• Keeper
  • Keeper Home
  • Business

    Business

    • Business Password Management
    • Dark Web Monitoring & Account Takeover Protection
    • Free Dark Web Scan
    • Resource Library
    • Watch Demo

    See Pricing Start Free Trial

    Enterprise

    • Enterprise Password Management
    • Dark Web Monitoring & Account Takeover Protection
    • Free Dark Web Scan
    • Resource Library
    • Enterprise Guide

    See Pricing Request Demo

    MSP

    • MSP Password Management
    • MSP Academy
    • MSP Guide
    • Watch Demo

    See Plans Start Free Trial

  • Personal

    Personal

    • Password Manager & Vault
    • Dark Web Monitoring & Account Takeover Protection
    • Free Dark Web Scan
    • Private Messaging
    • User Reviews

    Buy Unlimited Now Sign Up Free

    Family

    • Password Manager & Vault
    • Dark Web Monitoring & Account Takeover Protection
    • Free Dark Web Scan
    • Private Messaging
    • User Reviews

    Buy Now Watch Video

  • Pricing

    Pricing

    • Enterprise
    • Business
    • Personal
    • Family
    • Student
  • Contact Us

    Contact Us

    • Support
    • Business Sales
    • Press Inquiries
    • Call Us
  • Download
  • Login

    Login

    • Web Vault
    • Admin Console
Call Us
Vault Login

    Solutions

  • Enterprise
  • Business
  • Personal
  • Family

    Company

  • About Us
  • Security
  • GDPR Compliance
  • User Reviews
  • Press
  • Branding
  • Careers

    Resources

  • Download
  • Resource Library
  • Enterprise Guide
  • Events
  • Webinars
  • Blog

    Pricing

  • Enterprise
  • Business
  • Personal
  • Family
  • Student

    Support

  • Help Center
  • Contact Us
  • System Status
  • Terms of Use
  • Privacy Policy
  • Withdraw Cookie Consent

    Partners

  • Our Partners
  • Partner Network

    Integration

  • Commander SDK
  • SSO Connect
  • Documentation Portal
Keeper’s New Enterprise Authentication Flow Enhances Security, Usability & Efficiency

Password Security

Keeper’s New Enterprise Authentication Flow Enhances Security, Usability & Efficiency

Over the past decade, cloud computing, mobility, and the Internet of Things rendered the concept of the enterprise network perimeter moot. In 2020, the COVID-19 pandemic did something quite similar to the concept of the office environment. Workplaces don’t necessarily involve on-premise offices and desks anymore; workforces are distributed between employer locations and remote settings.

With remote employees using a combination of employer-provided and personal devices to log in to enterprise networks and apps, a speedy, efficient, and secure authentication process is more important than ever. To help employers maintain security while making it as easy as possible for their employees to log in and get to work, Keeper has launched a new authentication flow for our customers with enterprise plans that simplifies deployment and usability while enhancing security.

New Login Flow for SSO Users

Keeper’s new login flow simplifies deployment and makes it easier for SSO users to roll out Keeper to their end-users. If Keeper recognizes an end user’s email domain as an SSO-enabled Enterprise, the user will be automatically routed to their identity provider instead of having to type in the Enterprise Domain string. When combined with SCIM auto-provisioning or Just-In-Time (JIT) provisioning, onboarding new users is fast and secure.

New Login Flow for Master Password Users

Keeper has also enhanced the login process for Master Password users who have activated multi-factor authentication (2FA). For Master Password users, if a device is recognized, and 2FA is activated, the user will receive a prompt prior to typing in their Master Password. Attempts to login with a Master Password will be denied until the user passes the device verification and 2FA step. Only users with recognized devices will be asked to perform the 2FA step; users attempting access with unauthorized devices will not be prompted for 2FA.

Simplified Device Approval with Keeper Push™

Keeper Push, Keeper’s proprietary notification-based device approval system, simplifies the device approval process without compromising security. By default, users are asked to approve an unrecognized device using email. Keeper will now support 2FA code entry from a TOTP or text message, or a push notification to an existing, recognized device.

For users who log in with the new Keeper SSO Connect™ Cloud option, Keeper Push allows secure device authorization and private key transfer between the user’s devices. Keeper Push provides zero-knowledge encryption on the device while giving users seamless integration with existing SSO identity providers.

For Master Password users, Keeper Push can be used for approving new devices instead of relying on email.
Please note that Keeper Push is currently only available on the Web Vault, with support on iOS, Android and Keeper Desktop platforms scheduled to be rolled out in a few weeks.

Work Offline mode

Previously, Work Offline mode activated only when Keeper detected that a user was offline. Now, users can activate it themselves and login to their Vault without an internet connection. Please note that Work Offline is only available to business customers whose plans have Enterprise Admin enabled.

Support for Keeper SSO Connect™ Cloud

Keeper’s new enterprise authentication flow supports our 100% cloud-based integration with SSO identity providers such as Office365/Azure, Okta, JumpCloud, ADFS, Ping Identity, OneLogin, and all other SAML 2.0-compatible identity providers. Keeper SSO Connect™ Cloud is being rolled out across platforms during September. Please refer to the Keeper SSO Connect™ Cloud availability page for more details.

Reduced Reliance on Master Passwords

Keeper now supports the use of session tokens stored dynamically in memory with server-controlled state, instead of requiring the user’s Master Password locally for deriving authentication hashes. This reduces the reliance on Master Password and unlocks future capabilities such as cross-device login, session persistence between browser restarts and multi-vault switching.

Support for Elliptic Curve Cryptography

Keeper’s new SSO Connect™ Cloud feature takes advantage of client-side generated ECC (Elliptic Curve Cryptography) private/public key pairs for seamless, secure integration with SSO identity providers. By using device-level ECC keys to protect user vaults, Keeper maintains zero-knowledge while offering a full, cloud-based SSO integration.

Not a Keeper customer yet? Sign up for a 14-day free trial now! Want to find out more about how Keeper can help your organization prevent security breaches? Reach out to our team today.

 

  1. September 17, 2020
  2. Craig Lurey

Get the latest cybersecurity news and updates sent straight to your inbox

Recent Posts

  • Keeper’s Commitment to Staying Platform Agnostic
  • Don’t Let a Lost Password Lock You Out of Your Bitcoin Billions
  • How to Run a Phishing Test in the Remote Work Environment
  • Easy Tips for Businesses and Consumers on Data Privacy Day
  • How to Disable the Built-in Password Manager In Your Browser

Categories

  • Administrator Best Practices
  • Android
  • BreachWatch
  • COVID-19
  • iOS
  • Keeper Desktop and Web App
  • KeeperChat
  • NCSAM
  • News and Insights
  • Password Manager
  • Password Security
  • Ponemon Research
  • Product Updates
  • Security Updates
  • Trade Shows
COMPANY
  • About Us
  • Security
  • GDPR Compliance
  • User Reviews
  • Press
  • Branding
  • Careers
SUPPORT
  • Help Center
  • Contact Us
  • System Status
  • Terms of Use
  • Privacy Policy
  • Withdraw Cookie Consent
SOLUTIONS
  • Enterprise
  • Business
  • Managed Service Providers
  • Personal
  • Family
PRICING
  • Enterprise
  • Business
  • Personal
  • Family
  • Student
RESOURCES
  • Download
  • Resource Library
  • Enterprise Guide
  • User Guides
  • Events
  • Webinars
  • Blog
INTEGRATION
  • Commander SDK
  • SSO Connect
  • Documentation Portal
PARTNERS
  • Our Partners
  • Partner Network
  • Affiliate Program
  • Influencer Program
FREE TOOLS
  • Personal Dark Web Scan
  • Business Dark Web Scan
KEEPER VERSUS
  • LastPass
  • Dashlane
  • 1Password
  • KeePass
  • Passportal
  • Myki

© 2021 Keeper Security, Inc.

  • Security
  • Terms of Use
  • Privacy Policy

© 2021 Keeper Security, Inc.

Cookie Consent Preferences

Keeper Security uses cookies to store and track information about your usage of our services and to provide a better website experience. We also may share this data, in its aggregate form, with advertisers, affiliates and partners. Learn More

Decline Accept

Withdraw Cookie Consent

Cookie Consent Preferences

Keeper Security uses cookies to store and track information about your usage of our services and to provide a better website experience. We also may share this data, in its aggregate form, with advertisers, affiliates and partners. Learn More

Cancel Withdraw
Decline Accept