Keeper Security, a provider of cybersecurity software that protects passwords, privileged access, secrets, and remote connections using a zero-trust and zero-knowledge approach, has launched its latest feature, the 24-word recovery phrase.
This new account recovery method promises to provide Keeper users with the highest level of protection against emerging threats.
“The 24-word recovery phrase is just one example of our ongoing investment in new and more robust technologies to counter emerging cyber threats,” said Darren Guccione, CEO and co-founder of Keeper Security.
Palo Alto Networks shares steps for improving password security
World Password Day: Keep your passwords secure with Google
The 24-word recovery phrase replaces the current user-customizable security question-and-answer recovery method, serving as a break-glass method of recovering a Keeper Vault in the event that a user forgets their master password. It generates a unique 256-bit AES key that decrypts a copy of the user’s 256-bit AES data key, which in turn decrypts each individual record key, allowing access to each vault record.
Keeper has implemented recovery phrases using the same BIP39 word list used to protect crypto wallets. This method of recovery is commonly used in popular Bitcoin and cryptocurrency wallets, using a set of 2,048 carefully selected words to generate an encryption key with 256 bits of entropy, improving visibility and making the recovery process less error-prone.
Users with security questions enabled on their vaults will be prompted to replace their security answer with a 24-word recovery phrase, which they must store in a safe place such as a physical safe, not on a computer, phone, or other devices. To recover the account and reset the master password, users must have the recovery phrase and also provide an email verification code. For users with 2FA enforced, they must pass the two-factor authentication step.
Keeper administrators for business and enterprise accounts have the option of disabling account recovery for their users in the role enforcement policy section of the Keeper Admin Console. Account recovery can be used with SSO-enabled accounts if enforced by the Keeper administrator.
Keeper reminds users that if they forget their master password and lose their recovery phrase, they will not be able to access their Keeper vault. Due to Keeper’s zero-knowledge architecture, the Keeper team cannot help recover a lost recovery phrase.
To use this new capability, users are encouraged to ensure that all of their Keeper applications are up to date. The 24-word recovery phrase is a more secure method of account recovery, providing Keeper users with the highest level of protection against emerging threats.