Using Token2 FIDO2 Security Keys with Keeper Security

Keeper Security is a cybersecurity company that offers a widely used password management and digital vault solution. It is designed to help individuals and organizations securely store, manage, and protect their sensitive information. Within Keeper Security, the Web Vault and Admin Console serve different functions based on the user's role—whether you're an end user (personal or business) or an administrator managing a business or enterprise account.
Refer to our instructions below to learn how to use a Token2 FIDO2 security key as a two-factor authentication (2FA) method in Keeper Security.

Requirements:

• An access to the Keeper Web Vault/Keeper Admin Console.
• Admin access to enable security keys (not required if security keys are already enabled).
• Modern browser supporting security keys.
• A Token2 FIDO security key.

Enable 2FA Enforcement Policy

When using Keeper Security for individual accounts, two-factor authentication (2FA) with security key support is enabled by default. For business use, let's enable 2FA for corporate users by configuring the policy in the Admin Console:
1) Log in to the Admin Console.
2) Authenticate using your Master Password..
3) Go to Admin → Roles. Click on 'Enforcement Policies'.




4) In the left panel, select "Two-Factor Authentication.In the right panel, toggle "Require the use of Two-Factor Authentication", then toggle "Enable" next to "Security Keys." To enhance security, enable "Require PIN."

Enroll a Security Key in the Keeper Web Vault

1) Log in to the Web Vault.
2) Go to 'Account Settings'.




3) Select 'Security' from the left menu, then toggle on 'Two-Factor Authentication'.




4) Click 'Set Up' next to Security Keys.




5) The security key enrollment window will appear. Click 'Next' to continue.




6) Enter a name for the enrolled key, then click 'Register'.




7) Insert the security key and click 'OK' to continue.




8) If you have set up a PIN code on your security key, you will be prompted to enter it. Otherwise, you will be asked to create a new PIN.




9) Then you need to press the button on the security key to complete registration. Note: Security keys differ in the exact instructions to activate them. Your key may require a tap or button press to activate registration.




10) Click 'Done' to complete security key enrollment process.

Use a FIDO2 security key to log in

The security key is now ready to use with your Keeper Web Vault as a multi-factor authentication (MFA) method. After entering your email address, you will be prompted to authenticate using the security key.




Enter a PIN to continue, then provide your Master Password to authenticate successfully.
Note: The same key can be used for 2FA with Keeper applications on both Android and iOS platforms.