Keeper (password manager)

From Wikipedia, the free encyclopedia
Keeper Security, Inc.
Developer(s)Keeper Security Inc.
Initial releaseJanuary 2009
Operating systemWindows, Windows Phone, macOS, Linux, Android, iOS, Web, WatchOS, Wear OS[1]
TypePassword manager, secrets manager, agentless remote desktop gateway, privileged access manager
LicenseSoftware as a Service (SaaS)
Websitekeepersecurity.com

Keeper Security, Inc. (Keeper) is a global cybersecurity company known for providing of zero-knowledge security and encryption software covering functions such as password and passkey management, secrets management,  privileged access management, secure remote access and encrypted messaging.[2] It was founded in 2009 and is headquartered in Chicago, Illinois.[2][3]

Keeper Security Government Cloud[edit]

Keeper Security is listed as Authorized on the FedRAMP Marketplace at the Moderate Impact Level, with an authorization date of 8/23/2022[4] and Authorized on the StateRAMP Marketplace at the Moderate Impact Level, with an authorization date of 11/30/2022.[5] Keeper Security Government Cloud (KSGC) is for U.S. federal, state, and municipal government agencies. It supports compliance with the United States International Traffic in Arms Regulations (ITAR).

History[edit]

In 2009, Craig Lurey developed the original Keeper app with Darren Guccione.[3] In 2011, Lurey and Guccione officially co-founded Keeper Security, Inc. As of March 2022, Keeper had offices located in Chicago (US Headquarters); El Dorado Hills, California (Software Development); Cork, Ireland (EMEA Business Sales); and Cebu, Philippines (International Customer Support).[6]

In October 2019, Keeper launched KeeperMSP, a password management platform designed specifically for managed service providers (MSPs), managed security service providers (MSSPs), and their customers.[citation needed] In August 2020, Keeper received a $60 million minority investment from venture capital firm Insight Partners.[7] In March 2021, Keeper launched Keeper SSO Connect.[citation needed] In January 2022, Keeper announced the launch of Keeper Secrets Manager.[8]

In February 2022, Keeper acquired remote access gateway company Glyptodon Inc., creator of Glyptodon Enterprise and Apache Guacamole, and commenced integrating Glyptodon Enterprise into its product suite.[9] In May 2022, Keeper launched Keeper Connection Manager, a rebranding and revamping of Glyptodon Enterprise into a commercial-grade remote desktop gateway with expanded capabilities, advanced integrations, and ongoing feature development.[10]

In August 2022, Keeper Security became Authorized on the FedRAMP Marketplace at the Moderate Impact Level.[4] In November 2022, Keeper Security became Authorized on the StateRAMP Marketplace at the Moderate Impact Level.[5]

Software[edit]

Keeper offers a password manager that uses a freemium model for one device and a subscription-based model for households and businesses.[11][12][13] Keeper provides storage for passwords and passkeys, identity data, and financial data, along with a password generator and two-factor authentication.[14][15] The premium version offers unlimited storage on an unlimited number of devices, along with cross-device syncing and record-sharing.[14]

Keeper Security developed and launched KeeperMSP, a password management system for managed service providers (MSPs) and managed security service providers (MSSPs).[16][17] Keeper Security has also launched the Keeper Security Government Cloud, a FedRamp Authorized cybersecurity platform for government agencies.[18]

Keeper supports multi-factor authentication methods such as Google Authenticator, Duo Security, FIDO U2F, hardware keys and biometrics.[19][15] Keeper’s encryption uses AES-256 keys combined with PBKDF2 encryption so that only encrypted ciphertext is sent to Keeper’s servers.[20]

Keeper also allows file-sharing using PKI encryption, including Keeper One-Time Share for sharing files with non-Keeper users.[21]

In 2023, Keeper Security added passkey support for all desktop browsers.[22] In the same year, Keeper Security added a Password Rotation feature that allows organizations to automatically change their credentials for various services.[23]

Reception[edit]

PC World named Keeper an Editor's Choice in 2019[24] and Most Security-Minded Password Manager in 2022.[25] PCMag named Keeper “Best Password Manager for Businesses" (2022), as well as Best Password Manager and Editors' Choice for the previous three consecutive years.[26] Tom's Guide named Keeper one of the best password managers of 2022.[27] U.S. News & World Report's 360 Reviews team named Keeper Best Overall Password Manager of 2021.[11]

Incidents[edit]

In December 2017, Keeper was bundled with Windows 10 by Microsoft. Google security researcher Tavis Ormandy disclosed that the software recommended installing a browser addon which contained a vulnerability allowing any malicious website to steal any password.[28] A nearly identical vulnerability was already previously discovered and disclosed to Keeper in 2016.[29][30] Within 24 hours, the company issued a patch.[31][32]

Reporting and lawsuit[edit]

Dan Goodin of Ars Technica appears to have been the first to report about the vulnerability in the press.[29] Days later, the company that makes Keeper sued Goodin and Ars Technica, claiming their article was defamatory and misleading.[33] A number of security experts decried the lawsuit as "bullying" or "ridiculous" and said that "the lawsuit will cause more damage to the company than the article" did.[33][34] The lawsuit and Ars Technica's anti-SLAPP response lawsuit were dismissed on March 30, 2018, and Ars Technica added further clarifications to their article.[35][36]

Following the lawsuit, Keeper launched a public vulnerability disclosure program in partnership with Bugcrowd.[37]

See also[edit]

References[edit]

