Introductory email content

Thanks for trying out Kee Vault!

As promised, this is the first of a handful of introductory emails. To start with, here are some general tips about using Kee Vault.

Two versions

You can use two different versions of Kee Vault:

• Version 2: Our newest version, with great features on Android devices including fingerprint unlock and auto-fill into your other websites and apps. Get it now from:
  • Google Play: https://play.google.com/store/apps/details?id=com.keevault.keevault
  • App Store: ‎Kee Vault on the App Store
• Version 1: The original version of Kee Vault available at https://keevault.pm . We sometimes refer to this as the “web app” since it is created with web technologies but it can also be “installed” to mobile devices and computers.

Both are entirely compatible with your trial subscription account so you can swap and change between them - it is even possible to use version 1 on your Android or iOS device if you prefer, although you’ll be missing out on all the recent improvements in version 2 if you do so!

Web browser extension

If you’re not already using the Kee browser extension for Firefox and Chrome on your Windows/Mac/Linux computer, check it out - it enables automatic form filling and saving new logins right from the website you want to log in to. The Kee Vault web app is designed to be easy to use even without the browser extension but nothing beats the time saving that you’ll get from having your credentials available as soon as you load the website.

Mozilla Firefox: Kee - Password Manager – Get this Extension for 🦊 Firefox (en-US)

Google Chrome: Kee - Password Manager - Chrome Web Store

Save/sync

When you click Save, your protected Vault gets saved to your local device first and then Kee Vault will save it to the Kee Vault secure cloud, ready for you to access it from any other device whenever you need it. Your Vault is always protected before leaving your device so even if someone maliciously accesses the Kee Vault servers, your private data is not at risk. We’ll explain a bit more about this protection in the 4th introduction email.

Importing data

If you have passwords stored in an old password manager, both versions of Kee Vault offer an import feature. The Kee Vault version 1 feature is more complete so it’s worth reading more about that if you don’t have a KeePass KDBX file for importing: Importing from other password managers to Kee Vault

Basic usage and documentation

We have carefully designed both versions of Kee Vault so that the fastest way for you to work out how to use it will be discoverable directly within the app itself so don’t be afraid to try ideas out yourself - you’re probably right! For some of the more complex aspects of the app or Kee Vault service, we maintain a set of documents on our community forum.

Documentation: Topics tagged documentation

Feedback and other support: https://forum.kee.pm/

In the next email, we’ll talk a bit more about some of the basic features, including some of the reasons why you might want to use a particular feature.

We hope some of that information was helpful. Over the next few weeks we’ll send you emails covering the following topics:

• Accessing your passwords
• Saving new passwords
• Organising your passwords
• Security
• Customisation
• Availability
• Compatibility

Read this second introductory email to learn more about accessing and saving your passwords using Kee Vault.

Saving an existing password

The easiest way to save a password while you sign in to a website or app depends on which type of device you are using.

Android (Kee Vault 2): The Android AutoFill service will prompt you to save your credentials after you have signed in to a website or app. Make sure you have enabled this Android feature first.

iOS (Kee Vault 2): Click on the “Passwords” button on your keyboard to start the Kee Vault password filling feature. You can then click the “Add” button to type your username and password into a new Kee Vault entry. When you save the new entry it will be autofilled into the app/website so you only have to type the information once.

Windows/Mac/Linux (Kee Vault 1): Use the Kee browser extension to easily save your credentials after you have submitted a web site’s sign-in form.

Web browsers, websites, Android, iOS and other apps can all behave in ways that prevent Kee Vault from working with them in some circumstances. For those cases (or just whenever you prefer) there are other ways you can store your credentials, including clicking on the “+” button in Kee Vault and entering the information directly.

Accessing your passwords

As with saving, the easiest way to get access to the passwords you save within Kee Vault is to use either the desktop browser extension or use the AutoFill feature of your Android or iOS phone.

Although the exact steps vary, in each case Kee Vault will present you with a list of entries that “match” what you are trying to sign in to.

Most people won’t need to concern themselves with all of the details but you can tweak the process that identifies a “match” in a variety of ways. A good place to start for Kee Vault 2 is the “Integration settings” section in each entry. For Kee Vault 1, the “Show settings” link in the “Browser extension” entry field is broadly equivalent. There is a lot more detail in the documentation and elsewhere on the community forum: Topics tagged documentation

Copy to clipboard

If the browser extension isn’t available for your preferred web browser or the app/website you’re accessing doesn’t support the Android/iOS AutoFill feature, the easiest way is to copy the password into your device clipboard and then paste it into wherever it is required.

