Before you start

• Only share passwords with external parties using Keeper's One-Time Share feature — never by email, Teams, or text message
• One-Time Share creates a secure, time-limited link — the recipient does not need a Keeper account
• The link is locked to the first device that opens it, so it cannot be forwarded on and used by anyone else
• Only share externally when there is a genuine business need — if in doubt, check with IT first
• You can only create a One-Time Share for records that you own or have "Can Share" permission on

Creating a One-Time Share

• Log in to your Keeper Vault using the desktop app or web vault
• Find the record (password) you want to share
• Open the record and click the Share icon (or right-click the record > Share)
• Select One-Time Share
• Choose an expiry time for the link (e.g. 1 hour, 12 hours, 1 day, 7 days) — choose the shortest time practical
• Click Generate / Create
• Copy the link, or scan/share the QR code if the recipient is present
• Send the link to the recipient — ideally by a different channel than you'd normally use with them, and confirm with them directly that they're expecting it

What the recipient sees

• The recipient opens the link in their web browser — no Keeper account or app needed
• They can view the record (username, password, and any attached details) until the link expires
• The record is view only — they cannot edit it or see anything else in your vault
• Once opened, the link only works on that first device

Revoking access

• You can cancel a One-Time Share at any time before it expires
• Open the record > Share > One-Time Share > find the active share and select Remove / Delete
• The link stops working immediately
• Once the share has served its purpose, revoke it rather than waiting for it to expire

Good practice

• Set the shortest expiry that will do the job — an hour is often enough
• One record per share — don't bundle unrelated credentials
• If the credential is sensitive, change the password after the external party has finished with it
• Never share your own work credentials (e.g. your Microsoft 365 login) with anyone, internal or external
• Keep a note of what was shared, with whom, and why — useful if anything needs to be investigated later
• If an external party needs ongoing access to a system, don't repeatedly share a password — speak to IT about setting up a proper guest or external account instead