RewardExpert.com is an independent website that is supported by advertising. RewardExpert.com may be compensated by credit card issuers whose offers appear on the site. Because we are paid by our advertising partners it may impact placement of products on the site, including the order in which they appear. Not all available credit card issuers or card offers are included on the site.

    Keeper Security: Stopping Hackers with Secure Passwords

    icon-user Angela Rose icon-comments Comments October 13, 2017

    If you’ve ever had an email account, you’ve likely received a message similar to this one:

    Dear customer, our courier has attempted to deliver your parcel today, but you could not be contacted at the address or on the phone. Because nobody could sign for the parcel, we have deposited it at our local office, leaving you a notice in your mailbox. To claim your package, please visit our office with a printed copy of the delivery notice. A scanned copy of the UPS Missed Delivery Notice can also be found by clicking here.

    It’s an example of a common phishing scam designed to infect the receiver’s computer with malware. Other phishing emails attempt to collect personal data—usually using links to fake websites designed for that purpose—and all are becoming increasingly common.

    RewardExpert recently spoke with Patrick Tiquet, director of security and architecture at Keeper Security, about the company’s online security product and the going price for stolen passwords on the dark web.

    Keeper is a secure password manager and digital vault for businesses and individuals
    Keeper is a secure password manager and digital vault for businesses and individuals

    Dark Web Data Sales are Increasingly Lucrative for Hackers

    Though a Keeper vault would not have protected the 143 million consumers whose data was recently stolen from Equifax, Tiquet says the incident highlights why sensitive information stored in the Cloud must be protected by encryption.

    “Once your data is out there in the Cloud or on the Internet, you have essentially lost control of that data or entrusted its protection to a third party,” he explained. “The only way to secure it is to encrypt it and retain control of the encryption keys. Essentially, that’s what a zero-knowledge encryption product like Keeper does.”

    Keeper protects its customers’ information—from passwords to credit/debit info and private files, photos, and video—with 256-bit AES encryption and the PBKDF2 algorithm, the same level of encryption used by the U.S. military and widely accepted as the strongest encryption available.

    This encryption prevents hackers from decrypting and selling the data online—an increasingly lucrative crime. Tiquet recently spent time on the dark web researching current market prices for stolen data. While passwords for Netflix, Hulu, and Spotify accounts were going for between $1 and $3, stolen credit card data was worth $8 to $22. Driver’s license information could be purchased for $20, and a complete medical record was fetching up to $1,000.

    Password Management on Desktop and Mobile Devices

    Founded in 2011 by Darren Guccione and Craig Lurey, Keeper Security began as a password management app.

    “Craig was a programmer and decided to write an app for his phone that would store his passwords,” Tiquet recounted. “He originally wrote it for personal use, but decided it would probably be useful to a wide audience of people.”

    Available as a fully-featured desktop or mobile app (for Android and iOS), Keeper allows you to store and manage passwords for any online account in a secure digital vault.

    “A lot of people write their passwords on Post-It notes,” Tiquet said. “I even know people who make contacts in their iPhone for passwords so they can keep them synched across devices. But that’s not secure at all.”

    Keeper utilizes world-class security to safeguard your information from hackers and cyber criminals
    The company uses world-class security to safeguard information from hackers and cyber criminals

    According to Keeper Security, 81 percent of data breaches are due to weak, default, or stolen passwords.

    “Keeper also has the ability to generate secure, unique passwords,” Tiquet continued. “Anytime you set up a new account, you can open your Keeper and generate a random password that is only used for that one online account.”

    Passwords stored in Keeper synch securely between desktop and mobile devices through the company’s Cloud infrastructure.

    “Whether you’re logging into a browser, your iPhone, or your Android device, everything will remain in synch,” Tiquet explained. “If you enter a new password in Keeper on your iPhone, you can retrieve it the next time you log in through your browser extension or your Android device.”

    Users can log into their Keeper vault on any device with a master password or, if their mobile device is equipped with a biometric scanner, their fingerprint. The software also utilizes two-factor authentication to provide an extra layer of security.

    More than 11 Million Customers and Growing

    “Our typical customer is educated in the need for better information security but wants a solution that is both easy to use and secure at the same time,” Tiquet said. “They understand the need for using complex, unique passwords for their online accounts. They understand the need for encryption of sensitive files and data, but at the same time, they don’t want to deal with encryption keys or managing public-private key pairs. Keeper gives people the best of both worlds.”

    According to Tiquet, the company currently has 11 million individual customers and 4,000 enterprise business customers and is adding thousands of new customers each month.”

    “We listen a lot to what customers want and need and are constantly working to integrate and improve customer-driven feedback and improvements into our products,” he added.

    Editorial Disclosure: Opinions expressed here are author's alone, not those of any bank, credit card issuer, hotel, airline, or other entity. This content has not been reviewed, approved or otherwise endorsed by any of the entities included within the post.

    UGC Disclosure: The responses below are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved, or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered.