Web Vault & Desktop App
With Keeper, your passwords, logins and other personal information are saved in a private, digital vault. It is here where you can view and edit all of your website login credentials and details, as well as store important files and photos.
If you've already signed up for Keeper on your mobile devices, you can simply login to the Web Vault or Desktop App (links below) with your email address, Master Password and Two-Factor Authentication (if enabled on your account).
Login to the Keeper Web Vault:
Download the Keeper Desktop App:
Device | OS Version Supported |
Windows | 7 / 8 / 10+ |
Mac OS | Current Version - 2 |
Linux | Fedora, Red Hat, CentOS, Debian, Ubuntu, Mint |
Upon Login, you may encounter a "device approval" request. If you are attempting to log in on an unrecognized device or browser, a device approval must take place before you can proceed to your Keeper vault. Users have three methods of approval to choose from: Email Verification, Keeper Push or Two-Factor Authentication.
Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.
If you select Keeper Push, a notification (push) will be appear in your Keeper vault at an approved device or browser.
Select Yes to approve the new device.
You must be actively logged into a different, recognized/approved device to receive the notification.
Once your device has been approved, you will be prompted for 2FA (if enabled), then you will enter your Master Password to proceed to your vault.
If you are signing up for Keeper as a new user, click Create an Account at the login page. You will first enter your email address then you will be asked to create a Master Password. This will be the only password you have to remember -- don't forget your Master Password! We recommend that you choose a strong Master Password that is only used for Keeper. To finalize your account and proceed to your vault, you will be asked to enter the verification code that was sent to your email.
Enterprise users who login with SSO do not require selection of a Master Password.
Once you Keeper vault is created, you will be guided through a "Quick Start" walkthrough, that will help you either import passwords from your browser or other password manager or manually create new records.
Watch the video below to learn how to create your account.
Users who login with an existing identity provider have various login choices. Users can either enter their email address at the login screen or click Enterprise SSO Login and select their login method from the dropdown menu as determined by their Keeper administrator (Enterprise Domain Login or Master Password Login).
Enterprise (SSO) users, should refer to our "Enterprise End-User (SSO)" guide for more information regarding account creation, login flows, device approvals and much more.
Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital Vault (as "Records") and are encrypted on your device using 256-bit AES. To begin, simply click + Create New > Record
Name Your Record
Enter Your Email or Username
Enter Your Password or Tap the Dice to Generate One (more on that here)
Enter the Website Address
Enter Additional Notes, Custom Fields, and Securely Add Files & Photos
Click
Saveto Finish
Watch the video below to learn how to create a record.
Keeper can also import logins and passwords directly from your web browser, another password manager, or a text file (.csv).
To import passwords from your web browser, you must first install the Keeper Import Tool. To begin the installation, from the Account Dropdown Menu, click Settings > Import > Import. If you came fresh into the Web Vault, you can download the import tool by clicking Install
If you have started the import process from a mobile app and came to the Web Vault, you will be prompted to import your existing passwords, clickNext > Install
Keeper will then walk you through a few steps to download the Keeper Import Tool:
Copy the code Keeper provides (you will need this when prompted in the Keeper Importer).
If you are using a PC - click
Runwhen prompted.If you using a Mac - double click the "KeeperImport.zip" file located in your downloads and double click on the "Keeper Import App" to start the import process. You will encounter a few Keychain permission windows that will require you to enter your computer password to allow Keeper to access your web browsers.
Keeper will then ask for the code you received from step one; paste the code and click
Import
Once the installation is complete, Keeper will report websites and their associated logins and passwords directly from your web browser. You can then scroll though the report and uncheck those you do not wish to import. Once you have finished reviewing the report, click Add to Keeper to import the selected password.
Watch the video below to learn how to import your passwords from web browsers.
Keeper can import logins and passwords from other password managers. From the Account Dropdown Menu, click Settings > Import
Click on the password manager you want to import from, then click View Import Instructions. Once you have created the export file per the instructions, drag and drop the file into Keeper's "Drop a File Here" window.
Confirm the export file has the correct extension at the end of the file name (e.g. export.csv).
A display window will appear allowing you customize how you want the import information organized. There are six general fields across the top of the scrollable window. Clicking on the titles of each one allows you to change the organization of that column via a dropdown menu.
The content of each column and change the title of each column to accurately represent that information (e.g. If you see a column of URLs and the column title says "Notes", change that column title to "URL").
Keeper can import passwords from the following password managers:
LastPass
Dashlane
EnPass
KeePass
KeePassX
LastPass
MacPass
mSecure
Passopolis - No longer available
Passpack
RoboForm
SplashID
True Key
ZOHO
Avast
Import instructions can also be found in the "Import Records" section of the left-hand column of these user guides.
Keeper can also import logins and passwords from a text file (.csv). To begin, from the Account Dropdown Menu, click Settings > Import. After selecting Text File (.csv) click View Import Instructions and follow the instructions provided. Once you have created the export file per the instructions, drag and drop it into Keeper's "Drop a File Here" window.
Please see the full description and file format of our CSV import here:
Click Here for CSV Import Instructions
File Format
Folder,Title,Login,Password,Website Address,Notes,Shared Folder,Custom Fields
• To specify subfolders, use backslash "\" between folder names
• To make a Shared Folder specify the name or path to it in the 7th field
Example 1: Create a regular folder at the root level with 2 custom fields
My Business Stuff,Twitter,[email protected],123456,https://twitter.com,These are some notes,,API Key,5555,Date Created,2018-04-02
Example 2: Create a shared subfolder inside another folder with edit and re-share permission
Personal,Twitter,[email protected],123456,https://twitter.com,,Social Media#edit#reshare
Keeper also supports advanced JSON structured file formats. We recommend using JSON files for import and export of structured data instead of CSV files. This is described in the JSON Import page.
Download Keeper to access your Keeper Vault from any platform and be able to use it for native applications across all of your devices.
Visit: https://keepersecurity.com/download to download the Keeper App for all of your desktop and mobile devices.
Keeper allows you to organize your records by folders and subfolders. To create a folder, click on + Create New > Folder
To create a subfolder, right-click on the existing/parent folder and click New Folder
Watch the video below to learn how to create a folder.
Drag-and-drop the record(s) you would like to store in a folder or subfolder and click Move or Create shortcut. To move multiple records, hold "shift" and click the items to drag-and-drop.
Shortcuts like alias files, can exist in two or more places and when edited, change together.
Moving and shortcuts can also be performed by right-clicking on a record or folder to generate a contextual options menu.
By right-clicking on a record you can create a record "Favorite", used to easily locate your most frequently visited sites.
Securely create, share and manage records and folders with existing Keeper users such as family, friends and colleagues.
While viewing a record click Options > Sharing
Enter the email(s) of the Keeper users then choose their permission type from the dropdown menu.
Permission Type | Permission Level |
Can Edit | Users in folder can edit this record |
Can Share | Users in folder can share this record |
Can Edit & Share | Users in folder can edit and share this record |
Read Only | Users can only view the record |
Transfer Ownership | User will own the record and control the sharing permissions |
Watch the video below to learn how to share a record.
Click Create New > Shared Folder
Click the dropdown to select where you would like to nest the shared folder. Click Edit to add record(s), user(s), set permission types and the default folder settings.
Permission Type | |
Can Manage Users | Can add or remove users |
Can Manage Records | Can add or remove records |
Can Manage Users & Records | Can add or remove users and records |
No User Permission | Can view only |
Once the default configuration is set, it will only affect users and records added after the change was made. To change users or records added prior to the default configuration, those items will need to be changed either individually or through a bulk change.
Watch the video below to learn how to create a shared folder.
Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.
From the left navigation menu, click Identity & Payments, enter a username and click + Phone Number and + Address to enter your corresponding information.
Long, random passwords that are created for each login help protect your information and reduce your exposure to data breaches. Keeper generates and securely stores strong, random passwords for all of your sites and apps with the click of the dice.
This will NOT automatically change the website's existing login password. You must still visit the corresponding website's "Change Password" form to update the old password to match the new, stronger password. Click here to learn how to easily change your password with KeeperFill.
Custom Fields allow you to store additional important data, like the answer to a site's security question or your passport number. Custom fields are created in pairs: a "Custom Field Name" and a "Custom Field Value".
Please note, masked custom field values are only available for Keeper Enterprise customers.
Auto-launch allows you securely and quickly navigate to your favorite websites. Simply click a record's Website URL to launch and login with Keeper in a new window.
Security Audit gives your passwords an overall security score and lets you clearly see what passwords are weak from a password strength visual indicator (red being the weakest, green being the strongest).
You can edit a record's password by clicking on the record from the provided list (you will still need to update the password at the record's website to match the new password in your Vault).
Keeper provides you with the ability to restore previous versions of a record by clicking Options > Record History
Select the version of the record you want to review/and or restore based on the last modified date and time.
Click the info icon to review specific record version information. Click Restore to revert the record back to the selected version.
Deleted records can be reviewed and restored by visiting theDeleted Itemssection of the left navigation menu.
Give trusted family and friends access to your Keeper Vault in the event of an emergency or loss of life. You can designate up to five emergency contacts and decide how much time should pass before their access is granted. From the Account Dropdown Menu, click Account > Emergency Access
Select Trusted Users and enter the email addresses of up to 5 contacts.
Set their "Delay access" duration and click Send
The amount of time between request and access granted can be set up to three months per contact. Please note, the Emergency Access feature is only available for consumer accounts.
