Keeper is pleased to announce the availability of an important way for Keeper Business and Enterprise customers to monitor the security of the passwords stored in their users’ vaults and to lower the risk of credential-stuffing and account takeover attacks. We developed this powerful solution to provide you another tool to deal with the constant swirl of breach activity that unfortunately still dominates the news on a regular basis.
BreachWatch®️ helps protect your organization from the threats of cybercriminals who use the dark web to find billions of stolen passwords that have been used to breach accounts. If your employees happen to be using any of these passwords then your company is vulnerable. Sometimes even seemingly “strong” passwords can be stolen and are thus are no longer truly safe. Given the sheer numbers (5+ billion and counting) of breached passwords circulating, it’s virtually impossible for a user to manually check if they’re using a breached password every time they log in. Now, BreachWatch does this every time a user logs in so you can monitor for password vulnerabilities across your entire Keeper user population.
With Keeper’s zero-knowledge security architecture the user always stays in control of their vaults and is responsible for maintaining and updating the flagged passwords. However, some might need a nudge so BreachWatch includes a summary overview table that reveals which employees have been resolving breached passwords and which have not so you can take action to remediate. The administrator will see a summary table which highlights how many passwords are “Passed”, “At Risk” (which means they should be set to something stronger), or “Ignored” (which means these passwords will no longer be scanned but may still need updating).
Password Status Table
If you combine BreachWatch with the Keeper’s Advanced Reporting & Alerts Module (ARAM) you will get real-time, alert notifications. ARA also integrates with SIEM tools by sending events for deeper analysis and helping unveil if there are more sophisticated attacks going on.
Sample Report with BreachWatch Events
The user interface for employees is the same simple, proven one used by millions of consumers. A clear notification is given to the user when they log in to their Keeper application and quick options are provided to either resolve or ignore the breached password. The user’s actions are reported as events back to the admin console.
User Vault View
The highlights from the BreachWatch scan and other key summary data will also appear in a new Executive Dashboard in the Administrative Console to get a quick overview of your overall user population.
When combined all these capabilities are designed to provide you the visibility into the vulnerability of passwords which are kept in vaults of your staff, without needing to see the actual passwords themselves. We at Keeper believe this helps provide a best-of-both world’s scenario to minimize risk for your organization.