Keeper Security

Securely transfer a departing employee's vault to another user during offboarding.

Manage users, roles, vault policies and security settings from a single, centralized dashboard.

Mirror your company's hierarchy with nested nodes for flexible policy enforcement and visibility.

Automate user, role and team management with Keeper Commander, our secure CLI toolkit.

Assign admin responsibilities to specific roles or teams without granting full access.

Enforce strong password requirements to meet compliance standards and reduce risk.

Apply custom permissions by role to enforce security policies and limit user capabilities.

Automate user and team provisioning from identity platforms with SCIM 2.0 compatibility.

Group users by department or function to simplify access control and record sharing.

Build custom reports and real-time alerts for security events, role changes and vault activity.

Instantly audit who has access to what, with downloadable reports that support SOX, HIPAA, ISO 27001 and more.

Identify unmanaged credentials and privileged accounts across your infrastructure with automated asset discovery.

Get a real-time view of vault security, policy enforcement and user behavior across your organization.

Continuously monitor password strength, reuse and risk across users, teams and shared records.

Stream Keeper logs into your SIEM to centralize visibility and accelerate incident response.

Automatically sync users and groups from Active Directory to simplify deployment and user management.

Log in instantly using face or fingerprint recognition, no need to enter your master password.

Quickly unlock Keeper with built-in biometric authentication on your trusted devices.

Control which devices can access your Keeper Vault to prevent unauthorized logins.

Integrate with Microsoft Entra ID (formerly Azure AD) to manage users and enforce enterprise policies.

Approve new devices or login attempts with a simple push notification.

Connect Keeper to your LDAP directory for centralized authentication and provisioning.

Store, use and share passkeys for passwordless login across devices.

Seamlessly integrate Keeper with your Identity Provider (IdP).

Generate time-based codes directly inside the Keeper Vault.

Require an additional factor to access the vault.

Access records and approve logins on your smartwatch for speed and convenience.

Protect your DevOps pipeline by securely delivering secrets into build systems and deployment workflows.

Manage vault records, users and shared folders directly from the command line.

Integrate Keeper into your stack with RESTful APIs for vault management, provisioning and audit logging.

Access a full suite of tools for building secure, automated workflows with Keeper's platform.

Automate provisioning, vault operations and security policies with Keeper's open-source CLI tool.

Easily manage access to secrets across teams by sharing entire applications in Keeper Secrets Manager.

Securely inject secrets into your applications using CLI tools and SDKs for Python, Go, .NET and more.

Load SSH keys from your Keeper vault and establish secure sessions without exposing private keys.

Access infrastructure using native protocols, no agents, VPNs or firewall changes required.

Continuously rotate credentials across servers, databases and services to minimize your attack surface.

Securely launch and monitor privileged sessions across infrastructure without exposing credentials.

Standardize and scale access with reusable templates for common SSH, RDP, and database configurations.

Create temporary privileged accounts that are automatically deleted after use.

Connect to systems with elevated privileges using role-based, just-in-time credentials.

Instantly connect to servers, desktops and remote systems through your browser or desktop app.

Enforce access controls that limit users to only the systems and credentials they need.

Open internal web apps in a hardened, isolated browser environment to prevent data exfiltration and malware.

Enable secure remote access to infrastructure and applications across hybrid and multi-cloud environments.

Record and audit privileged sessions with searchable video and keystroke playback across protocols.

Eliminate key sprawl by storing, rotating and assigning SSH keys from a centralized, encrypted vault.

Create secure tunnels for local development tools and database clients without exposing your network.

Enforce expiration windows for privileged access; credentials expire automatically after a set duration.

Grant secure, limited access to third-party vendors without creating permanent accounts.

Remove standing access to critical systems. Grant access dynamically and only when needed.

Create tailored record types to match your organization's unique use cases and data fields.

Store and manage passwords, secrets and files in a fully encrypted, zero-knowledge vault.

Securely upload and store sensitive files, photos and documents with full end-to-end encryption.

Access your vault even without an internet connection; encrypted data stays on your device.

Keep your information secure in public with a screen blur that activates after inactivity.

Use purpose-built templates for logins, payment cards, SSH keys, database credentials and more.