IT Pro Verdict
Pros
- +
Polished user and management interfaces
- +
Free lifetime for all users helps separate business and personal passwords
- +
Competitively priced
Cons
- -
More expensive than some rivals
Launched in 2009, Keeper Security’s cross-platform password manager is one of the better known options on the market. While it doesn’t have a free tier for either personal or business users, trials are available, it’s competitively priced at all tiers, and the company has historically been reasonably prompt in rolling out security patches once vulnerabilities are reported.
Keeper’s Business tier is straightforward: at a cost of £40 per user, per year (which works out at £3.33 per month but is billed annually), your users each get a personal encrypted vault and shared team folders, and you get a neat admin console from which to manage everything. You also get 100GB of storage to share between your users.
Keeper Security review: Client features
Keeper desktop clients are available for Windows, Linux, and macOS, with mobile apps for iOS and Android. Unlike Bitwarden, which supports phones that don’t use Google’s services framework, the Android version of Keeper can only be installed via the Play Store.
Unsurprisingly, the clients provide access to all the vaults that each user has assigned to them, as well as tools to check on the security and strength of their passwords. The desktop applications make it easy to work with password-protected files, software tools and servers, and include hotkeys to easily enter usernames and passwords where needed, which is particularly helpful if your users regularly have to login to desktop applications and remote servers.
As you’d expect, there are also browser extensions for the usual suspects: Chrome, Firefox, Safari, IE, Edge and Opera are all supported. These plugins can both store and enter passwords on websites.
Keeper also offers an Enterprise tier, and as is usually the case, the enterprise service uses the same client as the consumer version. However, each user also gets a free personal Keeper Unlimited account, for use on unlimited devices, forever, even if they leave the company or if your business stops using Keeper. Your company won’t have admin access to these personal accounts, but they mean that your users won’t be tempted to store their own passwords in their business accounts - which in turn makes it less likely that you and your admin team will accidentally breach your employees’ privacy.
Keeper Security review: Management features
2021 IBM Security X-Force Insider Threat Report
Top discovery methods and recommendations for insider attacks
Keeper’s admin console feels spacious and easy to use. A dashboard gives you an overview of your user accounts, their password strength and use of 2FA, as well as any potentially compromised accounts thrown up by Keeper’s optional BreachWatch service, which we’ll talk more about shortly.
You can assign users to roles and teams, and use these to configure granular access rights, permissions and requirements. Roles can be assigned enforcement policies, from password requirements, 2FA, sharing restrictions, changing the behaviour of the browser extension, restricting access to password vaults based on IP address, and more.
Keeper’s enforcement policies don’t give you quite as much control over your users’ privileges as LastPass's more expensive Enterprise service - there are no geolocation restrictions that aren’t IP-based, for example - but the controls are slightly more granular than Bitwarden’s comparably-priced services offer.
Overall, Keeper provides one of the best at-a-glance admin consoles, and is among the easiest to manage.
Keeper Security review: Add-ons
Updating to Keeper Enterprise gets you single sign-on support, AD and LDAP sync (including Azure AD provisioning), access to APIs, extra 2FA options and email auto-provisioning. Keeper invites larger companies to discuss their needs in person, but you can actually upgrade Business accounts to Enterprise yourself via an option in the web interface for an extra £15 per user, per year; again billed annually. You can also add more storage as needed, with 1TB coming in at £375.00 per year.
Other optional add-ons include Breachwatch (£15 per user, per year), which alerts you to any passwords that may have been exposed in security breaches, an Advanced Reporting and Alerts module (£8 per user, per year) to reveal potential security issues by tracking failed logins and 2FA hits. There’s also a dedicated onboarding specialist from Keeper, and a secure chat system (£15 per user, per year).
The modularity of this approach may or may not appeal, but it helps to keep pricing of the core service simple and modest.
Keeper Security review: Verdict
Keeper takes a heavily encrypted zero-knowledge approach to securing your stored data, but it’s working to create less friction for users by minimising the frequency with which they have to log in and enter long master passwords, for example by emphasising device approval solely via push notifications to a previously approved device.
Bitwarden is cheaper and has a broader range of features, making it our current favourite password management service, but Keeper has better policy management via its top tier and is a great choice for business password security - particularly if you’ll use the optional add-ons.
K.G. is a journalist, technical writer, developer and software preservationist. Alongside the accumulated experience of over 20 years spent working with Linux and other free/libre/open source software, their areas of special interest include IT security, anti-malware and antivirus, VPNs, identity and password management, SaaS infrastructure and its alternatives.
You can get in touch with K.G. via email at reviews@kgorphanides.com.