Web Vault & Desktop App
If you signed up for Keeper on your mobile devices, you can simply login to the Web Vault or Desktop App with your email address, master password and two-factor authentication (if enabled on your account).
Login to the Keeper Web Vault from:
Download the Keeper Desktop App from:
Device | OS Version Supported |
Windows | 7 / 8 / 10+ |
Mac OS | Current Version - 2 |
Linux | Fedora, Red Hat, CentOS, Debian, Ubuntu, Mint |
First, you must choose a Master Password. We recommend that you select a strong Master Password that is only used for Keeper, and not used for any other service. Do not forget your Master Password. Enterprise customers may enforce a Master Password that adheres to company guidelines.
Enterprise users who login with SSO do not require selection of a Master Password.
Customers who login with an existing identity provider will click on Use Enterprise SSO Login and enter the enterprise domain provided by your Keeper administrator.
Keeper protects you against cybercriminals with a secure and convenient password manager. Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital Vault that is encrypted on your device using 256-bit AES.
To create a new record, from the left navigation menu, click the + Create New button.
Keeper can import logins and passwords directly from your web browser, another password manager, or text file (.csv).
To import from your web browser (Chrome, Firefox, IE, Edge, Opera) you must first install the Keeper Import Tool.
To begin the installation, click on Account > Settings > Import. If you have started the import process from a mobile app and came to the web vault, the web vault will ask you to install the Keeper Import Tool. If you came fresh into the Web Vault, you can download the import tool by clicking on the Import button.
Click Install to begin the download. Keeper will then walk you through the process and ask you to double click on the Keeper Import installer from your Downloads folder.
Copy the code Keeper gives you. You will need this when prompted in the Keeper Importer.
If you are using a PC, you can just click Run when prompted.
If you are on a Mac, Double click the KeeperImport.zip file in your downloads. Then double click on the Keeper Import App to start the import process. You will encounter a few Keychain permission windows that will require your computer password to allow Keeper to access your web browsers.
Keeper will then ask for your code you received from an earlier step. Paste the code and click Import.
Once the installation is complete, Keeper will report websites and their associated logins and passwords directly from your web browser. You can then scroll though and uncheck those you do not wish to import. Once you have finished reviewing the report, click Add to Keeper to import the selected passwords.
Keeper can import logins and passwords from other password managers. To begin, click the Account Dropdown > Settings > Import.
Click on the password manager you want to import from and then click on View Import Instructions and follow the instructions provided. Once you have created the export file per the instructions, drag and drop it into Keeper's Drop a File Here window.
Confirm the export file has the correct extension at the end of the file name (e.g. export.csv).
A display window will appear allowing you customize how you want the import information organized. There are six general fields across the top of the scrollable window. Clicking on the titles of each one allows you to change the organization of that column via a drop down menu. Note the content of each column and change the title of each column to accurately represent that information (e.g. If you see a column of URLs and the column title says "Notes", change that column title to "URL"). Once column titles are set, click Import.
Keeper can import passwords from the following password managers:
Dashlane
EnPass
KeePass
KeePassX
LastPass
MacPass
mSecure
Passopolis - No longer available
Passpack
RoboForm
SplashID
True Key
ZOHO
Import instructions can also be found under the Import Records section in the left-hand column of these user guides.
Keeper can also import logins and passwords from a text file (.csv). To begin, click the Account Dropdown > Settings > Import. After selecting Text File (.csv) click on View Import Instructions and follow the instructions provided. Once you have created the export file per the instructions, drag and drop it into Keeper's Drop a File Here window.
Be sure to use the following file format: Folder, Title, Login, Password, Website Address, Notes, Shared Folder, Custom Fields
To specify subfolders, use backslash "\" between folder names
To make a shared folder specify the name or path to it in the 7th field
Examples of a text file import:
Create a regular folder at the root level with 2 custom fields
My Business Stuff,Twitter,marketing@company.com,123456,https://twitter.com,These are some notes,API Key,5555,Date Created, 2018-04-02
2. Create a shared subfolder inside another folder with edit and re-share permission
Personal,Twitter,craig@gmail.com,123456,https://twitter.com,,Social Media#edit#reshare
Keeper allows you to organize your Vault records by folders and subfolders.
To create a folder, click on + Create New and select Folder. To create a Subfolder, navigate to the parent folder first, then click the + Create New button and select Folder. You can also use the right-click menu to create a subfolder.
