Keeper
Enterprise-focused password manager with strong compliance credentials, zero-trust architecture, and robust admin controls.
Feature Checklist
Strengths
- +Strong enterprise and compliance credentials (SOC 2, ISO 27001, FedRAMP)
- +Zero-trust and zero-knowledge architecture with rigorous access controls
- +Excellent admin console for business deployments with role-based permissions
- +Secure file storage for sensitive documents within the vault
- +KeeperChat offers encrypted messaging between team members
Weaknesses
- -BreachWatch and secure file storage require separate paid add-ons
- -Free plan is essentially non-functional — limited to one mobile device
- -Interface feels more corporate and less intuitive than consumer-focused rivals
- -Add-on pricing can make the total cost significantly higher than advertised
Overview
Keeper Security is an enterprise-grade password management platform founded in Chicago in 2011. Whilst it offers personal and family plans, Keeper's primary strength lies in its business and enterprise offerings, where it competes directly with solutions like CyberArk and Delinea. The platform is built on a zero-trust, zero-knowledge architecture and holds an impressive array of compliance certifications, making it a strong choice for organisations operating in regulated industries. Keeper has steadily expanded its product suite to include encrypted messaging, secrets management for DevOps, and connection management for remote infrastructure.
Security
Keeper uses AES-256-GCM encryption with PBKDF2-SHA256 key derivation, processing 600,000 iterations by default. The zero-knowledge architecture ensures that Keeper's servers never have access to your master password or vault contents. The platform is SOC 2 Type II certified, ISO 27001 compliant, and holds FedRAMP authorisation — a significant credential for organisations working with government entities. Keeper also supports FIDO2/WebAuthn hardware security keys, biometric authentication, and SSO integration with major identity providers. The BreachWatch add-on continuously monitors the dark web for compromised credentials associated with your vault entries, though its status as a paid extra rather than a core feature is disappointing.
Features
Beyond standard password management, Keeper offers a robust set of enterprise features: role-based access controls, event logging and SIEM integration, automated team provisioning via SCIM, and a powerful admin console for managing policies across an organisation. For personal users, the vault supports passwords, secure notes, file attachments, payment cards, and identity information. One-time sharing allows you to send credentials to anyone — even non-Keeper users — with automatic expiry. KeeperChat provides encrypted messaging within teams, and Keeper Connection Manager offers secure remote desktop and SSH access to infrastructure without exposing credentials.
Verdict
Keeper is a strong choice for businesses and enterprises that need a password manager with serious compliance credentials and granular administrative controls. The security model is rigorous, the platform is reliable, and the enterprise feature set is comprehensive. However, for individual users, the experience is less compelling — the interface feels more corporate than consumer-friendly, key features like breach monitoring and file storage are paid add-ons, and the free plan is too limited to be useful. Personal users will generally find better value elsewhere, but for organisations needing enterprise-grade credential management, Keeper deserves serious consideration.
External link. May be an affiliate link — see our methodology.
Pair With a VPN
Strong passwords are step one. A VPN encrypts your traffic and hides your IP address.
