Connect with us

Hi, what are you looking for?

HEADLINES

Keeper Security introduces 24-word recovery phrases to enhance account security

This new and more secure method of account recovery is designed to provide Keeper users with the highest level of protection against emerging threats.

Keeper Security, provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, privileged access, secrets and remote connections, is excited to announce the launch of its latest feature, the 24-word recovery phrase. This new and more secure method of account recovery is designed to provide Keeper users with the highest level of protection against emerging threats.

The 24-word recovery phrase replaces the current user-customisable security question and answer recovery method. It serves as a break-glass method of recovering a Keeper Vault in the event that a user forgets their master password. The recovery phrase generates a unique 256-bit AES key that decrypts a copy of the user’s 256-bit AES data key. The data key then decrypts each individual record key, which in turn decrypts each vault record.  

Keeper has implemented recovery phrases using the same BIP39 word list used to protect crypto wallets. The word list used in BIP39 is a set of 2,048 words used to generate an encryption key with 256 bits of entropy. This method of recovery is commonly used in popular bitcoin and cryptocurrency wallets.  Each word in the BIP39 list is carefully selected to improve visibility and make the recovery process less error-prone.

“We are thrilled to introduce this revolutionary new feature to our users,” said Darren Guccione, CEO and co-founder of Keeper Security. “At Keeper, we are committed to providing our customers with the most advanced and secure password management solutions available. The 24-word recovery phrase is just one example of our ongoing investment in new and more robust technologies to counter emerging cyber threats.”

Advertisement. Scroll to continue reading.

Users who have security questions enabled on their vaults will be prompted to replace their security answer with a strong 24-word recovery phrase. It is important for users to store this recovery phrase in a safe place such as a physical safe, and not on a computer, phone, or other device. To recover the account and reset the master password, users must have the recovery phrase and also provide an email verification code. For users with 2FA enforced, they must additionally pass the two-factor authentication step.

Keeper administrators for business and enterprise accounts have the option of disabling account recovery for their users in the role enforcement policy section of the Keeper Admin Console. Account recovery can be used with SSO-enabled accounts, if enforced by the Keeper administrator.

It is important to note that if a user forgets their master password and loses their recovery phrase, they will not be able to access their Keeper vault. Due to Keeper’s zero-knowledge architecture, the Keeper team cannot help recover a lost recovery phrase.

To utilise this new capability, users are encouraged to ensure that all of their Keeper applications are up to date.

For more information about Keeper’s password management platform and the 24-word recovery phrase, please visit Keeper’s Documentation Portal and Release Notes.

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical...

HEADLINES

At the end of 2023, Sophos X-Ops noted a significant increase in ‘remote encryption’ attacks – where ransomware attackers breach a compromised and often...

HEADLINES

With the launch of KATA 7.0, organizations can now benefit from enhanced Network Detection and Response (NDR) capabilities with deeper network visibility, internal threats...

HEADLINES

In 2024, Globe blocked 3,096 child pornography domains or those containing child sexual abuse and exploitation materials (CSAEM), a slight increase from 3,047 domains restricted...

HEADLINES

During a recent webinar on Building Resilience Against Online Scams, hosted by fiber broadband and technology provider Converge ICT Solutions Inc., its Chief Executive...

HEADLINES

In 2024, Kaspersky restructured its Partner Program into four key partner types, recognizing the diverse profiles within its network – from traditional resellers and...

White Papers

The study tested 2,000 UK and US consumers, exposing them to a series of real and deepfake content. The results are alarming: only 0.1%...

HEADLINES

Deepfakes pose significant threats and risks, with nearly half of companies worldwide reporting incidents in 2024, according to industry reports. HONOR’s innovative solution immediately...

Advertisement