Web Vault & Desktop App
If you signed up for Keeper on your mobile devices, you can simply login to the Web Vault or Desktop App with your email address, master password and two-factor authentication (if enabled on your account).
Login to the Keeper Web Vault from:
Download the Keeper Desktop App from:
First, you must choose a Master Password. We recommend that you select a strong Master Password that is only used for Keeper, and not used for any other service. Do not forget your Master Password. Enterprise customers may enforce a Master Password that adheres to company guidelines.
Enterprise users who login with SSO do not require selection of a Master Password.
Customers who login with an existing identity provider will click on "Use Enterprise SSO Login". Type in the enterprise domain provided by your Keeper administrator.
Keeper protects you against cybercriminals with a secure and convenient password manager. Your passwords, logins, credit card numbers, bank accounts and other personal information is saved in your private digital vault that is encrypted on your device using 256-bit AES.
To create a new record, click the + Create New button.
Keeper Web Vault can quickly import passwords from your computer and web browsers. To start the process, click on the Account > Settings > Import. If you have started the import process from a mobile app and came to the web vault, the web vault will ask you to install the Keeper Import Tool. If you came fresh into the Web Vault, you can download the import tool by clicking on the Import button.
Click on Install to start the download process. Keeper will walk you through the process and ask you to double click on the Keeper Import installer from your Downloads folder.
Copy the code Keeper gives you. You will need this when prompted in the Keeper Importer.
If you are using a PC, you can just click on Run when prompted.
If you are on a Mac, Double click the KeeperImport.zip file in your downloads. Then double click on the Keeper Import App to start the import process. You will encounter a few Keychain permission windows that will need your computer password to allow Keeper to access your web browsers.
Keeper will then ask for your token. Paste the token and click Import. Keeper will report websites that you can scroll though and uncheck if you don't want specific websites stored. Click Add to Keeper to import the selected passwords.
Keeper can import records and passwords from text file (.csv) or other password managers. Click on Settings > Import to view the options.
Keeper allows you to organize your vault records by folders and subfolders.
To create a folder, click on + Create New and select Folder. To create a Subfolder, navigate to the parent folder first, then click the + Create New button and select Folder. You can also use the right-click menu to create a subfolder.
Multiple records and folders can be moved between folders, or "shortcuts" can be created. Shortcuts are like alias files that can exist in two or more places, that when edited, change together. To move a single folder or record, click and drag that item to the destination. Confirm the action by clicking Create shortcut or Move. To move multiple items, hold Shift and click the items, drag and drop.
Moves and shortcuts can also be performed by right-clicking on a record or folder to get a contextual menu. Clicking on the Options menu will also provide the ability to Move To and Create Shortcut.
Keeper's search feature automatically displays relevant records as you type. Dynamic searching works in all fields within each Keeper record for your convenience.
To filter by name or date, use the Name dropdown menu.
To filter by specific record types, use the All Records dropdown menu and buttons.
Deleted Records can be accessed from the left navigation menu.
Long, random passwords that are generated for each website help protect your information and reduce your exposure to data breaches. Keeper's Password Generator instantly creates high-strength, random passwords with a click of the Dice.
Custom Fields can be used to store additional data such as the answer to a security question, a pin number, an account number or anything else that makes the record valuable. Custom fields are created in pairs; the "Custom Field Name" and the "Custom Field Value". The custom field value can be used to autofill fields via the browser extension.
To create a custom field while viewing a Keeper record, first click Edit then click on the Custom Field heading and observe the custom field name and value appear. Custom fields can be arranged in any order by dragging them in the desired order.
Adding "Website Address" to the Custom Field Name and a URL to the Custom Field Value allows you to associate the username and password credential of the record to an additional website if they use the same identity.
One-click login lets you securely access your favorite websites. From your Keeper record, simply click the Website Address field and your site will launch.
With KeeperFill, you can autofill your login credentials and save new website information to your secure Keeper vault. The KeeperFill browser extension is available for Chrome, Firefox, Safari, Edge, Opera and Internet Explorer. To learn more about KeeperFill, check out our guides under KeeperFill Browser Extensions.
Securely store files such as your passport photo, secret photos, drivers license, loan docs, videos and any private file to your Keeper vault. You can also securely share your private files and documents with other Keeper users from vault to vault. Simply click the + Files or Photos button or drag-and-drop your files.
Note: Secure File Storage is available as a Secure Add On.
