This password manager wants you to remember 24 words to recover your account

News
By Lewis Maddison
published

How's your memory these days?

Keeper Password Manager running on a phone
(Image credit: Keeper)

Keeper has introduced a new way to recover access to your vault should you forget your master password. The irony is, however, that your memory had better be pretty good, since you now need to remember a 24-word phrase to get them back.

The new method replaces the typical security question and answer recovery method, which user's could customize to be whatever they liked - handy if typical suggestions such as your first pet's name don't apply to you.

In explaining the encryption process, Keeper says that, "the recovery phrase generates a unique 256-bit AES key that decrypts a copy of the user's 256-bit AES data key. The data key then decrypts each individual record key, which in turn decrypts each vault record."

BIP39

The new recovery phrase relies on the BIP39 system, which is used to protect crypto wallets, and utilizes a string of random words to generate encryption keys. There are 2048 words in the list which have been "carefully selected to improve visibility and make the recovery process less error-prone."

read more

> Password manager Keeper gets a makeover with brand new UI

> 1Password vs Keeper: 2023 Features Comparison

> Here's the best data recovery software you can use

From this list, 24 random words are generated when you set your recovery phrase in Keeper. The company has said that users who already have security questions set up as their recovery method will be prompted to change it to the new 24-word phrase. 

As committing this phrase to memory is unlikely, Keeper says: "It is important for users to store this recovery phrase in a safe place such as a physical safe, and not on a computer, phone or other device."

In the event that users need to reset their master password, then they will have to use this new 24-word recovery phrase in addition to an email verification code. Those with 2FA enabled will also need to provide the codes generated on their secondary device, usually via an authenticator app.

As expected of the best password manager for mid-sized businesses, Keeper enterprise and business customers have a greater degree of control. Administrators on these plans can disable account recovery as an option for users in their organization in the role enforcement policy section of the Keeper Admin Console. Administrators can enable account recovery on SSO-enabled accounts.

Keeper cautions that as it employs a zero-knowledge policy, if a user forgets both their master password and recovery phrase, then they will be locked out of their account for good, as Keeper cannot recover them for you.

Lewis Maddison
Lewis Maddison
Staff Writer

Lewis Maddison is a Staff Writer at TechRadar Pro. His area of expertise is online security and protection, which includes tools and software such as password managers. 


His coverage also focuses on the usage habits of technology in both personal and professional settings - particularly its relation to social and cultural issues - and revels in uncovering stories that might not otherwise see the light of day.


He has a BA in Philosophy from the University of London, with a year spent studying abroad in the sunny climes of Malta.