Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
The Keeper Web Vault and Keeper Desktop App share a common codebase. Desktop app is deployed as an Electron application to Windows, Mac and Linux platforms.
Please click on the navigation to the left in order to read each release note.
Early access Preview (pre-release) Keeper Vault and Desktop app
When a major release is planned, Keeper publishes a Preview version of the Vault and Desktop app, documented below. The pre-release version is typically published 1 week before public release.
If you encounter any issues with this version, please email feedback@keepersecurity.com.
US_GOV: (No US Gov preview available for Web Vault)
The Desktop App preview does not auto-update. On Windows computers, a new version of the pre-release version requires a full uninstall and re-install of Keeper. This does not affect stored data.
Released August 06, 2024
Enhancements:
VAUL-6715: Improved KeeperFill Installation Prompt: The installation prompt for KeeperFill has been enhanced to offer a better user experience.
VAUL-6716, VAUL-6789: Enhanced Import Functionality: When importing data from Keepass KDBX files, TOTP fields will now be correctly recognized and imported as Keeper TOTP fields, ensuring better accuracy and usability.
VAUL-6748: Password Complexity and Generation: Password complexity rules can now be applied independently without generating a new password, offering more flexibility in managing your passwords.
VAUL-6792: Better Folder Selection: We've improved the folder location selection in the new shared folder modal for a more intuitive experience.
VAUL-4959: Updated Referral Program: Our referral program has been enhanced with updated incentives to encourage more users to invite friends.
VAUL-6807: Password Policy Enforcement: The minimum password length is now set to 8 characters, with a maximum of 99 characters. Client applications will enforce this minimum length but allow users to increase it through their settings.
VAUL-6798: Feature Promotion: New features such as RBI and KSM are now more visible to users for better awareness.
Bug Fixes:
VAUL-6788: UID Generation: We've updated the UID generation logic to prevent creating UIDs that start with a dash.
VAUL-6746: Firefox Compatibility: Fixed an error occurring in Firefox related to unsupported table versions.
VAUL-6805: Privacy Screen: Resolved an issue where the privacy screen disabled URL edits for non-enforced URLs in shared records.
VAUL-6784: Sharing Screen: Corrected the sorting order of items in the sharing screen for better usability.
VAUL-6794: Account Registration: Addressed an issue where credentials were not properly handled when switching between login and account registration screens.
VAUL-6819: Banner Display: Updated the banner display and support tool to match rounding requirements for better accuracy (e.g. number of days left in trial).
VAUL-6786: Shared Folder Management: Fixed an issue where deleting a V2 record from a shared folder caused the folder to appear incorrectly. The record will now appear correctly.
VAUL-6780: GRE Import Error Handling: Improved error handling during GRE import to ensure proper messaging when users are restricted from creating folders.
VAUL-6808: App Stability: Fixed an issue where the app could crash if shared folder users were undefined, ensuring better stability.
Released May 2, 2024
Passphrases can now be generated and stored in the vault. The Password Generator includes advanced character/symbol policy preferences
Launched Time-Limited Access, which allows temporary sharing of records and folders with other Keeper users.
Launched Self-Destructing Records, which allows sharing of records with other Keeper users for a time period after which the record is deleted for both parties.
Recently deleted shared records from within shared folders can now be recovered from the "Deleted Items" section of the Web Vault and Desktop app.
In the "Deleted Items" section of the vault, you'll see a new tab called "Shared Folder Contents". This tab contains records that were deleted by a user of the shared folder with "Can manage records" permission. Records which appear in this tab are able to be restored from any user who currently has access to the shared folder. This feature was created to make the restore process accessible from any shared folder participant when a record has been removed by any team member.
For security reasons, if a change was made to the record after it was removed from the shared folder, it cannot be restored and the original owner must re-share it.
VAUL-5271: Fixed an issue that prevented record type changes with some records
VAUL-5628: Fixed an issue that prevented some date fields from being searchable
VAUL-5842: Fixed various issues with consistently updating fields on language changes
VAUL-6163: Fixed an issue that allowed entry of more than the five allowed emergency access contacts
VAUL-6168: Fixed a display issue when certain record types are disabled
VAUL-6198: Fixed an issue that prevented error message from being shown when attempting to invite a user with an invalid email address
VAUL-6242: Fixed an issue that prevented hover text from being displayed on truncated records
VAUL-6301: Fixed an issue where some countries would not sort properly in records with a Country field
VAUL-6340: Implemented hashing algorithm for account mapping within the vault
VAUL-6345: Implemented proper handling of international phone numbers in records
VAUL-6353: Fixed a UI issue where a password slider artifact would appear over search results
VAUL-6365, VAUL-6373, VAUL-6392: More descriptive errors are now displayed when attempting to create a record, folder or shared folder using an account that does not have appropriate rights
VAUL-6370: Fixed an issue syncing teams to the vault on initial sync
VAUL-6383: Fixed an issue that prevented a user from creating a shared folder under certain Granular Sharing Enforcement policies
VAUL-6393: Granular Sharing Enforcements now apply even in the vault is in offline mode
VAUL-6397: Fixed an issue with syncing records after ownership transfer
VAUL-6427: Fixed an issue importing from Proton Pass on Windows
VAUL-6439: Fixed an issue that prevented the owner of a shared record from deleting records in some scenarios
Released June 17th, 2024
VAUL-6523: Added pin code generator to "Pin Code" custom field
VAUL-6595: Improved 508 compliance for "Record Types" default actions
Escape key closes "Record Types"
VAUL-6596: Enhanced 508 compliance for "More Filters" default actions
Escape key closes "More Filters"
VAUL-6597: Fixed issues with 508 compliance regarding possible actions. Dropdown lists out of focus are automatically closed
VAUL-6550: Implemented a modal warning for trials expiring within 24 hours
VAUL-6747: Removed offensive words from the word list
VAUL-6613: Updated strength indicator to prevent it from turning green erroneously
VAUL-6721: Fixed the default passphrase separator issue
VAUL-6719: Corrected domain conflict alerts to display the appropriate text
VAUL-6519: Fixed issue with Chrome displaying a break in the password generator
VAUL-6728: Prevented users from saving passwords with domain conflicts
VAUL-6729: Ensured that users with privacy screens cannot view PIN codes
VAUL-6732: Introduced new alerts for different domain conflicts
VAUL-6737: Added missing strings for various languages
VAUL-6741: Improved vault UI responsiveness when saving new passwords
VAUL-6736: Resolved issues with the PIN-CODE and PIN Generator not working
VAUL-6740: Added missing translation for 'Your password has been saved'
VAUL-6754: Implemented in-app popup for expired trial warnings
VAUL-6753: Fixed issue with the privacy screen feature
VAUL-6759: Fixed the issue preventing saving passphrases with domain conflicts
VAUL-6761: Resolved incorrect display of consumer/enterprise settings
VAUL-6770: Ensured default configuration is correctly applied when new fields are unchecked
VAUL-6776: Fixed GUI issues in the password complexity feature
VAUL-6723: Fixed issues with losing ownership of a record in a shared folder
VAUL-6693: Corrected tooltip hover text display issues in shared folders
VAUL-6653: Fixed time selection issues in the date picker configuration
VAUL-6726: Resolved a white screen crash issue
VAUL-6688: Resolved UI issues with the new shared folder modal
VAUL-6733: Addressed issues with configuration records not being viewable
VAUL-6731: Fixed time picker for 24-hour time format in One-Time Share
VAUL-6734: Fixed file upload issues
VAUL-6738: Corrected viewing link display issues in One-Time Share
The 16.11.0 release contains several new features, including , , and .
VAUL-6648: Updated support information that appears in the vault directing users to:
Released on Jan 15, 2024
VAUL-6001: Security Key can be set up as the only 2FA method
VAUL-6097: Support for Security Key and PIN enforcement policies
VAUL-6129: Users can now control if FIDO2 WebAuthn user verification (PIN) is required
VAUL-6395: KeeperPAM Router/Gateway connection issue in GovCloud environment
Released on Sep 29, 2023
KDE-1425: CVE-2023-5217 Heap buffer overflow vulnerability in the libvpx library. Updated Electron framework.
Released on Nov 16, 2023
VAUL-6175: Added thousands of popular website logos to the Vault user interface.
The implementation of website logos preserves full zero knowledge encryption and privacy. The entire library of logo files are embedded within the vault application.
KDE-1403: Optional SSO login method through default web browser
If the new "Use Default Browser for SSO" option is enabled from the desktop application menu, the user will be routed to their default web browser on the device in order to login with their configured identity provider.
The primary reason for implementing this feature is to support SSO identity providers who support FIDO2 security keys or other authentication methods that are not technically supported from the Keeper Desktop embedded browser.
For Admins who would like to enforce this to all desktops, a new Enterprise Configuration item called UseDefaultBrowserSSO is available.
DR-265: Ability to specify time zone and hour of day for scheduled password rotations
VAUL-5620: Enhancements for Recently Deleted page
VAUL-5686: Security Audit screen now has a "Last Change" column
VAUL-6138: New "Advanced" settings menu which contains the following features:
Search overlay controls
Syncing delay to improve overall performance in high volume enterprise tenants
Showing numbering in the record list view
VAUL-6135: Currently only owner and share admin can update permissions, add/remove users, set/update expiration timers. User with can_share right should be also able to manage users up to its own level of privilege.
VAUL-5659: Multiple Record Selection is not working in Deleted Items
KDE-1421: Records created while in offline mode are not syncing properly when going online
KDE-1373: KeeperFill for Apps Window opens in wrong location when tray is not in visible dock
KDE-1395: Memory leak on Mac App from repeat launching through cmd+tab, clicking the dock item, etc. This leads to unintended event handlers being enabled.
VAUL-5675: User is not able to delete forever a Lost Record shared via Shared folder from Lost Access
VAUL-5737: Missing 'Add to My Vault' button for records details panel in Lost Access tab
VAUL-6009: If you have a role enforcement set to restrict all record types in the vault, the import option during onboarding is now hidden.
VAUL-6083: Filename not being added to title when drag-and-drop attachment in Chrome/Edge
VAUL-6204: Import from Thycotic / Delinea Secret Server missing notes field and SecretTemplates section
VAUL-6213: Record title auto-suggestion not working when there are multiple words
VAUL-6214: Date formatting error when Arabic language selected
KDE-1411: On Mac, keyboard layout is cached on first use. When filling a password with KeeperFill for Apps on Mac, a map of key codes to character mappings is generated and cached. This cache is not released when the keyboard layout changed with the app running, resulting in incorrect key codes being sent for some characters.
KDE-1422: The "Create Record" hot key is turned on when the app is initially not in focus, preventing that hotkey from being used by other apps.
KDE-1385: KeeperFill for Apps is not able to detect secure fields when a record uses the "native app filler" field type.
KDE-1426: After importing files, KeeperFill for Apps doesn’t show the records. This leads to assertion failures with BreachWatch data which require record keys to decrypt the data.
VAUL-6170: Security improvements using CryptoKey storage on Firefox browsers for device keys
VAUL-6179: Convert ECIES-encrypted Record Keys to Data Key-encrypted Record Keys upon login.
KDE-1406: New desktop app installs will now store device private keys in the Apple Keychain or Windows Credential Locker instead of Chrome CryptoKey local storage, for improved security for native app installation. Existing keys will not be transferred until a reset takes place.
KDE-1412: Upgraded Electron platform to v26.2.4. This was actually released to production already in version 16.10.9 on a standalone basis.
KDE-1417: When filling into a remote desktop session using mstsc.exe, incorrect characters are used with a different keyboard layout than the host machine.
VAUL-6219: Improved the automatic team-user approvals upon logging in. This new method handles a large number of pending users.
VAUL-6200: When viewing a deleted record, file attachments cannot be downloaded until the record is restored.
DR-348: Hide or gray out "Rotate now" button on modifying rotation settings
VAUL-5926: Shared Folder and Direct Share screens will only list those Share Admins who are explicitly shared to the object, to reduce confusion.
VAUL-5738: Allow free trial users to view record history
VAUL-6128: Show long folder names on-hover
KDE-1399: Return focus to previous app/window when KeeperFill for Apps is closed
508 Compliance: Over 20 tickets related to 508 compliance / ergonomics improvements
VAUL-5875: Create Duplicate UI changes to support various use cases:
If privacy screen is enabled, do not allow duplication
If a user duplicates a record that has linked records such as address or payment records, allow duplication of the record, disallow duplication of linked records, and present a notification: “The record you are duplicating contains links to other records. The linked records will not duplicated.”
If a user duplicates a record that has attachments, allow duplication of the record, disallow duplication of the attachment, and present a notification: “The record you are duplicating contains attachments. Attachments will not be duplicated. In order to duplicate attachments, download the attachment from the original record and re-upload to the newly created record.”
KDE-1414: New font type "Outfit" to replace "Overpass". This is Keeper's new font that is being slow-rolled across all platforms and interfaces.
Migrating from LastPass using Okta SSO saying "Import Error"
In the Okta Admin portal under Applications, locate your "LastPass Okta Login" application. Under the "Sign-in redirect URIs" section, add the following URI: http://localhost/
then click "Save".
KDE-1418: Heap buffer overflow vulnerability in the WebP Codec. Updated Electron framework.
Released on August 10, 2023
VAUL-5688: Support for Passkey record fields. Managing passkeys requires browser extension 16.6.0 which was released on Aug 7, 2023. Learn more about passkeys here.
VAUL-5977: Support for RESTRICT_IMPORT_SHARED_FOLDERS enforcement policy which will prevent users from importing shared folders from LastPass. See the Admin Console role enforcement policies to enable this setting.
VAUL-5502: Support for new paginated sync system on the backend API
VAUL-5999: Support for Swedish and Finnish languages
VAUL-5628: Date fields are searchable
VAUL-5580: Email addresses are auto-sanitized when pasting into sharing screens
KDE-1376: Desktop app can get stuck when the main app is closed too quickly
KDE-1381: Offline records not syncing up properly in Linux
KDE-1382: RPM desktop installer not compatible with RHEL9
VAUL-5726: Deleted items is missing right-click option
VAUL-5761: Remove RSA SecurID from GovCloud environment
VAUL-5960: Right Click New Shared Folder - Records are not being added to folder
VAUL-5945: After changing master password, user can login offline with old master password
VAUL-5981: TOTP URIs with leading white space are not parsed correctly by the vault
VAUL-5899: Large vault search speed is causing delays
VAUL-5986: Advanced search needs to dismiss results upon hitting <enter> key
VAUL-5983: The record owner is restricted from viewing the password on a V2 record that utilizes the enterprise domain enforcement
VAUL-5933: 508 compliance items (ensure image tags have alt attributes)
VAUL-5957: Drag/Drop file in the vault is adding to the prior record created
VAUL-5966: Drop target incorrect when file is dropped into the vault
VAUL-5968, VAUL-5969: Additional 508 compliance items
VAUL-5994: Select a shared folder and select a record not in the shared folder, right click and delete both. Vault will white screen.
VAUL-6053: Vault scrolls unexpectedly when clicking a folder
VAUL-6105: Security Audit: "reused" count includes owned records w/ the same password as a non-owned record
VAUL-6094: Multiple Share Relationship Invites are being sent after acceptance
VAUL-5899: Improved loading and search speed for large vaults
KDE-1343: Remove the deprecated browser extension for Safari users, point users to the new App Store version of the Safari extension
VAUL-6110: Removed the manual on/off toggle for logout timer. Users must specify a time (in minutes).
VAUL-5947: Account recovery setup is removed during the onboarding for SSO users.
VAUL-6143: If onboarding is disabled through role policy, disable any browser extension popup messages that lead to an installation.
Released on May 2, 2023
Released April 6, 2023
Keeper is proud to announce our release of version 16.9.0 of our Web Vault and Desktop App. This new version includes a new design with a user interface refresh along with some new features and bug fixes.
See our blog post for additional details:
Keeper Desktop App now supports Import SSO LastPass vaults from Okta SSO and Azure SSO federated accounts
Advanced Search: Recently viewed records, search filters and more
Onboarding: New user onboarding has been improved
UI Refresh: Look and feel of the vault has been improved
MFA: When signing in with 2FA for the first time, there are now additional options. The Web Vault now offers 12-hour and 24-hour in addition to the previous options (every login, every 30 days, and don’t ask again on this device.)
Support for Google Authenticator QR code export format
Security Scores: "Security Data Sync" in the diagnostics menu will refresh your security scores
Lost Records: Shared records that have been removed from your vault, but are owned by you, can be recovered from the Deleted Items screen. The tab will only show if you have relevant records.
Note: There has been a change on our Privacy Screen feature. If you are the owner of the record, you will now be able to see the password even if there is a privacy screen applied and you couldn’t see the password previously. The privacy screen is still working and in effect for users who do not own the record. This change is being made across all platforms.
We truncated the view of super long URLs in the record detail screen
VAUL-5652: Recovery Phrase. We have upgraded our account recovery process with a new and more secure 24-word “recovery phrase” feature. Read more on the .