For extra security on supported websites and apps, use Keeper to store Two-Factor Authentication codes for standard TOTP (Time-Based One Time Passwords).
Storing Two-Factor Codes in the vault has several advantages:
Keeper two-factor codes are more secure than using SMS text messages.
Two-factor codes stored in Keeper are protected with strong Zero-Knowledge encryption.
They can be auto-filled quickly while logging in to a site, saving time and reducing friction.
Keeper records are securely backed up so if you lose a device you don’t have to reset all the codes.
Keeper records are shareable. If you have multiple people that need to log in with the same credentials, they won’t need to track down the person who has the only device containing the code.
See instructions for Setting up Two-Factor Codes for Logging into Websites and Applications.
You can securely share individual records or entire folders with other Keeper users. To share a single record with another user, open the Keeper record and click on Options and then Sharing. Enter the emails, then choose Can Edit, Can Share, Can Edit & Share, Read Only, or Transfer Ownership.
You can also create a shared folder. Shared folders allow you to share any number of records across your personal folders with one or more Keeper users.
To create a shared folder:
Click on the + Create New button.
Select Shared Folder.
Use the drop-down menu to select where you would like this folder to be located.
Give the folder a name then click on Create.
You can add Records and Users by clicking on the Edit button. To add records, click the Records tab and then click on the Add Records search field to select which individual records you would like to add.
Use the Permissions drop-down menu to give each record a permission. Can Edit means the record's contents can be edited by users of the shared folder, Can Share means the record can be shared by users of this shared folder. Can Edit & Share means that users can both edit and share, and Read Only means that the users can only view the record.
To add users, click the Users tab and then click on the Email or Team Name search field. You can either select an existing individual's email address or team or type in the email address of a new user. If you input a new email address, click on Add to confirm the addition of the user.
Using the User Permissions drop-down menu, assign each user a permission. Can Manage Users means the user can add or remove other users from the shared folder, Can Manage Records means the user can add or remove any records in this folder. Can Manage Users & Records means the user can do both. No User Permissions means the user can’t manage others or the records.
Once finished, click Save.
For security reasons, you can only share records with existing Keeper users.
Default Folder Settings can be configured to apply specific settings as a default configuration. There are four settings that can be configured. The first two apply to the users added to the shared folder: Can Manage Users and Can Manage Records. The second two apply to the records added to the shared folder: Can Edit Record and Can Share Record. To set default settings:
1. Click Edit on the Shared Folder. 2. Click Default Folder Settings. 3. Select the check box for each of the desired default settings.
Once the configuration is set it will only affect users and records added after enabled. To change users or records added prior to the default settings, those items will need to be changed either individually or through a bulk change.
Give trusted family and friends access to your Keeper Vault in the event of an emergency or loss of life. You can designate emergency contacts and decide how much time should pass before access is granted. Account Emergency Access can be found under the Account Menu > Account > Emergency Access. The amount of time between request and access granted can be set up to 3 months per contact.
Keeper provides the ability to save and restore previous versions of your records. To restore a version of a record, click on the Options button and select Record History.
Select a version of the record you want to review based on the last modified date and time.
Review the record info by clicking on the record Info icon. To restore the record, click on the Restore icon. To confirm the restore, click on Yes in the popup window.
Deleted records can be reviewed and restored by visiting the Deleted Items section in the side menu.
Review the deleted records and click on a record to review its information. To restore a deleted record, click on the Restore icon. To confirm the restore, click on Yes in the popup window.
BreachWatch monitors the dark web for breached accounts and alerts you so you can take action to protect yourself against cybercriminals.
Note: BreachWatch is available as a Secure Add On.
To start your BreachWatch scan, use the top, left-hand menu and then select BreachWatch. Click on Let's Begin. Click on the Scan button.
BreachWatch will scan your records and report the risks associated with them. Clicking Scan Results will show the records at risk. Clicking on the record will allow users to resolve those risks.
Resolving the risk requires you to change the password at the affected website. Then update the record in Keeper with the same password.
Security Audit allows the user to quickly see what passwords are weak. Click on the top, left-hand menu and then select Security Audit. You can edit that record's password by clicking on the name of the record in the list and then click the Edit button.
Identity & Payments is the place for you to store your personal address information and your credit card numbers safely. KeeperFill can autofill this information when making a purchase online. Click on the top, left-hand menu and then select Identity & Payments.
Once you have your address and credit card information stored, you can then use KeeperFill to securely autofill the information into websites. Make sure you are logged into the Keeper Browser Extension and then click the Keeper lock that appears in an address or a credit card field.
Users can change specific features like Language, Theme and Two-Factor Authentication in the Settings menu. To access the Settings menu, click the Account Dropdown Menu. Settings are broken down into tabs: General, Security, KeeperFill, Import and Export.
Under the General Settings you can:
Choose a new color theme
Choose another language: English US & UK, Spanish, Japanese, Romanian, Chinese Simplified & Traditional, French, Korean, Russian, Arabic, Greek, Dutch, Slovak, Brazilian Portuguese, Hebrew, Polish, German, Italian, and Portuguese.
Reset Master Password
Reset Security Question
Change Email Address
Find and delete duplicate records
Delete All Owned Records
Under the Security Settings you can setup:
Auto-Logout
Enable Self-Destruct
Turn on Two-Factor Authentication
Setup U2F Security Keys
Change PBKDF2 Iterations
Two-Factor Authentication (2FA) provides an extra layer of security for logging in by adding a passcode after the username & password are entered. Using 2FA is advised for highly valuable or sensitive accounts.
Keeper provides two ways to take advantage of 2FA:
To log into the Keeper Vault.
To login into any site or application from the Keeper vault by embedding a Two-Factor code as an extra field into records. Using 2FA is advised for important or sensitive sites like banks, medical records, email and social media.
Under Account Dropdown > Settings > Security Tab > Two Factor Authentication > Setup you can choose a 2FA method. The methods are:
Text Message (via SMS on a mobile phone)
Authenticator Apps (e.g. Google and Microsoft) which use Time-based One Time Passwords (TOTP).
RSA SecurID (Business or Enterprise customers only)
DUO Security (Business or Enterprise customers only)
Apple Watch / Android Wear (KeeperDNA). This will send the Two Factor code directly to your watch.
1. The Text Message toggle is on by default. Select a Region (US+1 by default) and enter your 10 digit phone number that includes your area code. Click on Next.
2. You will see a prompt that says your Two-Factor Authentication code as been sent. Keeper then will ask to Enter your code. Enter in the Keeper code that was sent to the phone number you added. This verifies that you trust this number and device. Click on Next. Codes only last for a minute so if you need another code sent, click on Send a new code.
3. Backup Codes will be shown next. If you are unable to receive Two-Factor codes via that device, you can enter in one of the ones shown instead. Click on I have written these codes down to finish.
Note: Your 2FA code will need to be entered every time upon Web Vault login, unless you check the box "Don't ask for 30 days". Business customers may be required to enter the code every login.
1. Toggle the Google and Microsoft Authenticator (TOTP) on. Click Next.
2. Using the device that runs the Google and Microsoft Authenticator App, scan the QR code on the screen. The app will acknowledge the QR code and produce a verification code. Enter that verification code back into Keeper. Click Next.
3. Backup Codes will be shown next. If you are unable to receive Two-Factor codes via that device, you can enter in one of the ones shown instead. Click on I have written these codes down to finish.
Note: Your 2FA code will need to be entered every time upon Web Vault login, unless you check the box "Don't ask for 30 days". Business customers may be required to enter the code every login.
If you are not receiving SMS messages from Keeper, please use the TOTP method or contact support@keepersecurity.com to troubleshoot the issue.
Keeper DNA is a Two-Factor Authentication method that uses your smart watch as your second factor.
To use this feature, toggle the switch next to Keeper DNA, then follow these links to set up Keeper DNA on your platform:
To turn off Two-Factor Authentication, toggle the Two-Factor Authentication setting to Off in Settings > Security.
On the target website, visit the two-factor authentication screen which is usually located within security settings. It is sometimes referred to as "login verification" or "two-step verification". Screengrab the QR pattern or copy the secret code into your clipboard.
From a Keeper record, select Edit and then "Add two-Factor Code."
Upload the screen grab of the Two-Factor QR pattern (with security key) associated with the site or application. If there is no QR pattern, use the manual entry method. Enter the code given under “Secret Key”, often a 32-digit code and fill out the rest of the fields.
After adding the security key to the vault record a Two-Factor Code field will be generated inside the record.
The Two-Factor code will be regenerated frequently and can then be filled into the site or app that will prompt for it after logging in with a username and password.
To increase security, Keeper supports FIDO-compatible U2F hardware-based security key devices such as YubiKey as a second factor.
Note: A two-factor authentication method must be set up before you register a security key. This insures that there is a backup method if the key is not present. Follow this link to set up a two-factor method.
Under Settings > Security > Security Keys select “Setup.”
Make sure the security key is not in the computer and click on “Next”
Insert your security key into a USB port. Give the key a name. Click Register
Tap the sensor on your security key. The key is now registered. Click “Done.”
A user can register up to 5 security keys. Any one of those keys will unlock the account.
NOTE: To delete a security key, click on “Edit” under the Security Key section and then click on the trash can by the registered key. If you turn off the backup two-factor authentication, you will also delete the registered keys as well.
With KeeperFill, you can autofill your passwords and save new passwords to your vault. The KeeperFill browser extension is available for every web browser.
You can learn more about our extension under KeeperFill Browser Extensions.
Install KeeperFill from https://keepersecurity.com/download
KeeperFill for Apps provides autofill features for native desktop applications using a hotkey. This feature is only available when using the Keeper Desktop application.
A record favorite is one that is marked to be quickly displayed under Favorites in the filter settings. To mark a record as a favorite, click on Options > Add to Favorites. You can also right click on a record and choose Add To Favorites. To see all your record favorites, click on filter menu at the top screen and choose Favorites.
Keeper can import records and passwords from other password managers and .csv files. To do this click on the Account Dropdown > Settings > Import.
Keeper can import from the following password managers:
1Password
Dashlane
EnPass
KeePass
KeePassX
LastPass
MacPass
mSecure
Passopolis
Passpack
RoboForm
SplashID
Sticky Password
True Key
ZOHO
This requires an export file from those products. Click on the password manager you want to import from and then click on View Import Instructions. Follow the instructions provided. Once you have the export file from that manager, drag and drop it into Keeper's "Drop a File Here" window.
Make sure the export has the extension at the end of the file name. Example: export.csv
The import process allows you customize how you want the information organized. There are six general fields across the top of the scrollable window. Clicking on the titles of each one allows you to change the organization of that column via a drop down menu. Note the content of each column and change the title of each column to represent that info. Example: If you see a column of URLs and the column title says Notes, change that column title to URL. Once column titles are set, click on Import.
File Format: Folder, Title, Login, Password, Website Address, Notes, Shared Folder, Custom Fields
To specify subfolders, use backslash "\" between folder names
To make a shared folder specify the name or path to it in the 7th field
Example 1: Create a regular folder at the root level with 2 custom fields
My Business Stuff,Twitter,marketing@company.com,123456,https://twitter.com,These are some notes,API Key,5555,Date Created, 2018-04-02
Example 2: Create a shared subfolder inside another folder with edit and re-share permission
Personal,Twitter,craig@gmail.com,123456,https://twitter.com,,Social Media#edit#reshare
To back up your records, click on the Account Dropdown > Settings > Export. There are two formats for export: PDF and .csv. There is an option to include records that are shared from other people. Click on Export Now under the file format you want.
CSV Export will not back up files saved in records. This includes pictures, documents, music, etc. Only basic record hierarchy information will be exported. This includes Folder name, Title, Login, Password, URLs, Notes, Shared Folder Name, Custom Fields. Permissions and Add-On Features will not carry over. For advanced backup capabilities see Keeper Commander.
On supported Macbook Pro devices, Keeper supports the use of Touch ID to login to your vault.
1. Enable Touch ID in your Settings.
2. The next time you login to Keeper, the Touch Bar will show the Touch ID button. Tap the Touch ID button.
3. Use your registered fingerprint on the Touch ID sensor to log in.
Keeperfill for Apps is used to autofill login credentials into applications and websites. You can launch the panel from the hotkey combination, Command-Shift-1. After launching, permissions must be granted before you can use this feature.
Click on the lock and enter your password to make changes to the Accessibility settings under the Privacy tab. Click on the checkmark next to Keeper Password Manager to allow KeeperFill for Apps to login to your applications.
Removing Keeper Password Manager will also remove KeeperFill from Safari
1. Drag Keeper Password Manager.app to the Trash
2. Empty the Trash
Consumer support: support@keepersecurity.com
Business support: business.support@keepersecurity.com
Link to FAQ Site: https://keepersecurity.com/faq.html
More videos are available at: https://keepersecurity.com/support
Additional user guides can be found by visiting the below links:
