Passwords are a terrible way to authenticate your identity, but we’re stuck with them for now.
It’s important to use a strong and unique password for every website you visit, and the only way to accomplish that feat is with the aid of a password manager.
The best password managers take the pain out of passwords, smoothly logging you in as needed and also helping you replace your weak and duplicate passwords.
AuthEntry Gatekeeper Pro is not among this group, however; I found it exceedingly awkward to use.At $19.99 per year, at least Gatekeeper isn’t expensive.
Editors’ Choice Dashlane 4 lists for twice that price. However, LastPass 4.0 Premium, also an Editors’ Choice, costs just $12 per year.
Complicated InstallMany modern products have streamlined the install process. You click one button to accept the license agreement and start the installation, then just sit back and let it work. Not Gatekeeper.
The installer goes through eight steps.
At one step, it displayed the message, “Process execution failed.
Continue anyway?” I chose to continue, and it finished the installation.
Having the app installed is just half the battle, though. You also need to create an online account.
In the process, you must create a master password, a PIN, and a master PIN.
This last is basically a second master password, as it can use any characters, not just digits. Oddly, you can enter a hint for the PIN, but not for the master password or master PIN.
Don’t forget any of these!
The Gatekeeper website offers a collection of videos and documents to help you get started. However, many of them aren’t actually available. My company contact confirmed that these are “a work in progress.” I had a ton of questions during this review; I really would have liked to have that documentation.
I suspect users would, too.
Two-Factor AuthenticationYou’re going to need two-factor authentication because some program features and settings just aren’t available without it.
Grab a mobile device, go to the appropriate app store, and search for Gatekeeper 2FA.
Once the app is installed, tap Register Device and log in with your Gatekeeper credentials.
That’s it; you’re ready to go.
Any time you click the big image at the top of the app, it generates a six-digit passcode and starts counting down that passcode’s 30-second lifespan.
Note that this isn’t a general-purpose authentication tool.
It won’t replace Google Authenticator the way Twilio Authy and Duo Mobile can.
It’s strictly for use with Gatekeeper.
The 2FA application also includes a mobile version of Gatekeeper’s password generator, which I discuss below.
If you’re using a mobile edition of Gatekeeper on the same device as the 2FA app, you tap the Generate Passcode button and enter your PIN.
No Browser IntegrationMost password managers install an add-on for popular browsers.
This lets them perform helpful tasks like capturing credentials when you log in manually, and automatically filling saved credentials for you.
Gatekeeper takes a different approach.
My company contact explained that, even now, the Edge browser in Windows 10 doesn’t allow any add-ons, and that Chrome and Firefox may follow suit.
That being the case, the designers decided to have Gatekeeper use its own Chromium-based browser.
That’s not wholly unreasonable. Quite a few password managers require a proprietary browser when installed on iOS or Android.
But it’s not at all common in Windows-based products, and modern mobile password managers no longer require use of a proprietary browser.
I don’t know how happy users will be to give up their browser of choice.
Worse, the Gatekeeper browser really isn’t usable as a browser. You can’t navigate to the site of your choice, because it has no Address Bar.
The only thing you can do is visit the sites for which you’ve saved account information.
At least the iOS and Android proprietary browsers I mentioned are full replacements for the standard browser.
Manual LaborSince Gatekeeper controls its own browser, I expected that it would capture and replay credentials, like most competing products.
I was wrong; adding an account to the system is a wholly manual process, just like with F-Secure Key.
Account creation in Keeper Password Manager & Digital Vault 8 falls somewhere in between. You navigate to the login page and enter your username and password in Keeper’s popup box, and it then saves the credentials and logs you in.
To add a secure site to Gatekeeper’s list, you start by clicking Add Account. You then fill in a name for the account, your username and password, and the login URL. Note that this must be the actual URL of the login page. Your best bet is to start the login process in a different browser and copy/paste the URL into Gatekeeper. Password expiry is optional; you can set passwords to expire in any number of days from one to 365.
You can set your more sensitive sites to always require two-factor authentication.
And you can set any account to use a site-specific PIN rather than the default PIN. (Great—one more thing to remember!)
Your saved accounts appear as large buttons filling the width of the Gatekeeper window.
It looked strange to me at first, on Windows, but on a mobile device the interface is perfectly natural.
This is a simple alphabetical list, with no option to tag or categorize your entries, so it could get unwieldy if you saved dozens of accounts.
Fortunately there’s a search function.
As you type in the Filter box at top, the list narrows to only show entries containing what you’ve typed.
When you click one of those big buttons, you first see a screen that shows the login, expiration date, URL, and any notes you’ve made. You can also click a box to get the password, or the previous password for this site.
It’s a tad awkward.
First, you enter your PIN to get the password into the box.
Then you click a button labeled Hide to show the password.
At this point you could copy/paste it into your preferred browser.
Most of the time, you click the item in Gatekeeper’s list and immediately click the URL to visit the site.
At this point, by default, Gatekeeper pops up a window demanding your PIN and master password. Once you enter those, it auto-fills your credentials and logs in to the site.
The box that collects your master password has a checkbox titled Verify. My company contact explained that if this is checked, Gatekeeper displays the password without entering it.
Some users, apparently, store a reminder rather than the actual password, so the password itself is never in the system.
In my testing, I could not get this feature to work. When I clicked the link to show the password, the window simply closed. My contact confirmed this as a bug.
Security ChoicesMany users will quickly tire of entering the PIN and master password every time they visit a website. Never fear; you can relax that restriction.
In the main window, click the Actions box at top right, choose Admin, and click the big button labeled Access Control.
At this point you must enter the passcode from the 2FA app on your mobile device.
After entering the passcode, you must click Access Control again.
Here you can configure just what Gatekeeper requires of you to log in.
By default, it needs both your master password and either a PIN or passcode. You can set it to require just the master password, or just the passcode supplied by the 2FA app.
Going the other way, you can tell it to always use two-factor authentication.
Speaking of security, I should note that if you leave Gatekeeper idle it will log you out after a short interval that you can’t change.
Its appearance doesn’t change, but if you try to do anything it pops up a warning and returns to the home screen.
At this point, your list of logins is totally visible by deafult, but clicking them just opens the website, with no access to your credentials.
I’m not so sure I like that.
I wouldn’t want a snoop to see even the names of my secure sites.
Fortunately this feature, called Link Preview, can be turned off.
Password GeneratorWith LastPass, Dashlane, Sticky Password Premium, and many others, you can launch the password generator tool at any time.
Gatekeeper works differently.
At the time you create an account, you must choose the Generated Password workflow rather than the default LogOn workflow. You’ll still enter the account name, username, and URL, and optionally add notes or define how long before the password expires.
That much remains the same.
Instead of entering a password, though, you click Generate Password.
But first, you must select a password format. Most password generators use checkboxes to let you select character sets: capital letters, small letters, digits, and symbols.
Gatekeeper instead spells out each possible combination of Alpha (regardless of case), Numeric, and Symbols. You also need to choose a password length—the default length is one character! That’s the lowest default I’ve seen. Please choose at least 16 characters.
There’s another password generation option that I haven’t seen anywhere else, though KeePass 2.28 offers something slightly similar. You choose Formatted and then specify a format string using special control characters.
Every @, #, and % in the string gets replaced by an alpha, numeric, or symbol character, respectively, and * stands for any character at all.
What’s truly unusual is the way it handles the caret (^) control character. Put a sequence of carets in your format string and the password generator will replace them with a word of that length.
For example, I entered the format string %^^^^^^#^^^^^^% and got #Firmer3Utters’.
I just don’t see the point of this arcane system.
The whole reason to use real words in your passwords is to make them memorable (it also makes them easier to break using a dictionary attack).
And the point of using a password manager is that it frees you from having to memorize passwords.
But wait, there’s one more password type! If you choose Seed, you don’t enter or generate a password at all. When you visit the site, Gatekeeper prompts you for a seed value, something you’ve memorized, and generates a password based on that seed without ever storing it.
It doesn’t know the actual password. You don’t know the actual password either.
But of course, you’d better not forget that seed value.
Other Account TypesIn addition to the default LogOn account type and the Generated Password type, Gatekeeper offers three other types: Simple Password, Secure Password, and Password.
Secure Password is just the same as Generated Password.
The difference is that you get a place to record up to three security questions and answers.
For router passwords and other non-Web passwords, the Simple Password account type just stores the account name, username, and password, along with any notes and the optional expiry time.
The Password account type is the same, but adds the ability to use a generated password and specify an account-specific PIN.
What if you chose the wrong account type initially? Don’t worry.
There’s an option to migrate your data to a different account type.
I worried that migrating to a URL-less type and back would lose the URL data; it doesn’t.
Still, I question the need for defining all these different account types.
Competing products get by just fine without them.
Hands On With GatekeeperI launched Gatekeeper and started adding accounts, some big names, some less commonly used.
And I immediately ran into trouble.
The two-page login used by Gmail bollixed Gatekeeper.
It couldn’t handle entering the username on one page and the password on the next. With Dropbox, clicking Sign in doesn’t change the URL, but rather displays a popup login window; Gatekeeper couldn’t handle that either.
There’s a workaround for Dropbox, a URL that gets you a non-popup login page.
But that won’t be the case for every site.
I tried to log in to my account on the petitions page at whitehouse.gov.
The site opened in Gatekeeper’s browser, but a small popup stated “No SiteInfo: support has been notified and will resolve the issue shortly.” The same thing happened on the AAA site, a recipe site, and an antivirus testing lab’s site.
My company contact confirmed that Gatekeeper can’t handle a site it’s never seen before without intervention from support.
Seriously? On the plus side, it didn’t take long for the problem sites to be fixed in my testing.
Other sites worked fine.
I had Gatekeeper set to authenticate with a passcode, but I quickly tired of whipping out the 2FA app every time.
I changed it to password-only, which was better. Most competing products do include the option to require the master password for every login, but don’t enforce it by default.
Mobile EditionI didn’t spend a lot of time with the mobile edition, because it works almost exactly the same as the desktop edition.
I loaded it up on the same Nexus 9 that I’d been using for 2FA and explored the app a bit.
Every time I stopped to make a note, it logged me out, forcing me to re-enter my 16-character master password.
I can type that password in a flash on a keyboard, but not on a tablet or smartphone.
When I tried to use the 2FA app along with the main Gatekeeper app on Android, it didn’t work.
It reported that the device wasn’t registered, and advised me to check the Manage Devices page.
But the device was clearly listed on that page.
I quit before I could get too frustrated.
What’s Not HereI’ve mentioned a number of common password manager features that are absent or different in Gatekeeper.
It makes you use a proprietary browser.
It doesn’t capture your credentials when you log in. You can’t invoke the password manager without going into the account creation module.
And so on.
A number of other common and less-common features are also missing in action.
Many password managers parlay their password-filling abilities into full-scale Web form filling. You record addresses, contact info, credit card details, and so on, and the password manager fills in the necessary items. RoboForm Everywhere 7 is probably the most flexible of these.
Gatekeeper doesn’t attempt to fill forms.
Dashlane and LastPass encourage you to fix your weak and duplicate passwords.
Each has an actionable security report that flags the worst offenders and helps you fix them.
For some sites, they can even automate the password change process. LogMeOnce Password Management Suite Ultimate and Password Boss Premium also include an actionable security report.
Gatekeeper doesn’t include password changing or a security report, though the latter is planned.
LastPass, Dashlane, LogMeOnce, and a few others let you securely share credentials with friends or family. LastPass and Dashlane even provide for passing your credentials to your heirs in the event of your untimely demise.
Admittedly, this is a less common feature, but very useful for some.
One last nitpick.
Gatekeeper’s user interface got on my nerves in many tiny ways. When it asks for a passcode to enable editing security functions, it doesn’t put the focus in the passcode entry box.
I frequently found myself staring at the phone and typing the code, only to find that what I typed wasn’t captured.
The login screen doesn’t put the focus on the password box.
And in several dialog boxes, pressing Enter doesn’t submit the form.
It just feels a bit sloppy.
Look ElsewhereThe best password managers keep your data safe while streamlining the experience of securely logging in to websites.
I found AuthEntry Gatekeeper Pro to be unwieldy, awkward, and hard to use.
It includes some features that are unique, but not necessarily important.
And I quickly found in testing that it couldn’t manage every website.
It does enforce a higher degree of security than some, but you can get the same result by enabling optional security features in competing products.
Of our three Editors’ Choice password managers, Dashlane 4 costs more than Gatekeeper, Sticky Password costs the same, and LastPass Premium 4 costs less.
Any one of these will be a better choice.
Passwords are a terrible way to authenticate your identity, but we’re stuck with them for now.