In order for the recipient to accept the request, you must first establish a "sharing" relationship with them if one hasn't already been established through our sharing features. Click Send Invite
If the recipient is an existing Keeper user they will receive an email, like the one below, notifying them you want to establish a sharing relationship at which point they will be prompted to login to their Keeper vault and accept or deny the request.
If the recipient is not an existing Keeper user, they will receive an email inviting them to sign up for a Keeper account. Once they sign up and login to their account, they can accept the sharing relationship request.
Once the recipient accepts the sharing relationship request in their vault, they will notice a red notification indicator appears in the Emergency Access section of their Account Settings. They can then "Accept" or "Decline" the emergency access request.
Once requests are accepted, trusted users will appear within the Emergency Access section of your vault.
For extra security on supported sites and apps, click + Add Two-Factor Code to store Two-Factor Authentication codes for standard TOTP (Time-Based One Time Passwords) in your Keeper records.
Storing Two-Factor Codes in your vault has several advantages:
Keeper two-factor codes are more secure than using SMS text messages.
Two-factor codes stored in Keeper are protected with strong Zero-Knowledge encryption.
They can be auto-filled quickly while logging in to a site, saving time and reducing friction.
Keeper records are securely backed up so if you lose a device you don’t have to reset all the codes.
Since Keeper records are shareable, Two-Factor Codes are always available to everyone who has access to the record.
For detailed instructions on how to set-up Two-Factor Codes for Websites and Applications, click here.
With the KeeperFill browser extension, you can autofill your passwords and save new login credentials to your vault. KeeperFill is available for every web browser (Chrome, Firefox, Safari, IE, Edge, and Opera).
Download KeeperFill for your browser by visiting our Downloads Page.
Watch the video below to learn how to autofill with KeeperFill.
To learn more about the KeeperFill Browser Extension, click here.
KeeperFill makes it easy to change your passwords. When visiting a site's "Change Password" form, you will receive a prompt from Keeper asking if you would like help changing your password. By clicking Yes Keeper will walk you through a few quick steps to change your password and simultaneously update the record in your vault. These steps will include a series of prompts detailing the following actions:
Autofill your old/current password
Automatically generate and autofill a new secure password
Confirm the changes and save them to your vault
Watch the video below to learn how to change your passwords with Keeper.
Keeper offers Secure File Storage to protect your confidential files, photos and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper vault.
Files can either be added to an existing record or you can create a standalone record to store the file independently of other login information.
Click + Files or Photos to upload a file, or simply drag-and-drop the file directly into your Vault.
To learn more about Secure File Storage, click here.
BreachWatch is a powerful secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.
To start your BreachWatch scan, from the left navigation menu, click BreachWatch > Let's Begin
BreachWatch will then scan your records and report any risks associated with them. Clicking each record listed will allow you view the steps needed to resolve each risk.
Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper Vault with the same password.
If you click Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.
To learn more about BreachWatch, click here.
Users can change specific features like language, theme and Two-Factor Authentication in the Settings menu. You can access the Settings menu from the Account Dropdown Menu.
Choose a New Color Theme
Set Clipboard Expiration
Choose another language: English US & UK, Spanish, Japanese, Romanian, Chinese Simplified & Traditional, French, Korean, Russian, Arabic, Greek, Dutch, Slovak, Brazilian Portuguese, Hebrew, Polish, German, Italian, and Portuguese
Reset Master Password
Reset Security Question
Change Email Address
Locate and Delete Duplicate Records
Delete All Owned Records
Enable Auto-Logout
Enable Self-Destruct
Setup Two-Factor Authentication
Setup Security Keys
Adjust PBKDF2 Iterations
Two-Factor Authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.
Enabling Two-Factor Authentication is advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).
Keeper provides two ways to take advantage of 2FA:
To log into your Keeper Vault.
To login into any site or application from your Keeper Vault by embedding a Two-Factor code into your records.
To enable 2FA for your Keeper vault, from the Account Dropdown Menu, click Settings > Security , toggle "Two-Factor Authentication" on and select your 2FA method.
(1) The Text Message toggle is on by default. Select a Region from the dropdown (US+1 by default), enter your 10 digit phone number including your area code and click Next
(2) To verify that you trust this number and device, enter the Keeper Web code that was sent to the phone number you provided. Select your 2FA code duration from the dropdown menu and click Next
You will be prompted for 2FA every time you login to your Vault unless you select an alternative code duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.
.png?alt=media&token=77b45089-f9e1-4410-a912-34abe272fad6)
Codes will only last for a minute; if you need another code sent, click Send a new code
(3) Backup codes will be shown next. If you are unable to receive Two-Factor codes via the phone number you entered, you can enter one of the codes listed instead. Click I have written these codes downto finish.
If you are NOT receiving SMS messages from Keeper, please use the TOTP method or contact [email protected] to troubleshoot the issue.
(1) Toggle "Google and Microsoft Authenticator (TOTP)" on and click Next
(2) Using the device that runs the Google or Microsoft Authenticator App, scan the QR code provided. The app will then acknowledge the QR code and produce a verification code.
(3) Enter that verification code and click Next
You will be prompted for 2FA every time you login to your Vault unless you select an alternative code duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.
(4) Backup codes will be shown next. If you are unable to receive Two-Factor codes via the phone number you entered, you can enter one of the codes listed instead. Click I have written these codes down to finish.
In order for Azure MFA (using the Microsoft Authenticator app.) to be utilized as a TOTP, the Azure administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.
Keeper DNA is a Two-Factor Authentication method that uses your smart watch as your second factor.
To use this feature, toggle the switch next to Keeper DNA, then follow these links to set up KeeperDNA on your preferred platform:
(1) At your target website, visit the two-factor authentication screen which is usually located within security settings. It is sometimes referred to as "login verification" or "two-step verification". Screengrab the QR pattern or copy the secret code to clipboard.
(2) Within a Keeper record, select Edit > Add Two-Factor Code
(3) Upload the screengrab of the Two-Factor QR pattern (with security key) associated with the site or application. If there isn't a QR pattern, use the manual entry method. Enter the code given under “Secret Key”, often a 32-digit code and fill out the rest of the fields.
(4) After adding the security key to the vault record a Two-Factor Code will be generated inside the Keeper record.
(5) The two-factor code will be regenerated frequently and can then be copied and filled into the site or app when prompted after logging in with a username and password.
To increase security, Keeper supports FIDO-compatible U2F hardware-based security key devices such as YubiKey and Google Titan keys as a second factor. A user can register up to five security keys. Any one of those keys will unlock the account.
A Two-Factor Authentication method must be set up before you register a security key. This ensures that there is a backup method if the key is not present. Click here to learn how to set-up a two-factor method.
Under
Settings > Security > Security KeysselectSetupMake sure the security key is NOT already inserted into your USB port and click
NextInsert the security key into the USB port, name the key and click
RegisterTap the sensor on your security key and click
Done
To delete a security key, click Editwithin the "Security Keys" section of the Settings menu and click the trash icon next to the registered key to delete it. If you turn-off the backup two-factor authentication, you will delete the registered keys as well.
KeeperFill for Apps is a convenient tool used to further enhance your experience with the fully-featured Keeper Desktop App. Used in conjunction with your desktop applications, KeeperFill for Apps provides a simple login solution and quick access to your vault records.
Using a hotkey, KeeperFill for Apps also provides autofill features for native desktop applications. Please note, this feature is only available when using the Keeper Desktop application.
To learn more about KeeperFill for Apps, click here.
On supported MacBook Pro devices, Keeper supports the use of Touch ID to login to your Vault. You can enable Touch ID from Keeper's Settings menu.
The next time you login to Keeper, the Touch Bar will show the Touch ID button, tap it.
Apply your registered fingerprint on the Touch ID sensor to log in.
Keeper is compatible with Windows Hello, a biometrics-based technology that allows users to authentic and log into their Windows device using biometric facial recognition, fingerprint reader, or pin (available on Windows 10).
To enable Windows Hello Login for Keeper, from the Account Dropdown Menu, click Settings > Security and toggle "Windows Hello Login" on.
Next time you log in to Keeper, Windows Hello will first attempt to authenticate your identity. Once authenticated, you will be automatically logged into Keeper.
To learn more about logging into Keeper with Windows Hello, click here.
To backup your records, from the Account Dropdown Menu click Settings > Export. There are three formats for export: PDF, .csv File, and .json File. To begin backup, simply click Export Now under the file format you would like to export to.
Exporting to a .csv file will not back up file attachments saved in records. For advanced backup capabilities see Keeper Commander.
The instructions below are for uninstalling Keeper Desktop App (Keeper Password Manager) for Mac and Windows OS.
Uninstalling the Keeper Password Manager will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.
Drag the Keeper Password Manager app to the Trash.
Empty the Trash.
Uninstalling Keeper Password Manager will also remove KeeperFill Browser Extension from Safari. Data stored in Keeper's Cloud Security Vault will NOT be erased.
Navigate to the Windows Start Menu > Settings > Apps & Features.
Within Apps & features, click the Keeper Password Manager application.
Click Uninstall.
You will be warned that the app and its related info will be uninstalled, click Uninstall to confirm.
User Account Control will ask you to confirm making changes to your device, confirm the changes by clicking Yes.
Consumer Support: [email protected]
Business Support: [email protected]
Link to FAQ Site: https://keepersecurity.com/faq.html
Additional user tutorial videos are available at: https://keepersecurity.com/support