Multiple records and folders can be moved between folders or "shortcuts" can be created. Shortcuts are like alias files that can exist in two or more places, that when edited, change together. To move a single folder or record, click and drag that item to the destination. Confirm the action by clicking Create shortcut or Move. To move multiple items, hold Shift and click the items, drag and drop.
Moves and shortcuts can also be performed by right-clicking on a record or folder to get a contextual options menu. Clicking on the Options menu will also provide the ability to Move To and Create Shortcut.
Keeper's dynamic search feature automatically displays relevant records as you type. For your convenience, searching works in all fields within each Keeper record.
To filter by Name or Date, use the Name dropdown menu.
To filter by specific record types, use the All Records dropdown menu and buttons.
Deleted Records can be accessed from the left navigation menu.
Long, random passwords that are generated for each website help protect your information and reduce your exposure to data breaches. Keeper's Password Generator instantly creates strong, random passwords with a click of the Dice.
Custom Fields can be used to store additional data such as the answer to a security question, a pin number, an account number or anything else that makes the record valuable. Custom fields are created in pairs; the "Custom Field Name" and the "Custom Field Value". The custom field value can be used to autofill fields via the KeeperFill browser extension.
To create a custom field, while viewing a Keeper record, click Edit then click on the + Custom Field heading and observe the custom field name and value appear. Custom fields can be arranged in any order by dragging them in the desired order.
Masked custom field values are only available for Keeper Enterprise customers.
Entering "Website Address" in the Custom Field Name and a URL to the Custom Field Value allows you to associate the username and password credential of the record to an additional website if they use the same identity.
One-click login lets you securely access your favorite websites. From your Keeper record, simply click the Website Address field and your site will launch.
With KeeperFill, you can autofill your login credentials and save new website information to your secure Keeper vault. The KeeperFill browser extension is available for Chrome, Firefox, Safari, Edge, Opera and Internet Explorer. To learn more about KeeperFill, check out our guides under KeeperFill Browser Extensions.
The following video will show you how to:
Install KeeperFill for Chrome
Create Records with KeeperFill
Login to your Sites and apps with KeeperFill
Import Existing Records to your Keeper Vault
Share Records
Share Folders
KeeperFill makes it easy to change your passwords. When visiting a site's "Change Password" form, you will receive a prompt from Keeper asking if you would like help changing your password. By clicking Yes, Keeper will walk you through a few quick steps to change your password and simultaneously update the record in your vault. These steps will include a series of prompts detailing the following actions:
Autofill your old/current password
Automatically generate and autofill a new secure password
Confirm the changes and save them to your vault
How to change passwords with KeeperFill:
Once you are logged in, navigate to the site's Change Password form.
When prompted by Keeper to help change your password, click Yes.
Click the lock icon located in the form field for the old/current password (if available), then click Next.
Click the lock icon located in each form field that is requesting your new password, then click Next.
In the KeeperFill popup, click Save.
In the password form, click Save or Submit.
If the change was successful click Yes. (If it was not successful, click No - Revert Change. This will reverse the password update just made to the site's Keeper record and will allow you to attempt the password change again.)
The "Change Password" form is typically located on the site's "Account Settings" page.
Available as a Secure Add-on, Secure File Storage protects your confidential files, photos, and videos. Securely upload and store files such as passport photos, medical cards, drivers license, tax and loan documents, videos and any other private file to your Keeper vault.
From within their vault, users can either create a new record or add a file or photo to an existing record. Within the edit record screen, click the + Files or Photos button to upload a file, or simply drag and drop the file directly into your vault. Once the upload is complete, click Save.
Users also have the ability to securely share files with other Keeper users via record sharing, making Secure File Storage the best way to save and transfer the most sensitive of information. To learn more about record sharing click here.
Simply click the download icon next to the file or photo within a record, to quickly View or Download it.
Secure File Storage is available as a Secure Add-on.
The Web Vault supports file sizes up to 100MB and the Desktop App supports file sizes up to 5GB.Your file usage cannot exceed the purchased storage space. Attaching a file larger than the remaining space will result in an error.
For extra security on supported websites and apps, use Keeper to store Two-Factor Authentication codes for standard TOTP (Time-Based One Time Passwords).
Storing Two-Factor Codes in the vault has several advantages:
Keeper two-factor codes are more secure than using SMS text messages.
Two-factor codes stored in Keeper are protected with strong Zero-Knowledge encryption.
They can be auto-filled quickly while logging in to a site, saving time and reducing friction.
Keeper records are securely backed up so if you lose a device you don’t have to reset all the codes.
Keeper records are shareable. If you have multiple people that need to log in with the same credentials, they won’t need to track down the person who has the only device containing the code.
See instructions for Setting up Two-Factor Codes for Logging into Websites and Applications.
You can securely share individual records or entire folders with other Keeper users.
To share a single record with another user, open the Keeper record and click on Options > Sharing.
Enter the email(s), then choose Can Edit, Can Share, Can Edit & Share, Read Only, or Transfer Ownership. When transferring ownership, a single email address is required.
You can also create a shared folder. Shared folders allow you to share any number of records across your personal folders with one or more Keeper users.
To create a shared folder:
Click the + Create New button from the left navigation menu.
Select Shared Folder.
Use the drop-down menu to select where you would like this folder to be located.
Give the folder a name then click Create.
You can add records and users by clicking the Edit button. To add records, click the Records tab and then click on the Add Records search field to select which individual records you would like to add.
Use the Permissions drop-down menu to give each record a permission.
Can Edit - the record's contents can be edited by users of the shared folder.
Can Share - the record can be shared by users of this shared folder.
Can Edit & Share - users can both edit and share, and
Read Only - the users can only view the record.
To add users, click the Users tab and then click on the Email or Team Name search field. You can either select an existing individual's email address or team or type in the email address of a new user. If you input a new email address, click on Add to confirm the addition of the user.
Using the User Permissions drop-down menu, assign each user a permission.
Can Manage Users - the user can add or remove other users from the shared folder.
Can Manage Records - the user can add or remove any records in this folder.
Can Manage Users & Records - the user can both manage the user and record.
No User Permissions - the user can’t manage users or the record.
Once finished, click Save.
For security reasons, you can only share records with existing Keeper users.
Default folder settings can be configured to apply specific settings as a default configuration. There are four settings that can be configured. The first two apply to the users added to the shared folder: Can Manage Users and Can Manage Records. The second two apply to the records added to the shared folder: Can Edit Record and Can Share Record.
To apply the default settings:
Click Edit on the Shared Folder.
Click Default Folder Settings next to the gear icon.
Select the check box for each of the desired default settings you would like to apply.
Once finished, click Save.
Once the default configuration is set, it will only affect users and records added after the change was made. To change users or records added prior to the default configuration, those items will need to be changed either individually or through a bulk change.
Give trusted family and friends access to your Keeper Vault in the event of an emergency or loss of life. You can designate emergency contacts and decide how much time should pass before access is granted. Account Emergency Access can be found under the Account Menu > Account > Emergency Access. The amount of time between request and access granted can be set up to 3 months per contact.
Emergency Access is a feature only available for consumer accounts.
Keeper provides the ability to save and restore previous versions of your records. To restore a previous version of a record, click on the Options button and select Record History.
Select the version of the record you want to review based on the last modified date and time.
Review the record info by clicking on the record info icon. To restore the record, click Restore. To confirm the restore action, click Yes when prompted.
Deleted records can be reviewed and restored by visiting the Deleted Items section from the left navigation menu.
Click on a recently deleted record to review its detailed deletion information. To restore a deleted record, click Restore. To confirm the restore action, click Yes when prompted.
A record favorite is one that is marked to be quickly displayed under Favorites in the filter settings. To mark a record as a favorite, click on Options > Add to Favorites. You can also right click on a record and choose Add To Favorites. To see all your record favorites, click on filter menu at the top screen and choose Favorites.
BreachWatch is a powerful secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.
To start your BreachWatch scan, click BreachWatch from the left navigation menu. Click Let's Begin > Scan.
BreachWatch will then scan your records and report any risks associated with them. Clicking each record listed will allow you view the steps needed to Resolve each risk.
Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper Vault with the same password.
If you click Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.
BreachWatch is available as a Secure Add-on.
Security Audit allows you to quickly see what passwords are weak from the password strength visual (red being the weakest, green being the strongest). From the left navigation menu, select Security Audit. You can edit a record's password by clicking on the name of the record from the list and then clicking the Edit button (you will still need to update the password at the record's website to match the new password in your Vault).
Identity & Payments is the place for you to store your personal address information and your credit card numbers safely. KeeperFill can autofill this information when making a purchase online. Click on the left navigation menu and then select Identity & Payments.
Once you have your address and credit card information stored, you can then use KeeperFill to securely autofill the information into websites. Make sure you are logged into the Keeper Browser Extension (https://docs.keeper.io/user-guides/browser-extensions) and then click the Keeper lock that appears in an address or a credit card field.
Users can change specific features like language, theme and two-factor authentication in the Settings menu. To access the Settings menu, click the Account Dropdown Menu. Settings are broken down into tabs: General, Security, KeeperFill, Import and Export.
Within General Settings you can:
Choose a new color theme
Set Clipboard Expiration
Choose another language: English US & UK, Spanish, Japanese, Romanian, Chinese Simplified & Traditional, French, Korean, Russian, Arabic, Greek, Dutch, Slovak, Brazilian Portuguese, Hebrew, Polish, German, Italian, and Portuguese
Reset Master Password
Reset Security Question
Change Email Address
Find and delete duplicate records
Delete All Owned Records
Within Security Settings you can setup:
Auto-Logout
Enable Self-Destruct
Turn on Two-Factor Authentication
Setup U2F Security Keys
Windows Hello Login
Change PBKDF2 Iterations
Keeper is compatible with Windows Hello, a biometrics-based technology that allows users to authentic and log into their Windows device using biometric facial recognition, fingerprint reader, or pin (available on Windows 10). If Windows Hello is configured on a user's device and enabled in Keeper, this eliminates the requirement for users to enter their Master Password at the Keeper login screen, further expediting the login process.
Enabling Windows Hello:
Within your Vault, navigate to Settings.
Click Security.
Toggle Windows Hello Login "ON".
Once you have read the warning notification, click Enable to accept.
.PNG?alt=media&token=2053e38a-ffc0-4ba8-bdc6-93b585d126cd)
If Windows Hello is not yet configured on your device, you will receive a prompt to open your Windows Settings to configure it. Once you have configured Windows Hello, close out of the Settings window and return to your Vault to proceed with steps 3 & 4 above (Enabling Windows Hello).
Next time you log in to Keeper, Windows Hello will first attempt to authenticate your identity. Once authenticated, you will be automatically logged into Keeper.
By clicking Cancel you will be returned to the login screen to log in with your Master Password instead.
Two-Factor Authentication (2FA) provides an extra layer of security for logging in by adding a secondary passcode after the username & password are entered. Using 2FA is advised for highly valuable or sensitive accounts.
Keeper provides two ways to take advantage of 2FA:
To log into the Keeper Vault.
To login into any site or application from the Keeper vault by embedding a Two-Factor code as an extra field into records. Using 2FA is advised for important or sensitive sites like banks, medical records, email and social media.
Under Account Dropdown > Settings > Security Tab > Two Factor Authentication > Setup you can choose a 2FA method. The methods are:
Text Message (via SMS on a mobile phone)
Authenticator Apps (e.g. Google and Microsoft) which use Time-based One Time Passwords (TOTP).
RSA SecurID (Business or Enterprise customers only)
DUO Security (Business or Enterprise customers only)
Apple Watch / Android Wear (KeeperDNA). This will send the Two Factor code directly to your watch.
Text Message:
The Text Message toggle is on by default. Select a Region (US+1 by default) and enter your 10 digit phone number that includes your area code. Click Next.
You will see a prompt that says your Two-Factor Authentication code as been sent. Keeper then will ask to Enter your code. Enter the Keeper code that was sent to the phone number you added. This verifies that you trust this number and device. Click Next. Codes only last for a minute so if you need another code sent, click on Send a new code.
Backup Codes will be shown next. If you are unable to receive Two-Factor codes via that device, you can enter in one of the ones shown instead. Click on I have written these codes down to finish.
Your 2FA code will need to be entered every time upon Web Vault login, unless you check the box "Don't ask for 30 days". Business customers may be required to enter the code every login.
Authenticator Apps - Google and Microsoft Authenticator (TOTP):
Toggle the Google and Microsoft Authenticator (TOTP) on. Click Next.
Using the device that runs the Google and Microsoft Authenticator App, scan the QR code on the screen. The app will acknowledge the QR code and produce a verification code.
Enter that verification code back into Keeper. Click Next.
Backup Codes will be shown next. If you are unable to receive Two-Factor codes via that device, you can enter in one of the ones shown instead. Click on I have written these codes down to finish.
In order for Azure MFA (using the Microsoft Authenticator app.) to be utilized as a TOTP, the Azure administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.
Your 2FA code will need to be entered every time upon Web Vault login, unless you check the box "Don't ask for 30 days". Business customers may be required to enter the code every login.
If you are not receiving SMS messages from Keeper, please use the TOTP method or contact support@keepersecurity.com to troubleshoot the issue.
Keeper DNA:
Keeper DNA is a Two-Factor Authentication method that uses your smart watch as your second factor.
To use this feature, toggle the switch next to Keeper DNA, then follow these links to set up Keeper DNA on your platform:
To turn off Two-Factor Authentication, toggle the Two-Factor Authentication setting to Off in Settings > Security.
At your target website, visit the two-factor authentication screen which is usually located within security settings. It is sometimes referred to as "login verification" or "two-step verification". Screengrab/snip the QR pattern or copy the secret code into your clipboard.
From a Keeper record, select Edit > Add two-Factor Code.
Upload the screengrab/snip of the Two-Factor QR pattern (with security key) associated with the site or application. If there is no QR pattern, use the manual entry method. Enter the code given under “Secret Key”, often a 32-digit code and fill out the rest of the fields.
After adding the security key to the vault record a Two-Factor Code field will be generated inside the record.
The two-factor code will be regenerated frequently and can then be filled into the site or app that will prompt for it after logging in with a username and password.
To increase security, Keeper supports FIDO-compatible U2F hardware-based security key devices such as YubiKey and Google Titan keys as a second factor.
A two-factor authentication method must be set up before you register a security key. This insures that there is a backup method if the key is not present. Follow this link to set up a two-factor method.
Under Settings > Security > Security Keys select Setup.
Make sure the security key is not in the computer and click on Next.
Insert your security key into a USB port. Give the key a name. Click Register.
Tap the sensor on your security key. The key is now registered. Click Done.
A user can register up to 5 security keys. Any one of those keys will unlock the account.
To delete a security key, click on Edit under the Security Key section and then click on the trash can icon next to the registered key to delete it. If you turn off the backup two-factor authentication, you will delete the registered keys as well.
KeeperFill Browser Extensions:
With KeeperFill, you can autofill your passwords and save new passwords to your vault. The KeeperFill browser extension is available for every web browser.
You can learn more about our extension under KeeperFill Browser Extensions.
Install KeeperFill from https://keepersecurity.com/download
KeeperFill for Apps:
KeeperFill for Apps provides autofill features for native desktop applications using a hotkey. This feature is only available when using the Keeper Desktop application.
A native application is an app that is developed specifically for a certain device or platform.
For a detailed overview of KeeperFill for Apps, see this guide.
To backup your records, click on the Account Dropdown > Settings > Export. There are two formats for export: PDF and .csv. There is an option to include records that are shared from other people. Click on Export Now under the file format you want to export.
Exporting to a .csv file will not back up file attachments saved in records. For advanced backup capabilities see Keeper Commander.
On supported Macbook Pro devices, Keeper supports the use of Touch ID to login to your vault. You can enable Touch ID from the Settings menu.
The next time you login to Keeper, the Touch Bar will show the Touch ID button. Tap the Touch ID button.
Apply your registered fingerprint on the Touch ID sensor to log in.
Keeper Desktop on Windows 10 devices is compatible with Windows Hello, a biometrics-based technology that allows users to authentic and log in to their Windows device using biometric facial recognition, fingerprint reader, or pin.
If Windows Hello is enabled on a user's device, this eliminates the requirement for users to enter their Master Password at the Keeper login screen, further expediting the login process.
Users can enable "Windows Hello Login" within their Vault's security settings. In doing so, at their next login to Keeper, Windows Hello will attempt to authenticate the user's identity. Once authenticated, the user will automatically be logged into Keeper.
Support for Windows Hello for Business is also included in this release.
To enable Windows Hello login, visit the Settings screen:
KeeperFill for Apps is used to autofill login credentials into applications and websites. You can launch the panel from the hotkey combination, Command-Shift-1. After launching, permissions must be granted before you can use this feature.
Click on the lock and enter your password to make changes to the Accessibility settings under the Privacy tab. Click on the checkmark next to Keeper Password Manager to allow KeeperFill for Apps to login to your applications.
Drag the Keeper Password Manager app to the Trash.
Empty the Trash.
Removing Keeper Password Manager will also remove KeeperFill from Safari. Data stored in Keeper's Cloud Security Vault is NOT erased.
Navigate to the Windows Start Menu > Settings > Apps & Features.
Under Apps & features, click the Keeper Password Manager application.
Click Uninstall.
You will be warned that the app and its related info will be uninstalled, click Uninstall to confirm.
User Account Control will ask you to confirm making changes to your device, confirm the changes by clicking Yes.
Uninstall will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.
Consumer support: support@keepersecurity.com
Business support: business.support@keepersecurity.com
Link to FAQ Site: https://keepersecurity.com/faq.html
More videos are available at: https://keepersecurity.com/support
Additional user guides can be found by visiting the following links:
