Living in the midst of the glorious Information Age, it seems that we can not go more than a few weeks without hearing about someone getting hacked or having their personal information compromised. And it isn’t just your neighbor or computer-illiterate relatives anymore, we’re talking big guys like Target, USPS, Dropbox, Yahoo, and even the US State Department. Over 1000 companies were hacked in 2014 alone, and that doesn’t even touch the number of individuals that had their personal information compromised. Between May 2013 and May 2014 the Ponemon Institute estimated that over 432 million people were hacked, which roughly translates to about 47% of adults in the US (and to put it into an even bigger perspective, the US makes up about 4.5% of the world’s population).
As we transition from the paper age to the digital age, more and more of our personal lives are being accessed online. From retail shopping to accessing medical records to e-filing taxes, the landscape in virtually every industry is shifting toward being merely a few clicks away rather than relying on a pesky phone call or an inconvenient trip to be physically present somewhere. Furthering our convenience is the plethora of gadgets that have been introduced allowing us to make those clicks from just about anywhere. Whether you are on the couch, or in the car, or at a sportsball game, information is available to you anywhere, anytime.
But, for all that convenience, there are a few drawbacks. All of those
websites want usernames and passwords that all have different rules on what is acceptable and what is not. Capital letters, lower case letters, numbers, symbols, no longer than twelve characters, no fewer than six, and it can’t be the last fourteen passwords you have used. Never mind that for the sake of security you aren’t supposed to have the same password for anything, lest one be compromised and then the whole of your life is now in the hands of a stranger. Then it’s a little more serious than worrying that they’ll just post a dumb status on your favorite social media network. When your name and a frightfully small amount of personal information get into the wrong hands, you could suddenly become one of the more than 6.5 million people that had their Social Security numbers stolen in 2014.
It’s not all doom and gloom though. For as much as people are trying to get at your information, there are plenty of other people that are trying to keep those people out of your business. People like Darren Guccione and Craig Lurey, the co-founders of Keeper Security, a password manager and digital vault. In an exclusive interview with Techaeris, Guccione, the CEO, explained that the two were early adopters of the iPhone and just so happened to be on a plane together traveling back and forth from China in 2008. They realized that there was no password management solution on smartphones yet, as they were still relatively new devices. Most people in the password security industry were solely focused on the desktop and browser, so when they checked Apple’s appstore, they found nothing but an opportunity.
A plan was hatched and shortly thereafter a free, simplified version of the app was released initially for the iPhone, then rolled out to other mobile platforms. The app quickly gained popularity and it became a more robust application, going platform and device-wide, eventually building a whole company around providing a secure way for users to store and access their personal information.
While today’s app is far more robust than its predecessor, it’s still terribly easy to use, and it’s not just because the man who helped create the software personally walked me through it. The first step is to install the app on your phone, on your tablet, and/or you get the browser extension for your desktop. Every device is covered, every browser is compatible – even if you don’t use the extension you can still log into the website directly. If your device is compatible, you can use your fingerprint to log in like the super spy you are or you can come up with some awesomely secure master password. If you want to be even more super secure, you can set up a two-factor authentication so every time you try to log in a text message will be sent to your phone and that code will need to be entered in to access the vault.
Once you’re logged in, this is what you see, a simple and elegant interface that is fairly self-explanatory. The +New button starts a new record, Edit and Delete are exactly what you’d expect. Share is a neat feature that allows users to share specific entries to specific people, say if someone shared a bank account with their spouse or maybe a group managed a website together, each designated person would be allowed to see the fields. If you are editing or creating a new entry, you can either select an existing folder for the entry or you can name a new one that will automagically appear in your list in the vault. The fields are customizable with added features to attach files, photos, and even a notes section.
The mobile app is just as sleek and easy to use as the desktop browser and
again, works across all devices – iPhone, iPad, Windows, and Android. No matter where you use Keeper, everything syncs to your account that is backed up in the cloud vault. Additionally, everything is encrypted with 256-bit AES, PBKDF2, SOC-2 certified encryption at the user level. Basically, you’re in super spy levels of security as these methods are used by the US government for Top Secret level information. This also means that everything Keeper backs up in the cloud is fully encrypted with no cipher – they can’t see your stuff and if someone were to get ahold of their hard drives storing the information or otherwise break into their system, a brute force attack would take 50 supercomputers over 3 sexdecillion (10 to the 51st power) years to crack. Not that it would even get that far, because Keeper will allow only four attempts at sign-in before “self-destructing” and wiping all the data from your vault. It of course can be restored, after contacting Keeper and going through proper authentication (answering your security code and other key identifying information) since everything is backed up in their secure cloud vault in real time. Keeper will also allow you to do a snap-shot backup, so rather than overriding old information every backup, say if you deleted an entry you thought you wouldn’t need anymore but suddenly need it, it’s not lost forever as long as you had manually backed up your vault when you still had that entry.
Obviously, no matter how many measures can be added to enhance security through the software, the information is only as secure as the master password and log-in method. Guccione himself uses the two-factor authentication system and doesn’t have Password1234 as his master password. Using the fast-fill feature also helps eliminate the key-logging vulnerabilities. You’ll see the Keeper symbol at the end of log-in fields and simply need to click it, select the auto-fill information from the dropdown menu, and then you’re in. You can also create new entries this way that will go into an un-named folder to be sorted once you get back into your vault. It’s that simple.
When Darren and Craig set out, almost 5 years ago, they had no idea that they would build one of the fastest growing security apps in the market or that they would accumulate over 7 million registered users over the course of that time. Despite free-ware competitors like LastPass and KeePass, Keeper has flourished, adding 7k-20k users per day with a reasonably competitive pricing structure based on individual vs. group use and device support. Those user numbers are undoubtedly helped by the fact that Keeper is currently being pre-loaded onto all AT&T devices. It’s not just individuals that are flocking to Keeper either, putting it #136 in the Apple appstore for top grossing app, major companies like AT&T, Chase, Nike, and Tesla are also utilizing its features to enhance their internal security, manage documents company-wide, and fully control what their employees do and don’t have access to.
What’s even more impressive than these numbers and the features of Keeper is that it’s obviously a labor of love, especially for Guccione. Evidenced not only in the ease of use in and out of the demonstration, the continued additions to functionality and convenience in the software itself, but also in the unique themes users can choose from to customize the look and feel of their vault. It’s one thing to create a solid piece of software that does what it says it is supposed to do, but it’s another thing entirely to create great software that is not only functional but that is enjoyable to use. According to Guccione, that’s the key to his success so far.
It’s something we love doing and we’re extremely passionate about. Just the whole mobile first experience and making it really convenient and secure for consumers and that’s really the big thing for me. It’s that sort of disrupting of the security space, which is been somewhat like vanilla box and very rigid and very white shoe, and when I looked at the space I just thought, my god it would be nice to bring some elegance and creativity as well as security to the industry. And take a fresh look at things, and that’s what we try to do everyday here.