for 2FA. 2FA is triggered when a request is made from the client device to the server. For example when logging into a new device, syncing new information on an existing device or performing any other cloud-based features.

By default, the native Keeper app for iOS, Android, Mac and Windows allow users to login quickly with their master password (offline mode) to access their vault. After typing in the master password or using biometric login, the user decrypts the data locally, then the app sends a sync request to the server at which time the user may be prompted for their 2FA code. Depending on the speed of the Internet connection, the 2FA prompt may be received a couple seconds after logging into the native application because the local decryption of data occurs much faster.

Offline authentication and vault access is permitted by all consumer customers. Enterprise customers may restrict the use of offline access for their employees.

2FA Token Retention & Timing

When activating 2FA on your Android device for the first time, the user selects how often they want to be prompted. Users can be prompted for 2FA at every login, once every 12 hours, every 24 hours, every 30 days, or only one time per device. It's important to understand that 2FA is always enabled on the Keeper servers. After a successful login on a device, a "token" is generated from the 2FA code and stored locally on the device as long as it's deemed valid by the server. This is why you are still able to login to the same device over and over without being re-prompted. By default, consumer customers will be prompted only one time per device. Enterprise customers may enforce users to be prompted every time for a new code.

Currently, the 2FA token retention timing on Android will default to "only one time" on a device if the 2FA was initially set up on the Web Vault or Desktop App. To change this behavior, please turn 2FA off and then re-activate 2FA on the iOS device.

Import & Export

To import and export data from your Keeper vault, visit the Keeper Web Vault or download Keeper Desktop for your computer.

Keeper Web Vault: https://keepersecurity.com/vault

All Downloads: https://keepersecurity.com/download

Uninstall & Account Reset

The instructions below apply to the latest OS. Third party operating system instructions may differ.

Uninstall Keeper:

Uninstalling Keeper will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.

Open your device's Settings menu.
Tap Apps or Application Manager (depending on device).
Navigate to the Keeper App.
Tap Uninstall.
Confirm by tapping OK when prompted.

Account Reset:

Resetting Keeper will erase all records from all Keeper accounts stored locally on your device. Data stored on Keeper's Cloud Security Vault is NOT erased.

Open your device's Settings menu.
Tap Apps or Application Manager (depending on device).
Navigate to the Keeper App > Storage.
Tap Clear data and Clear cache.
Confirm by tapping OK when prompted.

Privacy

Keeper's mobile apps do not contain any trackers. All mobile apps go through vulnerability testing with Keeper's 3rd party testers and the Bugcrowd Bug Bounty Program.

Exodus Privacy is an organization that monitors the applications that perform user tracking. Keeper's Android application showing zero trackers is listed below:

https://reports.exodus-privacy.eu.org/en/reports/com.callpod.android_apps.keeper/latest/#trackers

Helpful Links

Customer Support Form: https://keepersecurity.com/support.html

Business Customers: [email protected]

System Status: https://statuspage.keeper.io

iOS - iPhone & iPad

A comprehensive guide for Keeper for Apple iOS (iPhone, iPad) devices.

Your Keeper Vault

Signing up for Keeper's iOS mobile app is easy. Simply visit the App Store on your device and install Keeper Password Manager. Watch the video below to learn more about account creation and login.

New Users

To finalize your account and proceed to your vault, you will be asked to enter the security verification code that was sent to your email.

Enterprise users who log in with SSO do not require selection of a Master Password.

Existing Users

Email Verification
Keeper Push
Two-Factor Method

Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.

If you select Send Keeper Push, a notification (push) will appear in your Keeper vault at an approved device or browser.

On the device, login and tap Yes to approve the new device. You must be actively logged into a an approved device to receive the notification.

Once your device has been approved, you will be prompted for 2FA (if enabled), then enter your Master Password to proceed to your vault.

For more information about Enterprise SSO login, click here.

Importing Passwords

iOS Version 26+

If you are running iOS version 26 or higher, you can import your passwords, passkeys and two- factor codes from Apple Passwords directly into Keeper.

To begin, open the Apple Passwords app on your mobile device and tap the Options icon > Export Data to Another App.

Select the logins you would like to export to Keeper and tap Continue. Select Keeper from the compatible apps listed and tap Continue > Continue in "Keeper".

Once you've authenticated to Keeper, tap Import. When the import is complete, you will be able to find all of your logins in the Keeper folder named "Apple Passwords".

iOS 18.7 and Below

Importing passwords is not available on the iOS app for versions 18.7 and below. Please use the Keeper Web Vault or Desktop App on a desktop computer to import your passwords.

When you first log in to your vault, Keeper will prompt you to import passwords from your computer and/or web browsers. If you're not near a desktop computer, you can perform the import at a later time using the Keeper Web Vault.

Tap I'm at my computer.
Keeper will ask you to navigate to keepersecurity.com/setup on your desktop computer to begin the process of importing your passwords.

For detailed instructions on importing passwords from web browsers and other password managers to your Keeper Web Vault, click here.

Creating New Records

Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital vault (as "Records") and are encrypted on your device using 256-bit AES.

Tap + and Create New Record.

Choose a Record Type from the dropdown menu ("Login" is the default type)
Enter a Title for the record
Enter the Email or Username
Enter the Password or tap the dice icon to generate one (more on that here)
Enter the Website Address (if one wasn't already entered for you)
Enter Notes, add Files & Photos, a Two-Factor Code and Custom Fields
Tap Save to finish

Depending on the Record Type you selected, the default record fields will vary.

Organization

With Keeper you can organize your records into folders and subfolders. To create a folder, tap + and Create New Folder, then enter a name for the folder. To add records to the folder, Tap + and Add Existing Record or you can tap Create New Record to add a new record to the folder.

To create subfolder, within the new folder, tap + and Create New Folder.

Once created, a regular folder cannot be converted to a shared folder. To learn how to create a shared folder, click here.

Moving & Shortcuts

To begin, tap the pencil icon and select the folder(s) and/or record(s) and then select an option listed below.

Create a Shortcut
Move to a New Folder
Move to an Existing Folder
Change the record(s) "type"
Delete

Favorites

Adding a record to your vault Favorites is an easy way to locate your most frequently visited sites. To add a record to your Favorites, tap More > Add to Favorites.

Apple Watch Favorites

Available for download in the App Store, Keeper's smartwatch app for Apple (also known as KeeperDNA) provides users with quick access to their favorite records.

To add a record to your Watch Favorites, navigate to a record and tap More > Add to Watch Favorites.

On your smartwatch, you can access all of your Watch Favorites from the home screen. Selecting an individual record will allow you to view its details.

Securely create, share and manage records and folders with other Keeper users such as friends, family, friends and colleagues.

To Create a One-Time Share:

(1) Open the record you would like to share then tap Share > One-Time Share.

(2) Tap Create a Share Link

(3) Select a record access expiration from the provided options or select a custom date and time, then tap Create.

(4) Once the share link has been created, select how you would like to share the link. (SMS, Email, Copy or the recipient can scan the provided QR code to view the record.) When the recipient of the share link opens the record, it will open in their web browser and will be bound to their device. The record access will automatically expire after the set amount of time.

Click here for more information on Keeper's One-Time Share feature.

Shared folders allow you to share multiple records at once and new records can be added to the folder as needed.

Tap + and Create Shared Folder.
Enter a name for the folder and tap Save.
The new folder will now appear in your records list. To share the folder with other users, select the folder, then tap the three dots to the right of the folder name to open a menu of options.
Select Manage Users & Records and enter the email addresses of the user(s) you would like to share the folder with.

Assign Permissions & Add Records:

You can assign permissions for each user by tapping on their email address under the "Users" tab.
To add records to the folder, switch to the "Records" tab.
Select the record(s) you would like to add to the shared folder. Once a record has been added, select it from the list to assign permissions (Can Edit, Can Share). Tap Save to finish.

Identity & Payments

Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.

Payment cards can also be stored in your vault as records using the "Payment Card" record type which allows them to be shared with other users. See our Record Types Guide for more information.

Key Features

Password & Passphrase Generators

Keeper's password generator can create and securely store strong, random passwords or passphrases for all of your sites and apps.

Generate a Password

Generate a Passphrase

Tap the dice icon within a new or existing record and from the dropdown menu next to "Type" and select Passphrase.

You can customize your passphrase by setting the length, including capital letters and numbers in the passphrase and choosing from various symbols to separate the words.

Passphrases can be up to 20 words long, with a minimum length of 5 words and each word including at least 3 characters.

To generate a password or passphrase from your vault home screen, tap the yellow create button and select Generate Password. Select either password or passphrase next to "Type". You can either use the password/passphrase to create a new record or copy it to your device’s clipboard to use elsewhere.

Generator History

Password Zoom

To produce a zoomed-in view of a record's password or passphrase, tap the eye icon then long press on the password field. An enlarged view of your password/passphrase will appear and any numbers and symbols can be easily identified by blue and red color-coding.

Password Enforcement Policies (Business/Enterprise Users)

For more information on record password enforcement policies, please see our Enterprise Guide.

Wi-Fi Record Type with QR Code

Keeper's "WiFi Login" record type simplifies creating and sharing Wi-Fi passwords. This record type even includes the ability to generate a shareable QR code that can be scanned by others to automatically join the Wi-Fi network.

To create a Wi-Fi login record, select WiFi Login from the "Record Type" dropdown and enter the record details.

To generate a Wi-Fi network QR code, ensure the "Network Name (SSID)" and "Password" fields are entered.

Currently, Wi-Fi record type creation is only available on iOS. This functionality on the Web Vault, Android and Desktop App is coming soon.

Send a File to Keeper

When you open a file from your email for example, you seamlessly launch into the Keeper App to create a new record or add the file to an existing record.

Upon opening the file, tap the share icon. From the share dialogue, select Keeper in the list of apps.

Once Keeper opens, select either Add to New Record or Add to Existing Record. If you are creating a new record, the record type will automatically default to a "File Attachment" (Tap the dropdown icon to change the record type). Enter the record details and tap Save.

Scan a Document (iOS 13+)

Keeper's Scan a Document feature uses optical recognitiion (OCR) to scan a picture, document, card or credentials written on paper then transcribes them in plain text with your record's "Notes" field. This makes it easier to use the text, remember notes and save time.

While viewing a record in edit mode, tap Scan a Document to open the camera function of your device. Once the document has been scanned, tap Save. You will have the option to either add the scanned document to the record as a file attachment or save it in plain text to the "Notes" field.

Security Audit

If a record is indicated as having a high risk password, Keeper recommends changing the password at the affected site immediately and updating the corresponding record in your Keeper Vault.

Record History

Users also have the ability to conveniently restore previous versions of a record. While viewing a record, tap More > Record History.

To restore a record back to a previous state, tap on the version you would like to restore. Review the record information by tapping the "Record Information" dropdown then tap Restore.

A few notes on Record History:

Restoring a record does not place it back into the original folder structure.
Record History is only available as part of the paid consumer and business plans.
Deleted records can be reviewed and restored by visiting "Deleted Items" in the left navigation menu.

KeeperFill

Keeper is fully integrated into the login experience of every website and app. Once enabled, KeeperFill will help you sign into apps and website with just a few taps.

iOS 17 and Below

Autofill Setup

Before you can utilize KeeperFill's autofill features, you must first complete a few setup steps.

Open your device's Settings app.
Scroll down and select Passwords.
Tap Password Options and ensure "AutoFill Passwords" is toggled on.
Select Keeper below both "Allow filling from" and "Set up Verification Codes using"
Follow the prompt and uncheck all other password managers (including keychain).

To learn how to set up 2FA for websites and apps, click here.

Autofill & Two-Factor Codes

Once the above setup steps complete, you will see a Passwords button appear above the keyboard when logging into an app or website. By default, tapping Passwords, will prompt you to log in to Keeper and automatically launch KeeperFill. Please note, for security purposes, you must authenticate to Keeper each time you autofill a record on your mobile device.

If you subscribe to iCloud+, you may need to tap the key icon to the right of "Hide My Email" to open KeeperFill.

As of iOS version 16.2, Keeper is also able to store your two-factor authentication (2FA) codes automatically by serving as your time-based one-time password (TOTP) generator.

Two-factor codes will be automatically copied to your clipboard when possible. To copy it manually, tap the copy icon next to the code and when prompted paste the code into the field provided.

iOS 18 and Above

Autofill Setup

With the update of iOS 18, you can enable KeeperFill directly from the Keeper app in one quick step. From the Settings menu, tap Enable KeeperFill > Turn On.

Autofill & Two-Factor Codes

Simply long-tap on any field in an app or website and Keeper will seamlessly fill any record information, such as usernames, passwords and even TOTP codes.

Autofill your credentials at the login page in an app or site. Simply long-tap on any field to generate a menu and select Autofill > Passwords and authenticate to Keeper.

Once Keeper opens, select a matching record or search for one in your vault. Next, tap on the field you'd like to autofill (e.g. username, password, two-factor code, payment card). Whatever information you select will also be conveniently copied to your device's clipboard.

After logging in with your username and/or password, if a two-factor code is required, Keeper will automatically fill the code within the same workflow, reducing friction during the login process.

Alternatively, when Keeper detects a TOTP field at a login page, select Keeper from the verification code menu that appears and authenticate to Keeper.

Next, select a code to fill from the list of matching records to autofill it.

Please note, this feature is dependent on the iOS autofill framework and structure of the target website or application.

Passkeys on iOS

Passkeys on iOS devices, a highly anticipated feature for enhanced security and convenience, is now available on Apple devices running iOS 17+. This update marks a significant enhancement in our mobile applications capabilities, offering users an even more secure and streamlined experience. To learn more about Passkeys with Keeper, click HERE.

Passkeys work on websites and applications that have been specifically built to support them. Keeper maintains a passkey directory, which can be found HERE.

Creating a passkey for a website or app is a simple process on your iOS device.
Tapping Create Passkey on a site or app will trigger Keeper to intercept the request. Keeper then prompts you to create a passkey for your associated login and saves it to your vault.
Returning to sites or apps where you have a stored passkey you will either be prompted to sign in with passkey or will be able to select Sign in with Passkey. Keeper does the rest!

Passkey functionality is not enabled by default on iOS devices. To enable Passkeys with Keeper follow the steps below.

Activating Passkeys on iOS

Launch the Settings app on your iOS device and select General.
Next, choose AutoFill & Passwords.
Toggle ON AutoFill Passwords and Passkeys.
Then tap Keeper so a blue tick appears. If you have used Autofill before, iCloud Passwords & Keychain may have a blue tick as well. For optimal accuracy when using Keeper for Passkeys, make sure to tap iCloud Passwords & Keychain to remove it as an option.

Secure Add-Ons

Secure File Storage

Secure File Storage protects your confidential files, photos, and videos. Securely upload and store files such as legal, tax and loan documents, videos and any other private file to your Keeper Vault.

You can either add an attachment to an existing record or create a new record. The example below utilizes the "File Attachment" record type. Tap Attach Files, Photos & Videos to upload an attachment. You will then be prompted to either Take a Photo or Choose Existing File.

Opening Record Attachments

Tap on the file name within a record to View, Save, or Delete Local Copy. Save files to your device, open them in other apps, or share them via Messages, WhatsApp, Airdrop, and more.

To learn more about Secure File Storage, click here.

BreachWatch

To start your BreachWatch scan, tap BreachWatch in the lower menu of your screen tap then Let's Begin > Scan.

To learn more about BreachWatch, click here.

Settings

The Settings screen allows you to customize the personalization and security features of the application.

Please note that some security settings may be enforced by your Keeper Administrator if you are part of a Keeper Business account.

Appearance (Dark Mode, Theme)
Login Options (Two-Factor Authentication, Biometric Login, Stay Logged In)
Keyboard Widget
Clipboard Expiration
KeeperFill
Auto-Logout
Default Browser
Security (Enable Self-Destruct, Hide Passwords)
Sort Record Types (Edit Order,
Change Email
Account Recovery
Reset Master Password
Fast Login Mode
Image Quality

Account Recovery

If you forget your Master Password, this feature will help you quickly regain access.

Set up Account Recovery:

Tap Account Recovery from the Settings menu.
Confirm your Master Password and tap Generate New Phrase.
Once your recovery phrase has been generated, be sure to store it in a safe place. For added convenience, you will be given the option to copy or download it.
Check the confirmation box to confirm that you've stored your Recovery Phrase.
Tap Set Recovery Phrase.

Reset Master Password

To change your Master Password:

Tap Reset Master Password.
Enter your current master password.

If you have Touch ID or Face ID enabled, you won't be required to enter your current master password.

Create and confirm a new master password.

If you are unable to login with your current master password, and you've set a recovery phrase, go to Forgotten Master Password & Account Recovery to recover your account.

Two-Factor Authentication

Two-Factor authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.

Enabling two-factor authentication is especially advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).

Keeper offers two ways to take advantage of 2FA:

To log into your Keeper Vault.
To log into any site or application from your Keeper Vault by embedding a TOTP (time-based one-time password) into your records.

2FA for Keeper Vault

To enable 2FA for your Keeper Vault, tap Settings > Two-Factor Authentication then select your method from the list of options.

Text Message Setup:

(1) Select a Region (US+1 by default), enter your 10 digit phone number including your area code and tap Save.

(2) Select how long you want the two-factor method to be valid for.

You will be prompted for 2FA every time you login to your vault unless you select an alternative duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.

(3) Enter the code that was sent to the phone number you provided. Codes will only last for a minute; if you need another code sent, tap Send a new code.

(4) Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Save these codes somewhere safe, and then tap OK to finish.

If you are not receiving SMS messages from Keeper, please use the TOTP method.

Authenticator App (TOTP) Setup:

(1) Once you select "Authenticator App" tap Save.

(2) Select how long you want the code to be valid and tap Back.

You will be prompted for 2FA every time you login to your vault unless you select an alternative code duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.

(3) You will be asked to scan the QR Code or enter your secret key in your authenticator or TOTP app. Copy the code displayed in Keeper. Open Google or Microsoft Authenticator (or whichever app you use for 2FA) and add a TOTP record, pasting in the copied Secret Key.

(4) Return to Keeper and copy or enter the TOTP code provided.

(5) Backup codes will be shown next. If you are ever unable to receive Two-Factor codes, you can enter one of the codes listed instead. Tap OK to finish.

2FA Frequency:

Keeper for Apple Watch

Available for download in the App Store, Keeper's smartwatch app for Apple (also known as KeeperDNA) provides users with quick access to their favorite records as well as a convenient two-factor method for logging in to your Keeper Vault.

In Keeper, navigate to Settings > Two-Factor Authentication and under "Authentication Method" select Keeper for Apple Watch then follow the prompts to verify your identity.

If you don't get a notification, you may not have notifications enabled for Keeper. To turn on notifications, on your phone navigate to Settings > Notifications > Keeper and toggle "Allow Notifications" on.

Next time you login to Keeper, you will receive a push verification request on your smartwatch to approve or deny the login attempt.

Alternatively, you can enter the time-based verification code from the Keeper Apple Watch app home screen. This is especially useful in cases where the Keeper Push notification times out.

2FA for Websites & Apps

Keeper can fill 2FA codes on any website or application that supports time-based one-time passwords (TOTP). Keeper supports the following methods to add two-factor codes to records.

Automatically Import a Setup Code
Enter Secret Key
Scan QR Code (requires a second device)
Upload QR Code

Continue reading to review these four setup methods in more detail.

Automatically Import a Setup Code

Be sure to first set Keeper as your default password manager in your device's Settings. Learn how here.

For apps that allow an automatic import of the setup code into Keeper, follow the app or website setup steps prompting you to link a compatible authentication app to the account.
Keeper will automatically open and log in as normal.
Select whether to add the two-factor code to a new or existing record (if you choose existing record, select if from your records list or locate it using the search bar).

You will see the code has been added to the record. Tap Save and return to the record to copy the code to your clipboard.

Return to the app/site to paste the code to complete the setup.

Enter a Secret Key

For apps that provide a secret setup key to paste into Keeper, begin by copying the key to your device’s clipboard.
Switch to the Keeper app and log in. Open the corresponding record and tap Edit > Add Two-Factor Code.
Select Enter Secret Key and paste the key into the field provided and tap OK.

You will see the code has been added to the record. Tap Save and then tap the code to copy it to your clipboard.

Return to the app/site to paste the code to complete the setup.

Scan QR Code

Open the Keeper record on your mobile device and tap Edit > Add Two-Factor Code > Scan QR Code (this will open your device's camera).

On a secondary device (e.g. tablet, computer), navigate to the corresponding record's 2FA set up screen to retrieve the site's QR code.
Scan the QR code with your mobile device.

You will see the code has been added to the record. Tap Save and then tap the code to copy it to your clipboard.

Return to the app/site to paste the code to complete the setup.

Upload QR Code

For apps that provide a QR code to upload to Keeper, begin by saving the provided QR code image to your device's camera roll.
Open the corresponding Keeper record on your mobile device and tap Edit > Add Two-Factor Code > Upload QR Code and allow access to your photo(s).

Select the QR code image from your camera roll.

You will see the code has been added to the record.

Tap Save and then tap the code to copy it to your clipboard.
Return to the app/site to paste the code to complete the setup.

For more information about storing two-factor codes in Keeper, click here.

Siri Shortcuts

Keeper is integrated with Siri Shortcuts and supports the following voice command variations:

Begin each phrase with "Hey Siri..."

Make a Keeper Record

Make a Keeper record
Make a Keeper password
Keeper record
New Keeper record
Make a record in Keeper
Create a Keeper record
Create a Keeper password
Create a record in Keeper
Add Keeper record
Add a Keeper password
Add a record in Keeper

Display Keeper Verification Codes

Display Keeper verification codes
Show me Keeper verification codes
Show me my Keeper verification codes
Display Keeper authentication codes
Launch Keeper verification codes
Launch Keeper authentication codes
Open Keeper verification codes
Open Keeper TOTP codes
Open Keeper TOTP
Launch Keeper TOTP codes
Launch Keeper TOTP
Display Keeper TOTP codes
Display Keeper TOTP
Show me my Keeper TOTP codes
Show me my Keeper TOTP

Display Keeper Shared Records

Display Keeper shared records
Display my Keeper shared records
Launch Keeper shared records
Launch my Keeper shared records
Show me my Keeper shared records
Open Keeper shared records
Open my Keeper shared records

You must be logged into Keeper to use the shortcuts (otherwise Siri will prompt you to login). Currently, Siri Shortcuts are only available in English.

To view the shortcuts currently available for Keeper, from the Account screen tap shortcuts.

Both Touch and Face ID must be set up in your device's settings before they can be used to login into Keeper. Once that is complete, from Keeper's Settings screen, toggle "Biometric Login" on.

You can now log into Keeper with your fingerprint using Touch ID or with face recognition using Face ID. Tap on the Touch ID or Face ID symbol to initiate biometric login.

Biometric login such as Touch and Face ID on iOS are a time saving & convenience feature and are not a replacement for two-factor authentication.

Upon your first login, Keeper will ask you if you want to use Face ID to login. If you decline this feature, you can re-enable it under your device's Settings > Keeper and toggle Face ID on.

The Keeper widget provides an account security overview that is displayed on your device's home screen. To add Keeper's iOS widget to your home screen, follow the steps below:

(1) In Keeper, tap Settings then toggle "Enable Keeper Widget" on.

(2) From your device's home screen, press and hold on any empty area until the apps icons move.

(3) Tap the "+" add icon from the upper left corner of your screen.

(4) Select or search for the Keeper widget.

(5) Choose a size by swiping through the three options and tap Add Widget.

(6) Tap Done.

FIDO2 WebAuthn Security Keys

Keeper now supports a wider range of hardware security keys on iOS through Apple’s security key framework. This allows for seamless two-factor authentication (2FA) with various compatible devices.

Supported Keys:

Keeper is compatible with any hardware security key that is supported by Apple's security key framework, including a wide range of FIDO2-compliant devices. This includes:

NFC-compatible keys
USB-C keys
Lightning-compatible keys

For a complete list of certified keys from the FIDO Alliance, visit the FIDO Certified Showcase.

Ensure you are using the latest version of Keeper on iOS for optimal compatibility and performance.

Setup and Configuration

(1) Before you add a security key, a two-factor authentication method must be in place as a backup.

(2) Navigate to Settings > Two-Factor Authentication, tap the field under "Security Keys".

(3) Tap Add New and enter a name for the key.

(4) Select a duration and tap Register.

(5) Choose your security key activation method: NFC or Insert and Touch, depending on the type of key.

(5) Tap the key on the back of your device or touch the sensor on your hardware key.

(6) Your security key has been registered, tap OK to finish.

A user can register up to 5 security keys. Any one of those keys will unlock the account. To delete a security key, swipe left on the registered key in the "Security Key" page and tap Delete.

Prompt Frequency & Offline Access

The FIDO2 WebAuthn device will be required for login based on the configuration of the first 2FA method. For example:

If the first 2FA method is set to "Prompt Every Login", then your hardware key will be required on every login, and offline login will be disabled.
If the first 2FA method is set to "Every 30 days", then your hardware key will be required every 30 days, and offline login will be disabled.
If the first 2FA method is set to "Remember Forever", then your hardware key will only be required one time on each new device. Offline vault login will be enabled.

Known Issues with Hardware Keys on iOS

If you're encountering issues with hardware security keys on your iOS device, such as problems with PINs, autofill, or NFC key support, you may be experiencing one of the following known issues:

YubiKey FIDO PIN Loop: Users with certain YubiKeys may experience repeated PIN prompts, even after entering the correct PIN.
Long-Tap Autofill Compatibility: The new long-tap autofill feature in iOS 18+ does not work with accounts secured by hardware security keys.
NFC Key Support: NFC hardware keys are supported on iOS devices, but NFC functionality does not work on iPads.

For more detailed information & troubleshooting, please refer to our Hardware Key Troubleshooting Guide.

Account Switching

Keeper supports the use of multiple vaults on the same device allowing you to switch between a personal account and business account, for example.

Users can switch between accounts or add an account from the login screen. While logged out, tap the email field then select an account email address or tap Add Account to register a new account. Any accounts added will be stored in the drop down menu at the Vault Login screen for future use.

The multi-account switching feature is only available as part of the paid Personal and Business Plans.

2FA Prompting Behavior & Offline Access

When 2FA is activated on an account, it protects the user on all devices and all platforms because 2FA is protecting access to the backend cloud system.

By definition, two-factor authentication protects access to the cloud and access to online accounts. Therefore, it requires an online connection to be prompted for 2FA. 2FA is triggered when a request is made from the client device to the server. Logging into a new device, syncing new information on an existing device or performing any other cloud-based features.

By default, the native Keeper app for iOS, Android, Mac and Windows allow users to login quickly with their master password (offline mode) to access their vault. After entering their master password or using Biometric Login, the user decrypts the data locally, then the app sends a sync request to the server at which time the user may be prompted for their 2FA code. Depending on the speed of the Internet connection, the 2FA prompt may be received a couple seconds after logging into the native application because the local decryption of data occurs much faster.

Offline authentication and vault access is permitted by all consumer customers. Enterprise customers may restrict the use of offline access for their employees.

2FA Token Retention & Timing

When activating 2FA on your iOS device for the first time, the user selects how often they want to be prompted. Users can be prompted for 2FA every login, once every 30 days or only one time per device. It's important to understand that 2FA is always enabled on the Keeper servers. After a successful login on a device, a "token" is generated from the 2FA code and stored locally on the device as long as it's deemed valid by the server. This is why you are still able to login to the same device over and over without being re-prompted. By default, consumer customers will be prompted only one time per device. Enterprise customers may enforce users to be prompted every time for a new code.

Currently, the 2FA token retention timing on iOS will default to "only one time" on a device if the 2FA was initially set up on the Web Vault or Desktop App. To change this behavior, turn 2FA off and then re-activate 2FA on the iOS device.

Debug Logging

Enable Debug Logging to capture logs and send error reports to Keeper's Support Team. This will make it easier to troubleshoot issues without requiring a special application build. Once enabled, debug logs can be viewed, shared and deleted.

Once debug logging is enabled, please completely close and relaunch the app. Then, reproduce the bug or error you are experiencing to capture it in the logs.

Once enabled, you can access your logs different ways depending on what issue you are experiencing.

To view your overall app log, open the left navigation menu and tap Debug Logs.
To view a record specific log, open the record, tap the info icon and select Record Logs.
If you are having trouble logging into Keeper, tap Need Help? from the login screen and select Debug Logs.

For optimal app performance, we recommend enabling Debug Logging only temporarily when needed.

Import & Export

To import and export data from your Keeper Vault, visit the Keeper Web Vault or download Keeper Desktop for your computer.

Keeper Web Vault: https://keepersecurity.com/vault

Keeper's Downloads Page: https://keepersecurity.com/download

Uninstall & Account Reset

Uninstall Keeper:

Uninstalling Keeper will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.

On your device, long press on the Keeper App icon.
Tap Remove App > Delete App > Delete. (For older iOS systems, long press on the Keeper App icon until all the apps start to shake. Tap the "X" that appears in the upper left corner of the Keeper App icon. To confirm, tap Delete).

Account Reset:

Resetting Keeper will erase all records from all Keeper accounts stored locally on your device. Data stored on Keeper's Cloud Security Vault is NOT erased.

Open your device's Settings app and select Keeper.
Toggle "Reset Keeper" on.

Helpful Links

Customer Support Form: https://keepersecurity.com/support.html

Business Customers: [email protected]

System Status: https://statuspage.keeper.io

Web Vault & Desktop App

A comprehensive guide for the Keeper Web Vault and cross-platform, Keeper Desktop Application.

Your Keeper Vault

Watch the video below for an overview of the vault with master password login.

If you've already signed up for Keeper on your mobile devices, you can simply login to the Web Vault or Desktop App (links below) with your email address, Master Password and Two-Factor Authentication (if enabled on your account).

https://keepersecurity.com/vault (United States)
https://keepersecurity.eu/vault (Europe)
https://keepersecurity.com.au/vault (Australia)
https://keepersecurity.ca/vault (Canada)
https://keepersecurity.jp/vault (Japan)
https://govcloud.keepersecurity.us/vault (US GovCloud)

Download the Keeper Desktop App:

https://keepersecurity.com/download.html

Device

OS Version Supported

Windows

7 / 8 / 10+

Mac OS

Current Version - 2

Linux

Fedora, Red Hat, CentOS, Debian, Ubuntu, Mint

Device Approvals

Upon logging in, you may encounter a "Device Approval" request. If you are attempting to log in on an unrecognized device or browser, a device approval must take place before you can proceed to your Keeper Vault. Users have three methods of approval to choose from: Email, Keeper Push or Two-Factor Method.

Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.

If you select Keeper Push, a notification (push) will be appear in your Keeper Vault on an approved device or browser.

Select Yes to approve the new device.

You must be actively logged into a different, recognized/approved device to receive the notification.

Once your device has been approved, you will be prompted for 2FA (if enabled), then you can enter your Master Password to proceed to your vault.

New User Account Creation

To finalize your account and proceed to your vault, you will be asked to enter the security verification code that was sent to your email.

Enterprise users who login with SSO do not require the selection of a Master Password.

Upon logging in, you will be prompted to follow our Get Started wizard, which will guide you to import your passwords, install the KeeperFill Browser Extension and set up Account Recovery.

Watch the video below to learn how to create your account.

Users who login with an existing identity provider have various login choices. Users can either enter their email address at the login screen or click Enterprise SSO Login and select their login method from the dropdown menu as determined by their Keeper administrator (Enterprise Domain Login or Master Password Login).

Enterprise (SSO) users, should refer to our "Enterprise End-User (SSO)" Guide for more information regarding account creation, login flows, device approvals and much more.

Create a Record

Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital Vault (as "Records") and are encrypted on your device using 256-bit AES.

Click + Create New > Record.

Choose a Record Type from the dropdown menu ("Login" is the default type)
Enter a name for the Record and click Next
Enter the Login (Username or Email)
Enter the Password or click the dice icon to generate one (more on that here)
Enter the Website Address
Enter Notes, add Files & Photos, a Two-Factor Code and Custom Fields
Click Save to finish

Importing Passwords

You can either manually enter your existing logins and passwords into your vault or Keeper can import your existing passwords directly from your web browser (e.g. Safari, Chrome, Firefox), another password manager, or from a text file (.csv).

From Web Browsers

To import passwords from your web browser, you must first install the Keeper Import Tool. To begin the installation, from the Account Dropdown Menu, click Settings > Import > Import. If you came fresh into the Web Vault, you can download the import tool by clicking Install.

If you have started the import process from a mobile app and came to the Web Vault, you will be prompted to import your existing passwords, click Next > Install.

Keeper will then walk you through a few steps to download the Keeper Import Tool:

Copy the code Keeper provides (you will need this when prompted in the Keeper Importer).
If you are using a PC - click Run when prompted.
If you using a Mac - double click the "KeeperImport.zip" file located in your downloads and double click on the "Keeper Import App" to start the import process. You will encounter a few Keychain permission windows that will require you to enter your computer password to allow Keeper to access your web browsers.
Keeper will then ask for the code you received from step one; paste the code and click Import.

Once the installation is complete, Keeper will report websites and their associated logins and passwords directly from your web browser. You can then scroll though the report and uncheck those you do not wish to import. Once you have finished reviewing the report, click Add to Keeper to import the selected password.

From Password Managers

Keeper can import logins and passwords from other password managers. From the Account Dropdown Menu, click Settings > Import.

Click on the password manager you want to import from, then click View Import Instructions. Once you have created the export file per the instructions, drag and drop the file into Keeper's "Drop a File Here" window.

Confirm the export file has the correct extension at the end of the file name (e.g. export.csv).

A display window will appear allowing you customize how you want the import information organized. There are six general fields across the top of the scrollable window. Clicking on the titles of each one allows you to change the organization of that column via a dropdown menu.

The content of each column and change the title of each column to accurately represent that information (e.g. If you see a column of URLs and the column title says "Notes", change that column title to "URL").

Keeper can import passwords from the following password managers:

Import instructions can also be found in the Import section of our user guides.

From Text File (.csv)

Keeper can also import logins and passwords from a text file (.csv). To begin, from the Account Dropdown Menu, click Settings > Import. After selecting Text File (.csv) click View Import Instructions and follow the instructions provided. Once you have created the export file per the instructions, drag and drop it into Keeper's "Drop a File Here" window.

Please see the full instructions and file format of our CSV import here.

File Format

Folder,Title,Login,Password,Website Address,Notes,Shared Folder,Custom Fields

• To specify subfolders, use backslash "\" between folder names

• To make a Shared Folder specify the name or path to it in the 7th field

Example 1: Create a regular folder at the root level with 2 custom fields

My Business Stuff,Twitter,[email protected],123456,https://twitter.com,These are some notes,,API Key,5555,Date Created,2018-04-02

Example 2: Create a shared subfolder inside another folder with edit and re-share permission

Personal,Twitter,[email protected],123456,https://twitter.com,,Social Media#edit#reshare

Keeper also supports advanced JSON structured file formats. We recommend using JSON files for import and export of structured data instead of CSV files. This is described in the JSON Import page.

Download Keeper Applications

Download the Keeper Desktop and Mobile Apps to access your Keeper Vault from any platform and use it for native applications across all of your devices.

Visit: https://keepersecurity.com/download to download the Keeper App for all of your desktop and mobile devices.

Organization

With Keeper you can organize your records into folders and subfolders. To create a folder, click on + Create New > Folder. Enter the name of the folder and click Create.

To create a subfolder, right-click on an existing/parent folder and select New Folder.

Move, Shortcut & More

Drag and drop the record(s) you would like to store in a folder or subfolder and click Move or Create shortcut. To move multiple records, hold "shift" and click the items to drag-and-drop.

Record shortcuts = like alias files, can exist in two or more places and when edited, change together.

You can perform a number of actions by right-clicking on a record or folder to generate a contextual options menu.

Delete a Record or Folder

Right-click on a record or folder and select Delete. Click OK to confirm.

If you are deleting a folder, all records in the folder will also be deleted.

Delete Multiple Records or Folders Simultaneously

Ctrl/Cmd-click multiple records or folders to select for deletion. Right-click on the selection and select Delete. Click OK to confirm. Shift-click for selecting a list of items is also supported.

If a folder is included in your selection, all records in the selected folder will be deleted.

Deleted records can be found in the "Deleted Items" section of your vault (for paid consumer accounts). More information on Deleted Items can be found in this section.

Favorites

Record Favorites are used to easily identify your most frequently used records. Right-click on a record and select Add to Favorites.

Securely share records and folders with other Keeper users such as family, friends and colleagues.

If you attempt to share a record or folder with someone who is not an existing Keeper user, they first receive an email inviting them to sign-up for Keeper.

While viewing a record, click Share.

Enter the email(s) of the user(s) you would like to share with, then choose their permission type from the dropdown menu.

User Permissions

Permission Name

Permission Level

Can Edit

User can edit this record

Can Share

User can share this record

Can Edit & Share

User can edit and share this record

View Only

User can only view the record

Transfer Ownership

User will obtain ownership the record and control the sharing permissions

Keeper "One-Time Share" provides time-limited secure sharing of a record to anyone without having to create a Keeper account. To learn more about One-Time Share, click here.

Shared folders allow you to share multiple records at once and new records can be added to the folder as needed.

To create a Shared Folder, click Create New > Shared Folder.

Choose where you would like to nest the folder using the dropdown menu and enter a name for the folder. Set the User and Record Permissions and click Create.

Learn more about Keeper's sharing features here.

Identity & Payments

Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.

From Identity & Payments enter a username and click + Phone Number and + Address.

Enter the corresponding personal information and click Save to finish.

To store a payment card, click the Payment Cards tab, enter the card information and click Save to finish.

You can also create a "Payment Card" Record by using the record type dropdown menu during record creation.

Create a Payment Card Record

Click Create New > Record and select "Payment Card" from the dropdown menu, enter a title and click Next. Enter your payment card info and click Save.

Key Features

Password Generator

Long, random passwords that are created for each login help protect your information and reduce your exposure to data breaches. Keeper generates and securely stores strong, random passwords for all of your sites and apps by clicking on the dice icon. The default password length for generated passwords is 20 characters. The length slider can be used to generate longer or shorter passwords for specific sites.

Character Sets Used for Password Generation

Lowercase Letters

Uppercase Letters

Digits

Symbols

abcdefghijklmnopqrstuvwxyz

ABCDEFGHIJKLMNOPQRSTUV

0123456789

!@#$%()+;<>=?[]{}^.,

Passphrase Generator

Similar to Keeper's password generator, a click of the dice will generate a highly secure, random, yet easy-to-remember passphrase for any of your accounts stored in Keeper. By combining multiple words, passphrases are a more secure alternative to passwords.

Click on the dropdown and select Passphrase.

A strong passphrase includes a mix of uppercase and lowercase letters, numbers and symbols. You can use numbers, symbols or spaces to separate each word of the passphrase.

Custom Fields

Custom Fields allow you to store additional data within a record, such as the answer to a site's security question or a passport number. Any record created with one of Keeper's Record Types, can be further enhanced with various custom field options.

Custom field labels can be edited and if you are creating multiple custom fields, you can drag and drop them in your preferred order.

To learn more about Record Types, click here.

While creating or editing a record, click Custom Field.

Select the custom field you would like to add to the record.

Available Custom Fields:

Text
URL (website address) used for Autofill
Security Question & Answer
Multi-line Text
Date
Email
Name
Address (new or linked)
Pin Code (4-digit numeric)
Phone Number
Payment Card (new or linked)
Hidden Field

Enter the field values and click Save to finish.

Keeper autofills the custom fields of login forms as long as both the Website Address and Custom Field Name of the Keeper record match those of the login form.

"General" Record Types (Keeper's Legacy Record Version)

Within a "general" record type, custom fields can be created in pairs: a "Custom Field Name" and a "Custom Field Value".

Advanced Filters & Quick Search

Use advanced search filters to quickly narrow down your results and find exactly what you need.

Quick search shows recently viewed items and improves sort results. Click within the "Search" field to narrow down your results based on search terms or to reveal recently viewed items.

Launch

Launch allows you to quickly navigate to your favorite websites. Simply click a record's Website Address, Launch button, or launch icon to launch the target site and login with Keeper in a new window.

Security Audit

Learn more about Security Audit here.

Record History

Keeper provides you with the ability to view and restore previous versions of a record by clicking on the record's information icon and View Record History.

Select the version of the record you want to review/and or restore based on the last modified date and time. Click Restore to revert the record back to the selected version.

Deleted records can be reviewed and restored by visiting the Deleted Items section of your vault (this is available for paying customers only).

Emergency Access

The Emergency Access feature is only available for consumer accounts.

From the Account Dropdown Menu, click Account > Emergency Access

Click Trusted Users and enter the email addresses of up to five contacts (Keeper users). Optionally, select a "Delay Access" duration from the dropdown menu for each user, then click Send.

In order for the recipient to accept the request, you must first establish a "sharing" relationship if one hasn't already been established through Keeper's record/folder sharing features.

If prompted, click Send Invite.

To learn more about Emergency Access, click here.

Deleted Items

You can view and restore previously deleted records from the "Deleted Items" section of your vault by clicking Restore.

Delete Forever

Records in the Deleted Items can be purged permanently by selecting the "Delete Forever" option.

Data Retention Policy

Business customers have the option of applying data retention policies in the enforcement policy section of the Keeper Admin Console. If a retention policy is set, you may be denied the ability to permanently delete items from the vault. If this occurs, you will receive a message similar to below:

Lost Access

The “Lost Access” tab contains records that you own, but are no longer accessible (e.g. You delete a record that you own that has also been shared with another user). This feature allows users to individually add these records back to their vault.

Click Add to My Vault to add a record back to your vault.

Shared Item Recovery

Recently deleted shared records from within shared folders can be recovered from the tab called "Shared Folder Contents". This tab contains records that were deleted by a user of the shared folder with "Can manage records" permission. Records which appear in this tab are able to be restored from any user who currently has access to the shared folder. This feature was created to make the restore process accessible from any shared folder participant when a record has been removed by any team member.

For security reasons, if a change was made to the record after it was removed from the shared folder, it cannot be restored and the original owner must re-share it.

Two-Factor Codes for TOTP

For extra security on supported sites and apps, click Add Two-Factor Code to store Two-Factor Authentication (2FA) codes for standard TOTP (Time-Based One Time Passwords) in your Keeper records.

Storing two-factor codes in your vault has several advantages:

Keeper two-factor codes are more secure than using SMS text messages.
Two-factor codes stored in Keeper are protected with strong Zero-Knowledge encryption.
Codes can be auto-filled quickly while logging in to a site, saving time and reducing friction.
Keeper records are securely backed up so if you lose a device you don’t have to reset all the codes.
Since Keeper records are shareable, two-factor codes are always available to everyone who has access to the record.

KeeperFill

The KeeperFill Browser Extension allows you to autofill your passwords and save new login credentials to your vault. KeeperFill is available for every web browser.

Download KeeperFill for your browser by visiting our Downloads Page.

To learn more about the KeeperFill Browser Extension, click here.

Changing Passwords with KeeperFill

KeeperFill makes it easy to change your passwords. When visiting a site's "Change Password" form, you will receive a prompt from Keeper asking if you would like help changing your password. By clicking Yes, Keeper will walk you through a few quick steps to change your password and simultaneously update the record in your vault. These steps will include a series of prompts detailing the following actions:

Autofill your old/current password
Automatically generate and autofill a new secure password
Confirm the changes and save them to your vault

Secure Add-Ons

Secure File Storage

Files can either be added to an existing record or you can create a new record to store the file independently of other login information.

Click Files or Photos to upload a file, or simply drag-and-drop the file directly into your Vault.

To learn more about Secure File Storage, click here.

BreachWatch

BreachWatch is a powerful secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper Vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.

To start your BreachWatch scan, from the left navigation menu, click BreachWatch > Let's Begin.

BreachWatch will then scan your records and report any risks associated with them. Clicking each record listed will allow you view the steps needed to resolve each risk.

Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper Vault with the same password.

If you click Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.

To learn more about BreachWatch, click here.

Settings

Users can configure specific features like language, theme and two-factor authentication from the Settings Menu. You can access the Settings Menu by clicking on the Account Dropdown Menu (your email) in the upper-right corner of your screen.

General

Choose a Theme: Select from a number of available themes. The theme will affect coloring of buttons, backgrounds, icons and other components.
Clipboard Expiration (Desktop App Only): This will clear any data copied to the clipboard via a copy button after a period of time. Note: If your operating system maintains a clipboard history, this information may still be available after it has been cleared.
Choose another language: English US & UK, Spanish, Japanese, Romanian, Chinese Simplified & Traditional, French, Korean, Russian, Arabic, Greek, Dutch, Slovak, Brazilian Portuguese, Hebrew, Polish, German, Italian, and Portuguese
Record Type Sorting: Adjust the order that record types show in the "Create new" dropdown.
Master Password: Allows you to reset your master password. You must re-enter your current master password in order to change it.
Account Recovery: Allows you to set your recovery phrase which can be used to access your vault in the event you forget your master password.
Email Address: Allows you to change the email address associated with your account. You must re-enter your current master password in order to change it.
Delete All Unshared Owned Records: This will delete all records from your vault that you own. Records that have been shared, will still be shared. Deleted records will be moved to the trash can. To permanently delete them, you must also empty your trash.

Security

Auto-Logout: Logout of Keeper after a number of minutes of inactivity. On the web vault, this is controlled in the browser extension settings. On desktop you have the ability to also wipe application memory and restart the desktop app on logout.
Stay Logged In: If Auto-Logout is enabled, this setting will maintain the inactivity timer and preserve your login if the system is rebooted or your browser is restarted. If "Stay Logged In" is disabled, you will be logged out if the application closes.
Two-Factor Authentication: Enable a second factor of authentication such as SMS, RSA token, DUO security token, Authenticator or KeeperDNA. This will be used in addition to device verification and a master password.
Security Keys: Setup a security key such as a Yubikey as a second factor for authentication.
Auto-Approve Devices from Recognized IP Address(es): Device approval is needed for any client to login for the first time. The device token is saved per device. If you would like to automatically skip device approval when you are on an IP that matches another already approved device, this will skip the check.
Windows Hello Login (PC Only): Login to the keeper vault using biometrics. This replaces the first factor (your master password), and second factors will still be required.
Touch ID (MacOS only): Login to the keeper vault using biometrics. This replaces the first factor (your master password), and second factors will still be required.

KeeperFill

KeeperFill for Apps: KFFA allows interaction with desktop and thick clients to input passwords and other fields into apps via shortcut keys. This requires the desktop app to be installed.
KeeperFill Browser Extension: The browser extension provides most keeper capabilities directly from the browser.

Accessibility

Optionally extend display of temporary confirmation messages.
Zoom keyboard shortcut: Cmd +/-

In order to properly utilize the vault's +Create New button and various dropdown menus, users must first disable the JAWS "Virtual Cursor" setting if applicable (or ALT + arrow up/down for NVDA).

In JAWS navigate to Utilities > Settings Center and search for "use virtual PC cursor", then uncheck "Use Virtual PC Cursor".

Advanced

Search Settings: Control the visibility of Keeper’s search results dropdown overlay and advanced search filters.
Automatic Syncing Delay (Business Customers Only): Set your vault sync delay frequency to improve syncing performance across large user groups.
Show Numbering In Record List View: Choose whether you want records in "list view" to be numbered.

Import & Export

Import: Import passwords from browsers or other password managers. Web imports are typically file based. Keeper Desktop has more availability for automated imports from other solutions.
Export: Export your vault to CSV, JSON or PDF. This includes the ability to include records that have been shared with you that you are not the owner of.
Shared Records Report: Generate a report in CSV, JSON or PDF format. This provides a list of records that you own, and who those records are shared with.

Keeper Forcefield

See the Keeper Forcefield page for more information.

Two-Factor Authentication

Two-Factor Authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.

Enabling Two-Factor Authentication is advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).

Keeper provides two ways to take advantage of 2FA:

To log into your Keeper Vault.
To login into any site or application from your Keeper Vault by embedding a Two-Factor code into your records.

2FA for Your Keeper Vault

To enable 2FA for your Keeper vault, from the Account Dropdown Menu, click Settings > Security, toggle "Two-Factor Authentication" on and select your 2FA method.

Keeper support several methods of Two-Factor Authentication:

Text Message (SMS)
Authenticator App (such as Google Authenticator, Microsoft Authenticator, etc)
RSA SecurID (for Enterprise customers)
Duo Security (for Enterprise customers)
Keeper DNA (using Apple Watch or Android Wear devices)
FIDO2 Security Keys (or device passkeys)

Text Message Setup

(1) The Text Message toggle is on by default. Select a Region from the dropdown (US+1 by default), enter your 10 digit phone number including your area code and click Next.

(2) To verify that you trust this number and device, enter the Keeper web code that was sent to the phone number you provided. Select your 2FA code duration from the dropdown menu and click Next. Codes will only last for a minute; if you need another code sent, click Send a new code.

(3) Backup codes will be shown next. If you are unable to receive Two-Factor codes via the phone number you entered, you can enter one of the codes listed instead. Click I have written these codes down to finish.

If you are NOT receiving SMS messages from Keeper, please use the TOTP method.

Authenticator App (TOTP) Setup:

(1) Toggle "Authenticator App" on and click Next.

(2) Using the device that runs the the TOTP application, scan the QR code provided or manually enter the secret key. The app will then acknowledge the QR code and produce a verification code.

(3) Enter that verification code and click Next.

(4) Backup codes will be shown next. If you are ever unable to receive Two-Factor codes, you can enter one of the codes listed instead. Click I have written these codes down to finish.

KeeperDNA Setup:

Keeper DNA is a Two-Factor Authentication method that uses your smart watch as your second factor.

To use this feature, toggle the switch next to Keeper DNA, then follow these links to set up KeeperDNA on your preferred platform:

Security Key Setup:

Keeper supports any FIDO2-compatible WebAuthn security key, including hardware-based security key devices such as YubiKey and device passkeys on your web browser or operating system. A user can register up to five security keys. Any one of those keys will unlock the account.

Go to Settings > Security and enable Two-Factor Authentication then select "Set Up"
Make sure the security key is NOT already inserted into your USB port and click Next.
Insert the security key into the USB port, name the key and click Register.

If you have a PIN associated with your security key, you will be required to enter the PIN when registering your key. If you would like to remove the requirement for PIN entry, this can be done after registration.

Security Key with Fallback Method

If you don't always have your security key on hand, or if you are using mobile devices which don't support hardware security keys, you may add additional methods of 2FA such as a TOTP code. When logging into a device, you will then have the option of using either method.

Security Key as the Only Factor

For the highest level of protection, you can elect to use Security Keys as the only 2FA method. There are some important things to know about this configuration:

Support for enforcing a FIDO2 Security Key can vary based on the device operating system and device firmware capabilities.
Keeper on iOS currently requires using NFC-enabled keys.
The PIN requirement is supported based on the capabilities of the device. As of this writing, mobile OS support for PIN enforcements is limited. We do not recommend enforcing the PIN if users are accessing Keeper on their mobile device.
Keeper supports up to 10 security keys on a single account. Any key can be used during the login process.

Managing the Security Key PIN Requirement

To manage the entry of PIN every login with a security key, go to Settings > Security > Security Keys > Edit > Edit > and see the "Require PIN if set on security key" setting.

2FA for Websites & Apps

Keeper can protect, manage and store TOTP codes for authenticating into any 3rd party website.

(1) At the target website, visit the two-factor authentication screen which is usually located within security settings. It is sometimes referred to as "login verification" or "two-step verification". Screengrab the QR pattern or copy the secret code to your clipboard.

(2) Within a record, click Add Two-Factor Code.

(3) Upload the screengrab of the two-factor QR pattern (with security key) associated with the site or application. If there isn't a QR pattern, use the manual entry method. Enter the code given under “Secret Key”, often a 32-digit code and fill out the rest of the fields.

If you're using Keeper Desktop, you can also use the handy "Scan" feature to automatically capture the code.

(4) After adding the security key to the record, a two-factor code will be generated inside the Keeper record.

(5) The two-factor code will be regenerated frequently and can then be copied and filled into the site or app when prompted after logging in with a username and password.

KeeperFill for Apps

KeeperFill for Apps is a convenient tool used to further enhance your experience with the fully-featured Keeper Desktop App. Used in conjunction with your desktop applications, KeeperFill for Apps provides a simple login solution and quick access to your vault records.

Using a hotkey, KeeperFill for Apps also provides autofill features for native desktop applications. Please note, this feature is only available when using the Keeper Desktop application.

To learn more about KeeperFill for Apps, click here.

Platform-Specific Features

On supported Mac devices equipped with the Apple M1 chip, users with Touch ID Magic Keyboards can use their fingerprint to log in to the Keeper Desktop App.

Touch ID Configuration

To configure your Touch ID Magic keyboard fingerprint login capabilities, you must first be running the latest version of macOS (Big Sur 11.5.2 or newer). Once updated, navigate to your computer's System Preferences > Touch ID > Add Fingerprint. Follow the prompts to register your fingerprint to the device.

Enable Touch ID in Your Keeper Vault

Once you have registered your fingerprint, log in to the Keeper Desktop App and click on the account dropdown menu in the upper-right corner of your screen, then click Settings > Security and toggle "Touch ID" on.

The next time you login to the Keeper Desktop App, the "Touch ID" button will appear at the login screen. Click Touch ID and when prompted, apply your registered fingerprint to the Touch ID sensor on your keyboard to log in.

To enable Windows Hello Login for Keeper, from the Account Dropdown Menu, click Settings > Security and toggle "Windows Hello Login" on.

Next time you log in to Keeper, click the Windows Hello login button.

Windows Hello will then attempt to authenticate your identity. Once authenticated, you will be automatically logged into Keeper.

To learn more about logging into Keeper with Windows Hello, click here.

Keychain Access (Mac OS)

When accessing your Keychain, a popup will be triggered asking you to enter your Mac password. This is because Keeper Desktop App saves local storage protected by a key saved in Keychain Access which is used to encrypt local app data. Enter your Mac password and click Always Allow.

Password Export (Backup)

To backup your records or generate a Shared Records Report, from the Account Dropdown Menu click Settings > Export. There are 4 formats for export: CSV, JSON, PDF and encrypted KeePass (.KDBX). To begin backup, select your preferred file format and click Export.

The encrypted KeePass format (.kdbx) is the only format which includes attachments saved in records. For advanced backup capabilities see Keeper Commander.

Uninstall

The instructions below are for uninstalling Keeper Desktop App (Keeper Password Manager) for Mac and Windows OS.

Uninstalling the Keeper Password Manager will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.

Mac

Drag the Keeper Password Manager app to the Trash.
Empty the Trash.

Uninstalling Keeper Password Manager will also remove KeeperFill Browser Extension from Safari. Data stored in Keeper's Cloud Security Vault will NOT be erased.

Windows

Navigate to the Windows Start Menu > Settings > Apps & Features.
Within Apps & features, click the Keeper Password Manager application.
Click Uninstall.
You will be warned that the app and its related info will be uninstalled, click Uninstall to confirm.
User Account Control will ask you to confirm making changes to your device, confirm the changes by clicking Yes.