Our Keeper review investigates the company´s claim that the Keeper password manager is “the top-rated cybersecurity solution” and then compares its capabilities against other vault-based password managers to establish whether it is even a top-rated password management solution.
The Home Page of the Keeper Security website makes some sweeping claims about the Keeper password manager. Not only is it (allegedly) “the top-rated cybersecurity solution” and a “zero-knowledge security platform”, but the implication is it will protect you against becoming a victim of a ransomware attack. None of these claims are entirely accurate.
Is Keeper the Top-Rated Cybersecurity Solution?
Let´s start with the claim Keeper is the top-rated cybersecurity solution. It´s a password manager – not a firewall, anti-virus software, network monitoring tool, or any other cybersecurity solution you might think of before considering a password manager. Even if you did consider a password manager to be your most important cybersecurity solution, Keeper isn´t the top-rated in many trusted reviews.
Password manager reviews – like most review sites – can be manipulated by vendors or affiliates to make the products seem better than what they are. Only reviews based on verified users can be trusted for genuine ratings; and, if you look at Gartner´s most recent verified user peer reviews, Keeper achieves joint fourth place out of six password managers. Not at all top-rated!
Is Keeper a Genuine Zero-Knowledge Solution?
We raised this question in our comparison of Bitwarden versus Keeper due to Keeper´s automatic “BreachWatch” data health checks that scan password vaults without users being logged in. Keeper also has a password reset facility that has raised unanswered questions about its zero-knowledge claims; and, in 2018, a researcher found a bug in Keeper´s software that further undermined the zero-knowledge claim.
Zero-knowledge issues aren´t the only security concerns that should worry Keeper users. In 2016 and 2017 issues were identified with a Keeper browser plugin that allowed websites to steal passwords, while in 2018, an unprotected S3 bucket was found that exposed Keeper installer files and gave anyone permission to access and replace the files with malicious content.
Does Keeper Protect You Against Ransomware Attacks?
All password managers offer some protection against password-related data breaches and cyberthreats because passwords are saved with a corresponding URL. Therefore, if you visit a phishing site, the URL of the phishing site will not match the URL saved in the password manager, and the password manager will not autofill your login credentials. In this respect, Keeper offers no more or no less protection than any other password manager.
However, phishing is not the only attach vector for ransomware and other forms of malware. Drive-by downloads and infected attachments can also be used to deploy ransomware, so although a password manager can offer some protection against ransomware attacks, web filters and email filters can be equally as effective at protecting devices and networks against ransomware.
Assumptions Made in Our Keeper Review
Before continuing with our Keeper review, we are going to make a couple of assumptions. The first is that anybody considering a password manager will have the sense to look beyond sweeping claims. Keeper isn´t the only password manager guilty of hyping its product up, and we assume users will have reasonable expectations of what a password manager can do – and what it can´t do.
The second assumption is that Keeper has sorted out its security issues. It´s been a few years since the last major issue was identified and Keeper now operates a bug bounty program that rewards researchers if they uncover a vulnerability. If this assumption is correct, the decision whether or not to deploy Keeper should be based on the password manager´s capabilities and its value for money.
Keeper´s Free Plan
Keeper doesn´t advertise a free plan, but there is a way in which you can access a free version of the software by registering for a 30-day free trial of the Premium Plan (“Keeper Unlimited”) and then cancelling the first payment before it is due. However, the free version of the software only allows you to store data on one device; and, although you will be able to use a basic two-step login feature, there are better alternative free password managers to choose from with more capabilities.
Keeper´s Premium Plans
Keeper offers two premium plans for individuals – “Keeper Unlimited” and “Keeper Unlimited Plus”. Both plans support an unlimited number of devices, include cross-platform synchronization, text only secure sharing, and basic two-step login. However, if you want to want to take advantage of automatic data health checks and secure file storage, you will have to subscribe to the “Keeper Unlimited Plus” plan which has a hefty price tag of $58.47 per year.
Keeper´s Family Plans
Keeper´s Family Plans allow up to five members of the same family to maintain individual password vaults and share family login credentials (i.e., Netflix, Uber, Amazon, etc.) in one account. Again, there is a premium to pay for automatic data health checks and secure file storage; and, if you subscribe to the Keeper Family Plus plan to access these capabilities, you will be charged $103.48 per year rather than the standard Family Plan price of $74.99.
Keeper´s Teams Plan
Keeper is one of only a few password managers that offers a feature-limited Teams Plan for an unlimited number of users. However, Keeper´s Teams Plan is essentially an expensive extension of its Family Plan with the same capabilities and add-on options, plus an additional technical support option for $750/year if you need more than basic email support (limited to 25 emails per year) with a response time of two working days.
Keeper´s Enterprise Plan
Keeper´s Enterprise Plan for business is a more fully-featured solution that includes advanced two-step login (i.e., DUO and RSA), SSO authentication, a granular policy engine, and SCIM provisioning. The price of the Enterprise Plan depends on the number of users that will use the password manager, and – again – data health checks ($19.99/user/year), secure storage ($9.99/user/year), and technical support ($ varies) are additional add-ons.
Keeper Review Conclusion: It´s Not Top-Rated and It´s Not Value-for-Money
Whether you are looking at entry level Free Plans or top-of-class Enterprise Plans, Keeper is the least-featured and/or most expensive of all nearly all our featured password managers. If – for example – you compare Keeper´s Premium Plan for individuals to that offered by Bitwarden, you could be paying nearly six times of much for a service that lacks advanced two-step login and secure storage. You´ll also pay twice as much for a business plan with the same capabilities as Bitwarden.
Earlier in our Keeper review, we commented that the decision whether or not to deploy Keeper should be based on the password manager´s capabilities and its value for money. While the Keeper password manager can be packed with capabilities, the cost of using a fully-featured Keeper password manager is prohibitive when compared to most other password managers – not least market leader Bitwarden. For this reason, we cannot recommend the Keeper password manager.