Keeper Security Announces "Confirmation Mode" to Block Malicious Sites During Credential Entry
Keeper Security has added a new phishing countermeasure feature called "Confirmation Mode" to its browser extension v17.8, which blocks malicious sites during credential entry by verifying the destination website in real-time to prevent password input to suspicious or unregistered sites.
📋 Article Processing Timeline
- 📰 Published: April 28, 2026 at 18:00
- 🔍 Collected: April 28, 2026 at 10:01
- 🤖 AI Analyzed: April 28, 2026 at 16:07 (6h 5m after Collected)
Keeper Security APAC Inc. (Asia Pacific Headquarters: Tokyo, CEO and Co-Founder: Darren Guccione, hereinafter "Keeper"), a cybersecurity provider known for its zero-trust and zero-knowledge identity security and privileged access management (PAM), announced the addition of a new phishing countermeasure feature, "Confirmation Mode," in version 17.8 of its browser extension. Confirmation Mode allows users to verify the destination website on the spot immediately before entering credentials, preventing password entry to suspicious or unregistered sites.
Phishing attacks are becoming increasingly sophisticated, and the damage continues to grow year after year. Credential theft is one of the primary methods used to infiltrate corporate systems. According to Verizon's research, human error is involved in 60% of breaches, many of which are due to credential abuse or phishing. For companies operating in cloud, hybrid, and remote environments, measures against these threats are more crucial than ever. By using Confirmation Mode, a check is performed even when entering credentials, enabling countermeasures that do not rely solely on user judgment.
Darren Guccione, Co-founder and CEO of Keeper Security, stated:
"Phishing attacks target the moment users enter credentials. Even with sufficient caution, it's possible not to notice highly convincing fake sites. With Confirmation Mode, users can verify the destination on the spot and enter passwords only into trusted domains. It's important not only to store credentials but also to protect them when they are used."
Mechanism to prevent unauthorized use of credentials during input
In Confirmation Mode, when a password is pasted in a browser, the system verifies if the destination site matches the information stored in the Keeper Vault. If there is no match, a warning is displayed before submission, and users can choose to proceed or cancel after reviewing the content.
Furthermore, protection levels can be set according to organizational policies and risk tolerance:
- Medium: Warns when credentials are pasted to a site different from the saved site.
- High: Warns when a password is pasted to a site not registered in the Vault.
- Maximum: Requires confirmation before pasting on all sites (including trusted sites).
This allows organizations to select the appropriate level of protection while minimizing impact on operations.
Applying Zero Trust to credential usage
Introducing Confirmation Mode extends the concept of zero trust not only to credential storage but also to their actual use. Since verification is performed with each operation, organizations can accurately understand where credentials are being used.
Key benefits include:
- Reduced risk of credential-targeting attacks: Prevents phishing at the input stage.
- Enhanced security posture: Practices zero trust through continuous verification.
- Strengthened compliance: Makes it easier to demonstrate proper management.
- Reduced human error: Suppresses operational mistakes that lead to breaches.
The addition of Confirmation Mode strengthens Keeper's cloud-based platform, which integrates password management, secret manager, endpoint privileged access manager, AI-driven threat detection, and privileged access control.
As attacks targeting SaaS, cloud, and remote environments increase, companies need countermeasures that function at the point of use. Confirmation Mode protects credentials at the moment of use without hindering user operations.
Other enhancements to the browser extension
Version 17.8 also includes prompts to disable browser-native password management features and support for custom fields. When using the KeeperFill browser extension for the first time or logging in, users are prompted to set Keeper as the default password management tool. While optional, this setting prevents interference with browser-native features and enables more stable auto-filling.
Furthermore, custom fields can now be added directly to records from the browser extension, eliminating the need to switch to the web vault. Custom fields can be added without limit and reordered by drag-and-drop. Information such as security questions, PINs, and login notes can be stored, and by default, the content is not displayed.
Confirmation Mode is available for the Keeper Enterprise browser extension. Administrators can enable it and set protection levels from the Keeper Admin Console. For details and demo requests, please refer to KeeperSecurity.com.
Phishing attacks are becoming increasingly sophisticated, and the damage continues to grow year after year. Credential theft is one of the primary methods used to infiltrate corporate systems. According to Verizon's research, human error is involved in 60% of breaches, many of which are due to credential abuse or phishing. For companies operating in cloud, hybrid, and remote environments, measures against these threats are more crucial than ever. By using Confirmation Mode, a check is performed even when entering credentials, enabling countermeasures that do not rely solely on user judgment.
Darren Guccione, Co-founder and CEO of Keeper Security, stated:
"Phishing attacks target the moment users enter credentials. Even with sufficient caution, it's possible not to notice highly convincing fake sites. With Confirmation Mode, users can verify the destination on the spot and enter passwords only into trusted domains. It's important not only to store credentials but also to protect them when they are used."
Mechanism to prevent unauthorized use of credentials during input
In Confirmation Mode, when a password is pasted in a browser, the system verifies if the destination site matches the information stored in the Keeper Vault. If there is no match, a warning is displayed before submission, and users can choose to proceed or cancel after reviewing the content.
Furthermore, protection levels can be set according to organizational policies and risk tolerance:
- Medium: Warns when credentials are pasted to a site different from the saved site.
- High: Warns when a password is pasted to a site not registered in the Vault.
- Maximum: Requires confirmation before pasting on all sites (including trusted sites).
This allows organizations to select the appropriate level of protection while minimizing impact on operations.
Applying Zero Trust to credential usage
Introducing Confirmation Mode extends the concept of zero trust not only to credential storage but also to their actual use. Since verification is performed with each operation, organizations can accurately understand where credentials are being used.
Key benefits include:
- Reduced risk of credential-targeting attacks: Prevents phishing at the input stage.
- Enhanced security posture: Practices zero trust through continuous verification.
- Strengthened compliance: Makes it easier to demonstrate proper management.
- Reduced human error: Suppresses operational mistakes that lead to breaches.
The addition of Confirmation Mode strengthens Keeper's cloud-based platform, which integrates password management, secret manager, endpoint privileged access manager, AI-driven threat detection, and privileged access control.
As attacks targeting SaaS, cloud, and remote environments increase, companies need countermeasures that function at the point of use. Confirmation Mode protects credentials at the moment of use without hindering user operations.
Other enhancements to the browser extension
Version 17.8 also includes prompts to disable browser-native password management features and support for custom fields. When using the KeeperFill browser extension for the first time or logging in, users are prompted to set Keeper as the default password management tool. While optional, this setting prevents interference with browser-native features and enables more stable auto-filling.
Furthermore, custom fields can now be added directly to records from the browser extension, eliminating the need to switch to the web vault. Custom fields can be added without limit and reordered by drag-and-drop. Information such as security questions, PINs, and login notes can be stored, and by default, the content is not displayed.
Confirmation Mode is available for the Keeper Enterprise browser extension. Administrators can enable it and set protection levels from the Keeper Admin Console. For details and demo requests, please refer to KeeperSecurity.com.