For Kee Vault 1:

To copy the password (or any other entry field) you can click on the field name, in this case the word “Password”. The desktop keyboard shortcut “Ctrl + C” will also copy the password value to the clipboard if you prefer using a keyboard rather than a mouse.

For Kee Vault 2:

The Copy feature is an option in the “field menu” - the three dots next to each field in the entry.

Generate a password

Using the browser extension or the Kee Vault app, you can generate new random passwords that are highly secure. Let Kee Vault create and safely store a secure password so you can avoid the risk of using similar passwords everywhere and avoid waiting for password reset emails when you forget.

If you’re changing an existing password, click on the password field and then the “lightning flash” generate icon.

If you’re creating a new entry, you might want to use the generate icon at the bottom of the screen in Kee Vault 1 or the “Generate single password” option in the main menu at the bottom of the screen in Kee Vault 2.

See you next time!

Hi again,

This introductory email is all about organising your passwords.

Once you have more than a handful of entries in your vault, the features that allow you to organise and find them quickly become increasingly important.

We’ve taken our decades of experience and combined it with innovative enhancements to offer arguably the easiest possible small-screen interface to help you rapidly find the information you are looking for within your Vault. We think that this is intuitive enough for you to discover how to use it but before many of the searching, filtering and ordering features are of use, you’ll want to organise the entries in some way that works well for you.

The specific instructions below are for Android/iOS (Kee Vault 2) but you will find that similar operations are possible in Kee Vault version 1.

Organising an entry

• A simple and highly visual organisation option is to assign one of 6 predefined colours to an entry.
• Labels allow you to assign any words you choose to an entry. Entries can have more than one label so they are a very effective way to organise your entries without having to make a difficult choice. For example, your health insurance entry could be labelled with both “health” and “money” while your gym locker lock code could be “health” and “lockers”.
• Groups can contain both entries and additional “sub groups”. If you’re familiar with computer file systems and other similar hierarchical organisational tools this will be natural to you; if not, it shouldn’t be too hard to understand but you may prefer to start with the simpler Label or Colour options above.

All of the above can be done from the usual entry view so just click on the entry you want to organise and scroll down to find all of the organisational possibilities. However, if you need to create a new group to move an entry into, you’ll need to do that first by following the steps explained below.

Creating a group

1. Open the group filter view by tapping on the filter bar or filter icon in the top left of the app
2. Long-press on the group you want to contain (be the parent of) your new group and select “New group”. If you have no groups yet, you’ll be long-pressing on the top-level “My Kee vault” group.

Organising and deleting a group

1. Open the group filter view by tapping on the filter bar or filter icon in the top left of the app
2. Scroll the view until you can see the group you want to rename, move or remove
3. Long-press on the group and select “Rename”, “Move” or “Delete”

Deleting an entry

When you delete an entry it will be added to a “recycle bin” and hidden from your day-to-day searches. If you need to recover it, or look for entries stored in that bin, you can select that special bin group in the usual group filtering interface.

If you delete an entry (or the group that contains it) from the recycle bin, it will be permanently removed (unrecoverable).

Additional tips

Finally for this email, these tips might help:

• You can see which entry a group belongs to by scrolling to the bottom of the entry. If the name isn’t enough on its own, long-press on the name to see a tooltip that displays the entire group hierarchy for the entry.
• Also at the bottom of the entry you can see the created and updated dates which can be used to sort your entries into an order that suits you. Again, if the summary information is insufficient, you can long-press to see the exact time.
• You can move an entry to a different group using the button next to its group name.

Everything about Kee Vault is focussed on ensuring that you have simple access to the highest security. In this introductory email we’ll outline some of the tips and benefits that most impact the security of your Kee Vault.

Open source

We naturally strive to be trustworthy and believe that our experience, processes and quality software achieve this but our open source approach means that you don’t actually have to trust us in order to be confident in the security of your passwords!

All Kee Vault security software is open source because this is the only safe way to develop security software. You, or technically capable friends and family, can review the code that will interact with your secret passwords to verify that it really does what we claim it does; there’s no need to implicitly trust any companies or individuals, in contrast to most other commercial password managers and web browsers like Google Chrome.

You can read a bit more about this and access the source code via Open Source | Kee Vault Ltd

Argon2 security

Should your encrypted Vault become available to a malicious entity, it is important that they are not able to simply try all possible master passwords. With no further protection, any encrypted password store can be attacked at a rate of over a billion guesses per second. Even with a strong master password, at this rate it is feasible that an attacker may get lucky, especially if they focus on variations and combinations of commonly used passwords.

A process called key stretching provides protection against this risk. This forces anyone that wants to open the database to spend extra effort on each guess. For you, a small delay while opening your Vault using the correct password is a minor inconvenience (at most) but for an attacker it significantly reduces the number of guesses that can be made before the contents within becomes so old that it is worthless to the attacker.

Until recently, a technique called PBKDF2 has been the recommended way to perform this key stretching. It is susceptible to attacks that use specialised computers or the general purpose graphics processors available in many affordable consumer computers and cloud servers. To protect against attacks using this easily-purchased equipment, Kee Vault uses a newer technique called Argon2.

This technique is slower than PBKDF2 so the security delays when opening and saving your Vault are more likely to be perceivable, at least for the next year or two. We think this is a sensible trade-off in exchange for offering higher security than other password managers.

Malware

Having access to your passwords from anywhere is very convenient but just like with signing on to any other internet service, you should beware of the risk of malicious software running on the device that you sign in with.

Kee Vault, like other password managers has a limited amount of protection against malicious software running on your device but, in common with all password managers, it is impossible to protect against most threats. Given the attractive nature of any stash of passwords, it is reasonable to assume that someone who wants to target your stored passwords will easily work around the limited protections that can be put into place within any password manager.

To minimise your risk, keep your device up to date with the latest security updates. When accessing the web app version of Kee Vault at https://keevault.pm, try to avoid using untrusted (e.g. public) devices and keep your web browser up to date.

AES-256 security

Kee Vault protects your passwords using Advanced Encryption Standard (AES / Rijndael). AES is a US federal government standard and is approved by the National Security Agency (NSA) for top secret information. We use a 256 bit key size. AES-256 is recommended for protecting secrets for around 50-100 years - essentially right up until the limit of anyone’s best predictions of future technology development. Of course, these predictions will be updated as these distant times get closer so we’ll be keeping up to date with new technology and research so that we can make changes in future to ensure your ongoing protection.

There are many details to ensuring the secure use of AES so the more technical among you might be interested in some of those details: We use CBC block cipher mode so plaintext patterns are concealed; an initialization vector (IV) is generated randomly each time the vault is saved so that multiple databases encrypted with the same master key cause no problems; The authenticity and integrity of the data is ensured using a HMAC-SHA-256 hash of the ciphertext (Encrypt-then-MAC scheme).

Main password strength

The strength of your main (master) Kee Vault password is critical to the security of the passwords you store in your Vault so if you quickly picked an imperfect password while registering for the service, or if you ever have reason to be concerned that someone else knows your password, you should change it by following these instructions:

1. Save any changes on all of your devices, ensuring that we are able to upload the saved changes (make sure your device is connected to the internet)
2. Sign in to Kee Vault version 1 at https://keevault.pm in a trusted web browser, if you haven’t already done so
3. Click the account (user/person) icon at the bottom of the screen
4. Type a new password into the two boxes
5. Try to win as many “stars” as possible - length is more important than complexity (especially since you can never recover the information stored in your vault if you forget the password!)
6. Click the “Change password” button
7. (optional) Sign out and sign in again to convince yourself that it worked

You may still need your old password on other devices for a short while so don’t be too quick to forget it.

Dislike light coloured backgrounds? Do you have the eyesight of a hawk or need a bit more help in that area? Is English not your native language?

Both versions of Kee Vault can be customised in different ways.

Version 1 (web app at https://keevault.pm):

Look at the “General Settings” screen (the cog wheel icon at the bottom of the page). There you can switch to our dark theme, increase or decrease the text size or switch a part of the application into another language.

Unfortunately we’re a long way from being able to offer the complete Kee Vault experience in multiple languages but in version 1 (the Web App) some of the basic features are already available in French and German. The web browser extension is also already available in many languages thanks to the much appreciated Open Source contributions of a team of translators. The browser extension language is automatically set based upon the language of your web browser but you can choose in which language to display the Kee Vault web application.

You can configure a lot of other options here too. Some apply to the Kee Vault application on a single device and others apply on all devices. Some settings that relate to the way the browser extension works are set from within the browser extension settings because they apply to any Vault (or KeePass database) that the extension can access.

Version 2 (Android/iOS app):

The “Settings” item in the app’s main menu (bottom of the screen) lets you set your colour theme preference (otherwise we will just use the same setting as you have for your entire device). You can also set whether we Autofill your passwords into other apps and configure your biometric (fingerprint/face) sign-in preferences, along with several other options.

If you need to make the text in the app larger or smaller, please change the font size settings for your Android device. We use standardised font sizes so you should find that our app is usable no matter what your device preference is set to. However, if we haven’t got something quite right, or if you have accessibility needs which can’t be met by the app in its current state, please let us know on the community forum and we’ll try our best to accommodate your needs in a future app release.

In this penultimate Kee Vault introductory email we’ll cover some information and tips about ensuring you have access to your passwords whenever you need them.

Works offline

When disconnected or somewhere with an unreliable network, most online password managers stop working. With Kee Vault you can still access your passwords and other credentials (such as that long cryptic WiFi code to get reconnected!).

It might seem unbelievable but you really can load your internet browser and access https://keevault.pm even with your device in Aeroplane Mode - try it now! We haven’t been able to change the rules of Physics though, so you will need to be online for just the first time you load your Kee Vault on each of your devices.

Perhaps more believably, but still technically very clever (we think!), you can also get to your passwords while offline using the Kee Vault Android/iOS app.

Accessing Kee Vault from multiple devices improves availability when a device fails, even if this coincides with an internet failure so you have multiple ways to get to all your important passwords.

Offline modifications

Even rarer than “normal” offline access, both versions of Kee Vault even allow you to make changes when offline!

Our advanced synchronisation support means that changes are automatically sent to your other devices once the device with changes comes back online. There is a rare case where multiple changes to the exact same entry from multiple offline devices can result in only some of the changes persisting. A pretty unusual situation for sure, but to be on the safe side we recommend following the simple rule to only make offline changes on one device at a time.

Stop emailing yourself passwords

Using email, post-it notes, text messages or unencrypted files to transfer passwords between devices is insecure. Because Kee Vault is available on all your modern computers, phones and other devices, you can keep your passwords safe and secure.

KeePass compatibility

Kee Vault uses the most widely available Open Source password management storage format. It is highly secure and supported by dozens of other applications so if you ever need to end your subscription to Kee Vault, your data will be available in a secure format. Unlike most password managers, you’ll lose no information and don’t have to create insecure export files.

Kee Vault is always there for you on any modern device or web browser. If you need to use old systems from time to time, your vault is fully compatible with the 30+ KeePass Password Safe native applications, offering a greater range of platform support than any other web-accessible password manager. Simply save to a file (or use the “Export” feature in the Android/iOS app) and transfer it to the unsupported device. Note that changes you make to this exported file will not be applied to your Kee Vault so we recommend treating such exported copies as “read only” to avoid surprises.

Hi,

This is the final introductory email about Kee Vault. We hope you’ve learnt something interesting over the last few weeks, are enjoying using Kee Vault and will give serious consideration to continuing your subscription after your free trial ends soon.

Do your friends owe you a drink?

When an account is hacked, even on a seemingly “unimportant” website, criminals using your stolen data can often trick you and other people that know you into making mistakes that can compromise more important websites. This can lead to private information being made public or very serious financial losses and significant inconvenience.

By subscribing to Kee Vault and using it to protect your online accounts, you’re protecting your friends and family from this risk. So perhaps next time you see them, they should be buying you a drink or some cake to say thank you… it’s worth a try!

Individual password security

If you’re new to password managers you probably already have a lot of insecure and duplicated passwords in use at a lot of places. It’s daunting to upgrade them all to secure unique passwords managed by Kee Vault so why not schedule a short amount of time each week to start gradually improving their security? Start with your critical accounts like email and finances and work your way down to those niche discussion forums!

Once all your passwords are secure and unique, you’ll be safer than most people and can relax! However, to protect against undiscovered security breaches on each website or app, you might still want to consider changing the individual passwords every 5-25 years, depending on how critical the service is to your life.

The Kee Vault entry history feature will let you see how long ago you changed the password and we’ll be developing a variety of features to ease the process of changing passwords in the coming years so there should be more news on this topic before those 5 years are up.

Feedback

If you have any feedback, thoughts or ideas about Kee Vault or these introductory emails in particular, please sign up to our community discussion forum ( https://forum.kee.pm ) to join in with or start a discussion. We’re looking forward to hearing what we can improve and what we should keep doing. If you ever need to get in touch about something specific to your account just sign in to Kee Vault and send us a secure message. To keep your account secure, we can’t respond via email, phone or snail mail.

Thanks for reading!