  1. ^ Keeper. "Download Password Manager for Mac, PC, Linux & More - Keeper". Retrieved 8 February 2018.
  2. ^ a b "Exclusive: Keeper Security launches industry-first solution". IT Brief Australia. Retrieved 2024-05-15.
  3. ^ a b "No matter how much we innovate, passwords are here to stay". Silicon Republic. April 16, 2021. Retrieved March 17, 2022.
  4. ^ a b "The Federal Risk And Management Program Dashboard". marketplace.fedramp.gov. Retrieved 2022-08-25.
  5. ^ a b "Authorized Product List". StateRAMP. Retrieved 2023-04-19.
  6. ^ "Company Overview & Solutions Guide" (PDF). Keeper Security. Retrieved March 17, 2022.
  7. ^ Earley, Kelly (August 18, 2020). "Keeper Security's password protection tech raises $60m". Silicon Republic. Retrieved March 17, 2022.
  8. ^ Spadafora, Anthony (January 12, 2022). "Keeper Security wants to help keep all your online secrets". TechRadar Pro. Retrieved March 17, 2022.
  9. ^ Riley, Duncan (February 3, 2022). "Keeper Security acquires Apache Guacamole inventor Glyptodon". Silicon Angle. Retrieved March 17, 2022.
  10. ^ Murphy, Ian (2022-05-05). "Keeper Security launches Keeper Connection Manager". Enterprise Times. Retrieved 2022-07-20.
  11. ^ a b Pegoraro, Rob; Forster, Timothy J. (August 12, 2021). "Keeper Password Manager Review and Prices". U.S. News & World Report. Retrieved March 17, 2022.
  12. ^ "Keeper Review: Pros & Cons, Features, Ratings, Pricing and more". TechRadar. 2022-10-31. Retrieved 2024-05-15.
  13. ^ "Keeper Password Manager". g2.
  14. ^ a b Long, Emily (January 27, 2022). "Keeper password manager review". Tom's Guide. Retrieved March 17, 2022.
  15. ^ a b "Keeper Password Manager & Digital Vault Review". PCMAG. April 19, 2024. Retrieved 2024-05-15.
  16. ^ "DefenTec deploys KeeperMSP to defend from cyberattacks | 2020-08-12 | Security Magazine". securitymagazine.com. Retrieved 2024-05-15.
  17. ^ "Keeper Security Announces Integration with AI-Driven IT Management Provider Atera". ChannelE2E. 2023-09-05. Retrieved 2024-05-15.
  18. ^ "Keeper Security Aims to Help Agencies Protect Passwords With FedRAMP-Compliant Software - ExecutiveBiz". executivebiz.com. 2022-08-31. Retrieved 2024-05-15.
  19. ^ Nieves, Edgar J. (March 4, 2022). "5 Best Password Managers of 2022". Money Magazine. Retrieved March 17, 2022.
  20. ^ Mazūra, Justinas (March 16, 2022). "Keeper password manager app review 2022". Cybernews. Retrieved March 17, 2022.
  21. ^ Will McCurdy (2022-06-23). "One of the best password managers around just picked up an excellent new feature". TechRadar. Retrieved 2022-07-20.
  22. ^ "Keeper is now bringing your passkeys straight to the browser". TechRadar. 2023-09-01. Retrieved 2024-05-15.
  23. ^ "Keeper can now automatically change up your passwords". TechRadar. 2023-05-25. Retrieved 2024-05-15.
  24. ^ Ansaldo, Michael (October 30, 2019). "Keeper review: Security is the greatest strength of this password manager". PC World. Retrieved July 20, 2022.
  25. ^ Ansaldo, Michael (July 13, 2022). "Best password managers: Reviews of the top products". PC World. Retrieved July 20, 2022.
  26. ^ Key, Kim (February 1, 2022). "The Best Password Managers for Businesses in 2022". PCMag. Retrieved March 17, 2022.
  27. ^ Wagenseil, Paul (March 1, 2022). "The best password managers in 2022". Tom's Guide. Retrieved March 17, 2022.
  28. ^ "Windows 10 included password manager with huge security hole". Engadget. Retrieved 2017-12-20.
  29. ^ a b Goodin, Dan (2017-12-15). "Microsoft is forcing users to install a critically flawed password manager". Ars Technica. Archived from the original on 2017-12-15. Retrieved 21 April 2024.
  30. ^ Chirgwin, Richard (18 December 2017). "Windows 10 bundles a briefly vulnerable password manager". The Register. Retrieved 2017-12-20.
  31. ^ Kovacs, Eduard (18 December 2017). "Google Researcher Finds Critical Flaw in Keeper Password Manager". Security Week.
  32. ^ Security, Keeper (2017-12-15). "Update for Keeper Browser Extension 11.4.4 - Keeper Blog". Keeper Blog. Archived from the original on 2017-12-22. Retrieved 2017-12-22.
  33. ^ a b Whittaker, Zack (2017-12-20). "Security firm Keeper sues news reporter over vulnerability story". ZDNet. Retrieved 2017-12-20.
  34. ^ Kovacs, Eduard (2017-12-21). "Keeper Sues Ars Technica Over Reporting on Critical Flaw". SecurityWeek. Retrieved 21 April 2024.
  35. ^ "Press releases | Ars Technica". arstechnica.com. 2018-03-30. Retrieved 2019-07-02.
  36. ^ Goodin, Dan (2017-12-15). "For 8 days Windows offered a preloaded password manager with a plugin vulnerability". Ars Technica. Retrieved 21 April 2024.
  37. ^ "Keeper Security Public Bounty Program". Bugcrowd. Retrieved July 20, 2022.

External links[edit]

Retrieved from "https://en.wikipedia.org/w/index.php?title=Keeper_(password_manager)&oldid=1224283064"