I’ve been using Keeper password manager for about a year and I’ve been happy with it. When I perused your recommendations, it’s not listed. Should I switch to one of the recommendations immediately? I paid for a three year subscription when I signed up so I would rather continue using it. Is it a bad idea to continue using it until my subscription is expired? Is Keeper as bad as LastPass?
We only list products in this section that have a third party security audit, (with the exception local password managers). I couldn’t find anything about that for this particular product.
In fact all I was able to find was aggressive marketing campaigns (astro turfing), saying the product was secure, and an article entitled “Security Audit” which was about auditing users in your team, not a third party security audit. I suspect they purposely chose to name that page, that in order to achieve certain search engine results.
In the case of Bitwarden and 1Password these have had regular audits:
This is why we require third party security audits. As for LastPass that was known to be bad for quite some time, sadly people just believed the marketing, and used it anyway.
It’s important to remember that it was never quite as bad as Lastpass, as there were simply fields in Lastpass that were not encrypted at all, (eg URL field).
Bitwarden has increased the rounds, (there is an option to do that) and they are working on adding argon2. Honestly I have a lot more confidence in Bitwarden, than I would in Lastpass.
What these disclosures will likely mean in the future is there must be a way for the provider to increase them for accounts which are low.
I my eyes keeper is more of an enterprise solution (although i see they offer to both) not really something for personal usage. All the integrations offer a lot of options but also heavily increase attack factor. I wouldn’t be so keen using this if I had no need for this.