Keeper is the best 1Password alternative.

Keeper is built with a proprietary zero-knowledge security architecture, meaning all encryption and decryption is done locally on the user’s device. Each record is encrypted using AES-256 with a different and unique key that is randomly generated, client-side.

Keeper provides shareable folders and individual records within a single vault to allow for easy and effective access, sharing and management.

Shared records between Keeper users works by encrypting the record key with the public key of the recipient.

A record share in Keeper is kept fully in sync with the source data so the shared record is always up-to-date. Keeper's sharing also supports bi-directional edits.

Keeper provides users with Time-Limited Access sharing, enabling them to set an expiration date on shares, ensuring access is revoked and extending least-privilege.

Keeper supports One-Time Share links to non-Keeper users, but even that method keeps the data perfectly in sync between the users. Further, Keeper has enabled Self-Destructing Records, allowing users to create records that can be shared with anyone and will delete themselves from the sender’s vault after a specified period or after the recipient views the record.

Keeper has the longest-standing SOC 2 Type 2, ISO 27001 and TRUSTe certification in the industry. Keeper’s ISMS will ensure that strict security controls are in place to protect customer data and ensure secure operation of products and services.

Keeper is also FedRAMP Authorized and StateRAMP Authorized – proving our commitment to maintain the highest standard of cybersecurity.

Keeper is ITAR compliant, with all development and engineering comprising US-based employees that are US Citizens.

Keeper does not outsource any software development.

Keeper integrates with all SAML 2.0 Identity Providers (IdP) including Azure, Okta, Ping and hundreds of others.

When using Keeper with SSO, there's no master password, and encryption is performed using 256-bit Elliptic Curve keys.

Keeper holds multiple US utility patents on zero-knowledge SSO integration and other technology.

Keeper has a dedicated application in both the Azure Marketplace and Google Workspace Marketplace, providing quick time-to-value for organizations and easing SSO integration. Keeper is the only dedicated app in the industry in the Google Workspace Marketplace for SSO and SCIM configuration.

Keeper provides a fully cloud-based system for syncing Google Teams to Keeper without hosting any infrastructure.

Keeper is seamless, using push notifications to allow for a frictionless login experience.

The Keeper Automator service provides automated device approvals without any user interaction required.

Keeper supports direct SCIM provisioning with any identity provider, without requiring any software installation.

Keeper supports multiple identity providers, configurations and nodes for different organizational units all within the same Keeper tenant.

Keeper's BreachWatch® keeps everything in our infrastructure and protects hashes with hardware security modules.

BreachWatch backend architecture was built to prevent the correlation of a breached password to an actual password in the user's vault, no matter the size of the data breach. The hashing used in the breached password detection utilizes a physical Hardware Security Module to ensure that hashing can only be performed online - to prevent any threat of brute force attack on the BreachWatch data.

Keeper offers hosting in US, US (GovCloud), EU, AU, CA and JP.

Keeper provides 6 API languages and more than 20 integrations with popular CI/CD and developer tools. Management of secrets is fully integrated into the Keeper vault and the Commander CLI. Keeper's secrets manager platform provides record-level and folder-level access.

Keeper Secrets Manager (KSM) is fully cloud-based and does not require any on-prem service to broker requests. KSM was built from the ground up to be fully integrated into Keeper's platform.

Keeper supports automated password rotation, enabling users to securely rotate credentials in any cloud-based or on-prem environment. Users can rotate service accounts, Active Directory accounts, Windows or Linux Users, cloud accounts, SSH keys, database passwords and more.

Automated password rotation is managed directly in the Keeper vault.

Keeper offers a multi-tenant MSP solution.

Keeper's node architecture allows different identity providers to be used within the same tenant.

Keeper Connection Manager (KCM) provides privileged sessions and secure remote access. KCM is fully integrated with cloud-brokered connections to remote infrastructure and remote browser isolation for secure and recorded browsing sessions.

Keeper Compliance Reports provides on-demand visibility to access permissions on records and credentials in your enterprise, without exposing secrets.

Keeper allows admins to create password generator enforcement policies at the domain level.

Keeper leads in customization. Admins can enable custom record types for distinction in their organization and upload personalized logos for better adoption. Users can also change their theme colors, giving them a more user-friendly experience.

Keeper secures master password-based accounts with 1 million rounds of PBKDF2, device approvals and super-encryption on our infrastructure.

Keeper provides secure, end-to-end encrypted messaging with KeeperChat.