Enhanced Control for Business and Consumer Users with Security Keys for Highly Secure Authentication
Keeper Security now allows hardware security keys as the exclusive Two-Factor Authentication (2FA) method, boosting overall security. This robust physical second factor minimizes remote attack risks and decreases reliance on mobile devices. Admins can mandate the sole use of a hardware key for 2FA and impose additional security measures, such as requiring a PIN.
Stronger authentication factors are becoming increasingly important as cybercriminals become more sophisticated, breaking down what were previously considered ironclad defences. Traditional 2FA methods such as SMS and Time-Based One-Time Password (TOTP) can be vulnerable to social engineering and SIM swapping. In fact, the National Institute of Standards and Technology (NIST) removed the use of SMS authentication from its recommended authentication methods list due to its vulnerabilities. This has led organisations and individuals alike to seek out more secure 2FA alternatives.
“Cybercriminals are creative and relentless in their mission to break historically secure solutions”
Craig Lurey, CTO and Co-founder of Keeper Security.
“Cybercriminals are creative and relentless in their mission to break historically secure solutions,” said Craig Lurey, CTO and Co-founder of Keeper Security. “In response, many organisations are transitioning to hardware-based 2FA devices like YubiKey. With Keeper, administrators can now enforce the use of a hardware security key as the sole 2FA option, empowering users with a simple and user-friendly, but highly secure authentication method.”
While support for hardware security keys is not new to Keeper®, users were previously required to have a backup 2FA option in addition to their security key. Now, enterprise and consumer users alike can have a security key as their only 2FA method. Keeper enables users to have multiple security keys, allowing users to have backup keys, keys in multiple locations or keys for multiple devices.
Existing users can log in to the Keeper Web Vault or Keeper Desktop App version 16.10.12+ to remove other methods of 2FA if they prefer to only use a security key on its own. Administrators can also require their users to enable a PIN (FIDO2 user verification) with their security key, further protecting their organisations. Keeper supports login on iOS and Android devices with a security key. However, setup of a security key as the sole 2FA method must be performed on the Web Vault or Keeper Desktop App.
