Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

March 2024

Keeper 101 - How to Create Your Keeper Account on Android

Learn how to create your Keeper Account on iOS in less than 2 minutes with our step-by-step guide. Signing up for Keeper's Android mobile app is easy. Simply visit the Google Play Store on your device, search for Keeper, and install the Keeper Password Manager application. Once the download is complete, tap Open to start Keeper.

Enterprise End User SSO Login

Learn how to create your Keeper Account on iOS in less than 2 minutes with our step-by-step guide. Your Keeper vault is easy to create, simple to use, and you’ll be up and running in just minutes. You can create and access your Keeper vault by either logging in directly from Keeper via an email invitation from your Keeper Administrator or from your SSO provider dashboard.

Does a VPN Protect You From Hackers?

While VPNs may protect you from some types of cyber attacks launched by hackers, they don’t protect you from all of them. For example, VPNs may protect you from Man-in-the-Middle (MITM) attacks, remote hacking, Distributed Denial-of-Service (DDoS) attacks and session hijacking, but VPNs will not protect you from hackers who steal encryption keys, or from account compromise, phishing attacks or illegitimate websites.

What Is a Browser Hijacker?

A browser hijacker is a type of malware that infects an internet browser. When your Internet browser becomes infected, it’s done without your knowledge or consent so you may not even notice it’s there until it’s too late. Typically, browser hijackers are used by cybercriminals to redirect users to malicious websites for financial gain, but they can also be used to gather your personal information and spy on your online activity.

Okta Report Ranks Keeper as #1 Fastest Growing Business App in EMEA and Top 10 Globally

Keeper Security has been featured by Okta, an access management leader in the Gartner Magic Quadrant, as the seventh fastest-growing application by number of customers in the company’s 2024 Businesses at Work report. This is the second time Keeper has been listed as one of the fastest growing apps on Okta’s annual report, reinforcing the Keeper’s mission to provide organizations of all sizes with an easy-to-use security solution that has simple integrations and fast time to value.

How To Manage SSH Keys

Secrets are non-human privileged credentials used by systems and applications to access services and IT resources containing highly sensitive information. One of the most common types of secrets organizations use is called an SSH key. Although SSH keys are secure from certain cyber attacks, they can be compromised due to secret sprawl and mismanagement.

What Is a Firewall?

A firewall is a type of network security system that helps protect your network from external threats by controlling incoming and outgoing network traffic. A firewall can be either software-based or hardware-based. A hardware firewall is typically a router, which is a physical device that blocks traffic from accessing the internal network. A software firewall works similarly, but is installed on your device. For instance, the Windows Firewall comes with operating systems Windows XP SP2 and later.

Public Sector Breach Alert: Q1 2024

Cyber attacks at government organizations are prevalent in 2024, as the government continues to be one of the most targeted sectors. Research by IT Governance has found that in January alone there have been 183 incidents in the public sector, including both ransomware attacks and data breaches. Cybercriminals target government agencies because they store valuable personal data and perform critical functions and services.

Keeper Announces Passkey Support for iOS and Android

Keeper Security is excited to announce that it now supports passkeys for mobile platforms on iOS and Android. This update extends passkey management functionality in the Keeper Vault beyond the Keeper browser extension support for Chrome, Firefox, Edge, Brave and Safari announced in June 2023. Passkeys have seen rapid adoption since their introduction in 2022 and Keeper is proud to enable their use across devices, bringing users a more secure and streamlined authentication experience.

How To Prevent Insider Threats

According to Verizon’s 2023 Data Breach Investigations Report, 19% of the threats organizations face are internal. When organizations don’t take the necessary steps to prevent internal misuse of credentials and human errors, their chances of suffering an insider threat are greater. A few ways organizations can prevent insider threats are by using threat modeling, implementing the principle of least privilege, using strict access controls and deleting accounts when employees leave.

How To Remove Adware From Your Computer

Adware can cause performance issues and unwanted ads on your computer. Some types of adware can even collect your personal information. To protect your personal information, you need to remove as much adware from your computer as possible. To remove adware from your computer, you should back up your files, download adware removal software and remove any unnecessary programs.

Keeper Refreshes Admin Console UI for Increased Visibility and Security

The Keeper Security team is thrilled to announce an updated User Interface (UI) for the Admin Console that drastically improves the user experience to save admins time and enhance productivity. The UI has a modern design that cohesively follows the much-applauded enhancements to Keeper’s end-user vault, released in 2023. The new Admin Console also provides an embedded onboarding experience that streamlines and facilitates new user adoption and proactively spotlights beneficial features.

The Different Types of Authorization Models

Authorization plays an important role in Identity Access Management (IAM). IAM is a security framework of business policies and processes designed to ensure that authorized users have the necessary access to perform their jobs. Choosing the correct authorization model for your organization is important to protect sensitive resources from unauthorized access.

Magic Links vs Passkeys: What's the Difference?

While both magic links and passkeys are methods of passwordless authentication, they’re not exactly the same. Some of the key differences between magic links and passkeys are how they work, their security, where a website server stores them and whether or not they expire after being used to log in to an account. Continue reading to learn more about what makes magic links and passkeys different and similar to one another.

Keeper 101 - How to Share a Keeper Record on iOS

Keeper’s iOS mobile app makes it easy to securely share records with friends and family. To share a record with another Keeper user, select the record from your vault and tap Share, then Share with User. Enter the user's email address or select it from the dropdown, then use the toggle buttons to choose what permissions the user will receive such as: “Can Edit”, “Can Share” and "Make Owner". If you do not enable any permissions, the user will have “view only” access.

Keeper 101 - How to Set Up and Use KeeperFill on iOS

KeeperFill is Keeper’s powerful, autofilling feature that works across all devices and instantly logs you in to websites and apps, saving you both time and effort. Keeper is fully integrated into the login experience of every website and app through the Passwords button that appears above your device's keyboard. To utilize this feature you need to first perform a few setup steps.

Keeper 101 - How to Set Biometric Login in Keeper on iOS

Biometric login, especially when paired with Keeper, is a time saving, convenient feature that allows you to login to Keeper with biometrics such as “Face ID”. To enable biometric login, navigate to the Settings screen in the Keeper app and toggle “Biometric Login”, “on”. Next time you want to log in to Keeper, simply tap the Face ID icon to initiate face recognition. Please note, Face ID must be configured in your device's settings before using it to login to Keeper.

How To Securely Send Tax Documents

The most secure way to send tax documents is by using a platform with zero-knowledge encryption such as a password manager. Zero-knowledge encryption is one of the safest ways to store sensitive data because it encrypts and decrypts data at the device level, not the company’s servers or in the cloud. Using a password manager with zero knowledge removes the anxiety of having your sensitive information breached by unauthorized parties.

How To Protect Yourself From AI Voice Scam Calls

Artificial Intelligence (AI) being used to carry out cybercrime isn’t new, but as AI becomes more advanced, so do the tools that cybercriminals are using. One of the most recent AI-enabled cyber threats we’ve seen is cybercriminals using voice-cloning technology to carry out scam calls. You can protect yourself from AI voice-cloning scam calls by blocking spam calls, not picking up calls from unknown numbers and creating a safe word with your family in case a legitimate emergency occurs.

Can MFA Be Bypassed by Cybercriminals?

Enabling Multi-Factor Authentication (MFA) is a cybersecurity best practice that helps protect online accounts from unauthorized access; however, not all forms of MFA are created equally in terms of security. There are ways that cybercriminals can bypass MFA. Some MFA methods are more vulnerable to cyber attacks and are often exploited by cybercriminals. There are methods of MFA that do a better job of protecting your online accounts; you just have to choose the correct option.

What Is Privilege Creep?

Privilege creep is a cybersecurity term that describes the gradual accumulation of network access levels beyond what an individual needs to do their job. Users need specific privileges to perform tasks and job functions. These privileges can include accessing sensitive data, installing new programs, updating software, configuring networks, adding new users and more. Not every user needs to be granted all privileges to do their job.

What Is Kerberoasting and How to Prevent it

Kerberoasting is a form of cyber attack that targets service accounts using the Kerberos authentication protocol. Attackers exploit the authentication protocol to extract password hashes and crack the plaintext passwords attached to the account. These attacks are prevalent because they can be difficult to notice and mitigate.

What Are the Cybersecurity Risks of Remote Work?

Working remotely has allowed organizations to enhance their efficiency and provide employees with flexibility. However, remote work comes with cybersecurity risks that can often lead to data breaches and jeopardize an organization’s security. The five cybersecurity risks of remote work are using weak passwords, an insecure internet connection, unencrypted file sharing, an expanded attack surface and the use of personal devices.

Magic Links: What They Are and How They Work

A magic link is a type of passwordless login where a link is sent to a user through email or text message after they’ve entered their email address or username into a login portal. When the user clicks on this link, they’re signed in to their account without having to enter a password. This process appears to be “magic” since the user doesn’t have to enter a password, hence the name. Magic links are also often used as a method of Multi-Factor Authentication (MFA).

How To Implement the Principle of Least Privilege

Organizations should implement the principle of least privilege to protect their sensitive data from unauthorized access. To implement the principle of least privilege, organizations need to define roles and permissions, invest in a Privileged Access Management (PAM) solution, enforce MFA, automatically rotate credentials for privileged accounts, segment networks and regularly audit network privileges.

The Pros and Cons of Using Passphrases

Some of the benefits of using passphrases are that they’re easy to remember, difficult for cybercriminals to crack and they’re considered to be more secure than traditional passwords because of poor password habits. Some of the disadvantages of using passphrases are that some websites and apps may have low character limits, it’s impossible to remember passphrases for every single one of your accounts and they’re still vulnerable to being exposed in public data breaches.

Password Entropy: What It Is and Why It's Important

Password entropy is a measurement of how difficult it would be for a cybercriminal to crack or successfully guess your password. When calculating password entropy, the calculation takes into account how long your password is and the variation of characters you’re using. Character variations include the use of uppercase and lowercase letters, numbers and symbols. Continue reading to learn more about the importance of password entropy and how you can calculate it using the password entropy formula.

Keeper 101 | Enterprise - How to Create Nodes in Keeper Enterprise

Keeper's node architecture scales to any sized organization. At the highest level of our organization structure are nodes. Nodes are used to organize your users into distinct groupings, which can have their own sets of roles, teams, two-factor authentication, enforcement policies and provisioning methods. By default, the top level parent node, or root node is set to your organization name, and all additional nodes are created underneath the Root Node. Smaller organizations may choose to administer Keeper at a single level, meaning no additional nodes are created.

Keeper 101 - How to Create Your Keeper Account

To create your Keeper Account, visit keepersecurity.com and hover your cursor over the “Login” dropdown and select Web Vault, then click Create an Account. Enter your email address and click Next. You will be prompted to set and confirm a master password. Don’t forget your master password! Since this password will unlock all of your other passwords in your Keeper Vault, it is critical that you set a strong master password using upper and lowercase letters, numbers and symbols.

Keeper 101 - How to Create Your Keeper Account on iOS

Signing up for Keeper's iOS mobile app is easy. Simply visit the App Store on your device, search for Keeper, and install “Keeper Password Manager”. Once the download is complete, tap Open to launch Keeper. Tap Create Account to get started. Enter your email address and tap Next. You will be prompted to set and confirm a master password. Don’t forget your master password! Since this password will unlock all of your other passwords in your Keeper Vault, it is critical that you set a strong master password using upper and lowercase letters, numbers and symbols.

Password Spraying vs Credential Stuffing

Password spraying and credential stuffing have a lot in common, but the main difference is in the way the attack is executed. With credential stuffing, the cybercriminal already has a set of verified login credentials, whereas, with password spraying, the cybercriminal has to guess the login credentials by matching a list of usernames with a commonly used password.