Keeper Home
Docs Home
Keeper End-User Guides
Quick Start Guides
Enterprise End-User
Enterprise End-User (SSO)
Web Vault & Desktop App
iOS - iPhone & iPad
Autofill Setup for iOS
Android Phone & Tablet
Autofill Setup for Android
Vault Offline Access
BreachWatch
Secure File Storage
Keeper Family Plan
KeeperChat
Social Media Management
Tips & Tricks
Stay Logged In
Protecting TOTP Codes
Using Keeper TOTP with Azure or Office 365
Changing Passwords Using KeeperFill
Free Family License for Personal Use
One Record with Multiple URL Domains
KeeperFill Right-Click Context Menu
Keyboard Shortcuts
Resetting Desktop App
Login to Keeper with Windows Hello
Logging in with DUO
Using Windows Hello or Touch ID with SSO
Troubleshooting
KeeperFill for Apps
KeeperFill Browser Extensions
KeeperFill for Chrome
KeeperFill for Firefox
KeeperFill for Safari
KeeperFill for IE
KeeperFill for Edge
KeeperFill for Opera
Use Cases
Uninstall Keeper
Web Vault & Desktop App (Abridged)
Docs Home
Import Records
Import Overview
Import from Chrome, Firefox, IE, Edge, Safari
Manual Export from Chrome
Import Text File (.csv)
Import Text File (.json)
Import from Avast
Import from LastPass
Import from 1Password
Import from Dashlane
Import from Kaspersky
Import from KeePass (.kdbx)
Import from KeePassX
Import from KeePass .XML
Import from EnPass
Import from MacPass
Import from mSecure
Import from Password Boss
Import from Passpack
Import from RoboForm
Import from SplashID
Import from Sticky Password
Import from True Key
Import from ZOHO
Import from Commander CLI
Microsoft Store App
Export and Reports
Vault Export
Shared Records Report
Powered by GitBook

Using Windows Hello or Touch ID with SSO

Logging in with Windows Hello to a vault tied to SSO

Keeper supports the ability to login with Windows Hello or Touch ID on a vault that is tied to an SSO provider such as Microsoft Azure. To enable this capability, an "Alternate" Master Password must be configured on the vault. To set this up, please follow the below instructions:

(1) As the Keeper Administrator, login to the Keeper Admin Console and visit the Roles screen. Locate the role which you will allow this functionality. Then click on "Enforcement Policies".

Enable SSO Master Password

Enable the feature "Allow users who login with SSO to create a Master Password".

​

(2) Login to the vault using your SSO as usual, and visit the "Settings" screen.

​

(3) Under General Settings, turn on the "Master Password" feature and set a Master Password. This can be then used for subsequent login on the Web Vault and Desktop App (and make use of the Windows Hello / Touch ID capability).

Enable Alternate Master Password

​

(4) Visit the "Security" settings and turn on Windows Hello (or Touch ID if you're on a Mac). Note that if you previously tried using this setting, you should turn it OFF and ON in order to reset the Master Password storage in your device.

Enable Windows Hello Login

​

(5) The next time you login to your Desktop App, simply click on the "Windows Hello" or "Touch ID" logo on the login screen.

Click on Windows Hello or Touch ID login

​

(6) You will now be able to login seamlessly to your vault using Windows Hello, without having to constantly login using your SSO provider.

Successfully Logged In
Previous
Logging in with DUO
Next
Troubleshooting
Last updated 12 months ago