Enhancements:

• AN-7857: Updated user avatars throughout the app, displaying the logged-in user's avatar and generic icons for other user accounts.

• AN-7887: Revamped Autofill UI on Android with updated styling, including improvements to record creation from the Autofill extension, enhanced password generator functionality, and the ability to create passphrases directly from Autofill. Additionally, search and fill UI elements have been optimized for a smoother experience.

• AN-8087: We’ve refreshed the design of login and registration screens with updated visuals, including smoother button styles, an updated Keeper logo, and the ability to view your password as you type.

• AN-7789: We’ve improved how BreachWatch scans are refreshed to ensure more accurate and timely updates, without relying on screen reloads or app restarts.

• AN-8816: Optimized record sync by reducing unnecessary data checks, making sync faster and more efficient – especially for users with larger vaults.

• AN-6934: You can now set a default action when tapping a URL in a record—like opening in your browser, using Keeper, or copying the link—with the flexibility to change it anytime with a long press.

• AN-7987: We’ve cleaned up how record titles and usernames are displayed by removing any extra spaces at the beginning, making your vault look neater and easier to read.

• AN-8689: Updated dependency declarations for improved maintainability.

• AN-8690: Enabled automatic dependency version upgrades related to library upkeep.

• AN-8698: Upgraded the Compose version to 1.9.3, including improvements related to favicon display and sync functionality.

• AN-8843: Improved 2FA security on Wear devices.

• AN-8379: Improved how we track feature engagement across different account types and scenarios, including when users are offline. This provides a better understanding of which features are most useful.

• AN-8444: Updated the Manage Users UI to compose, improving performance and allowing for easier UI maintenance later on.

Bug Fixes:

• AN-6758: Fixed an issue where backing out of the account registration flow could cause session errors.

• AN-7716: Updated the error message shown during a master password reset to clearly explain when the current password entered is incorrect, making the process more helpful and less confusing.

• AN-8480: Fixed an issue where the passphrase generator wasn’t appearing for security answer fields.

• AN-8484: Updated shared folder permissions to match the web vault behavior, ensuring users can always create and manage their own records when certain team permissions conflict.

• AN-8270: Resolved an issue where the TOTP autofill was inserting incorrect placeholder values instead of the actual code.

• AN-7850: Resolved issues with Enterprise account setup where usernames weren’t prefilled and license upgrades weren’t applied correctly.

• AN-8162: Fixed an issue where users with 2FA enabled were unable to complete the Autofill login flow after being prompted to save credentials while logged out.

• AN-8211: Addressed an issue where folder names appeared blank when moving records between folders in Hebrew language settings.

• AN-8443: Updated UI where usernames associated with passkeys were not displaying in row view for custom record types.

• AN-8502: Resolved a bug where the “Change From” section incorrectly appeared when converting multiple record types at once.

• AN-8656: Fixed an issue where deleting custom text fields would remove the titles of other custom fields before saving a record.

• AN-8679: Addressed invisible move button at the record detail level. The button is now properly displayed in record detail.

• AN-7309: Fixed an issue where users with restricted record type permissions could still create unsupported record types, including mislabeled "General" records.

• AN-7329: Resolved bug when a user with read only access on specific records was able to update a record via long-tap.

• AN-7359: Fixed an issue where irrelevant record types appeared when using the “Watch Favorites” filter or searching with filters applied.

• AN-7779: Fixed an issue where users onboarding into SSO with a Master Password complexity role were incorrectly prompted to manually update their password, instead of it being updated automatically.

• AN-8445: Addressed a bug where autofill would not fill the password field when signing into Bank of America.

• AN-8781: Fixed an issue where linked/shared records were causing incorrect visibility and behavior in the vault. Specifically, linked address/payment records were appearing when they shouldn’t, and in some cases, shared records were not visible to the recipient.

• AN-8840: Resolved a bug where the last record in the “Add Existing Record” screen was being cut off and only partially visible when adding records to a folder.

• AN-8847: Fixed an issue where users were incorrectly prompted with a Google Chrome SSO error on devices with no default browser or when Chrome was uninstalled, preventing successful SSO login.

• AN-8882: Addressed an issue where Breachwatch records were being incorrectly passed.

• AN-8904: Removed old wear OS service entries.

• AN-8486: Resolved issue with the American Airlines app, where “from” and “to” fields would trigger “Sign into Keeper” or would prompt to save address incorrectly.

• AN-8798: Fixed a bug where a shared user was able to unmask a password with the enterprise enforcement for privacy screen enabled.

• AN-8906: Addressed a crash when multiple accounts are added to Keeper and the user logs out via the Account screen.

• AN-8907: Resolved issue with Breachwatch scan button being visible for trial or paid accounts without a Breachwatch license.

• AN-8908: Fixed a crash when the user saves a record that contains a password field and a field with multiple inner fields. Exiting the record and reopening the same record could cause a crash or the multiple inner field item to not appear.

• AN-6435: Addresses a bug related to privacy screen enforcement restricting unmask while a user is in edit mode.

• AN-8803: Resolved a bug where a user is enabling special characters for the password generator and the last character enabled is not being added.

• AN-8913: Fixed a bug when a user creates a shared folder and attempts to add a user to the shared folder immediately, the added user is not saved on first attempt.

• AN-8910: Fixed an issue in BreachWatch where ignored records, including shared ones, did not automatically move to the "Resolved History" section after being ignored in scan results.

• AN-8926: Corrected alignment and padding issues in various bottom sheets, including "Account Type" in Bank Account records, "Record Access Expiration" for One-Time Share, and "Web Address Options" when interacting with URLs.

• AN-8927: Wi-Fi record types have been set to read-only mode on Android to prevent potential data issues until full editing functionality is implemented.

• AN-8932: Fixed an issue where BreachWatch and Security Audit data was not being correctly sent from Android devices to the Enterprise Console.

• AN-8937: Resolved an issue where BreachWatch scan results did not immediately display newly identified at-risk records after purchasing BreachWatch.

• AN-7992: Resolved an issue where the date filter would reset when navigating to other tabs like Favorites or Two-Factor.

Enhancements:

• AN-8336: Implements an update to offline mode for Keeper on Android that allows users to access their vault without an internet connection. Users can enable or disable offline mode and select the duration of offline access (from 1 day to Always), with enterprise accounts having a maximum 30-day limit. Offline mode is decoupled from 2FA settings, and clear notifications inform users when 2FA will be bypassed while offline. Enterprise admins can manage offline access settings, with disclaimers displayed when offline mode is restricted.

• AN-8649: The Keeper WearOS app underwent a redesign to align with Google’s latest WearOS guidelines and is available once again on the Google Play Store!

• AN-7618: Adds a "Get Started" banner on the vault screen to guide users through account setup steps. The banner remains visible until all steps are completed, with options to ignore and completion check-marks.

• AN-8118: Revamps the empty state screens across the Keeper Android app with a unified design, including a rotating carousel on the Vault page and tailored messages for other pages.

• AN-8566: Adds a toggle in the Settings of the Keeper Android app to automatically approve devices signing in from trusted IP addresses. The feature is off by default and can be enabled by users to streamline sign-ins, while respecting enterprise restrictions where applicable.

• AN-8745: Improves the way Privileged Access Management (PAM) records are displayed on the Android app.

Bug Fixes:

• AN-8683: Addressed scrolling issue while editing secure notes field.

• AN-8505: Fixed autofill prompt during Venmo use.

• AN-8630: Resolved vault scrolling when switching filters.

• AN-8488: Updated button background design on pop-ups for consistency.

• AN-8235: Addressed visual issues with mask and font elements on record fields.

• AN-8705: Fixed hidden custom field display on other clients when originating from Android.

• AN-8639: Updated push notification work around to comply with latest backend bug fix.

• AN-8805: Addressed Play Store crash related to login with no accounts.

• AN-8470: Fixed custom field duplicates being displayed on other Keeper clients.

• AN-8819: Resolved UI icon layout on WearOS when localization occurs.

• AN-8825: Updated restore button sizing when a record with a long title has been deleted.

• AN-8827: Addressed proper error message display for back-end throttling when toggling certain settings.

• AN-8828: Fixed biometric availability on second login for enterprise accounts.

• AN-8832: Resolved “Available Offline” indicator on login screen when offline mode toggle is disabled.

• AN-8829: Addressed issue when updating the application while logged in offline.

• AN-8717: Fixed missing biometric after registering new user.

• AN-8839: Resolved missing information on Android when custom templates are updated on web vault.

• AN-8840: Updated the add record screen display related to record UID information.

• AN-8844: Addressed inconsistency related to offline toggle setting and users ability to access offline mode.

• AN-8851: Implemented proper dialogue on empty state UI, calling attention to Passkeys.

• AN-8854: Resolved crash on specific PAM records when viewed in Android vault.

• AN-8853: Fixed first time users permission set related to shared folders.

• AN-8855: Addressed PAM PEM key display visibility state and length after version update.

• AN-8857: Updated the “add records” empty state icon to align with design additions.

• AN-8858: Resolved display issue when a team has multiple shared folders and a new user is added.

• AN-8863: Fixed some hidden fields being required when editing a record related to an enterprise.

• AN-8864: Addressed display of hidden fields created on Android showing appropriately in the web vault.

Enhancements:

• AN-7942: Security Updates.

• AN-7421: Sync improvements.

• AN-8569: Updates to root detection on Android devices, blocking access to GovCloud accounts from rooted devices.

Bug Fixes:

• AN-8113: Addressed additional payment info displayed in the payment card row when unmasked.

• AN-8227: Resolved trash button functionality if no records are in trash.

• AN-7431: Fixed scrolling issue when account total is greater than 15.

• AN-8176: Addressed error dialogue display when user attempts to download a file in offline mode.

• AN-8093: Updated Security Audit Reused tab to display numbered list.

• AN-8415: Pricing display adjustment for expired unlimited promo.

• AN-8541: Fix for “required” field display when multiple custom fields are deleted.

• AN-8652: Proper toast displayed when sync is finished.

• AN-8666: Addressed issue when user creates a shared folder, performs a full sync and attempts to add another user.

• AN-8664: Resolved icon display issue on screens where it shouldn’t display.

• AN-8577: Improved clarity on the password import screen.

• AN-8579: Fixed app becoming non responsive during import of large files.

• AN-8685: Addressed crash when sharing folder.

• AN-8686: Resolved crash when transferring folder with zero records.

• AN-8703: Fix sharing issue for enterprise users sharing V2 records with-in enterprise.

• AN-8709: Addressed blank share screen when permissions are in effect.

• AN-8712: Updated Share Invite Dialog so that it only appears one time.

• AN-8711: Resolved crash when uploading a file to a shared folder with no permissions.

• AN-8715: Fixed permission issue when a shared folder owner has permissions revoked.

• AN-8720: Addressed multi user account switch when immediately entering a shared folder and attempting to create/edit records.

• AN-8722: Update to Team Folders, users with proper permissions can add other users.

• AN-8707: Design adjustment on login screen regarding too much blank space.

• AN-8673: Resolved issue when multi account users switch accounts and attempt to immediately delete a record.

• AN-8724: Fixed removal of a team on a shared folder.

• AN-8725: Addressed custom template display on specific encryption methods.

• AN-8729: Resolved share issue when a record inside of a folder has an associated address or payment card.

• AN-8676: Fixed share folder crash when a record is added when user doesn’t have permissions.

• AN- 8733: Addressed potential sync issues when linking records without proper permissions.

• AN-8737: Adding a team to a shared folder and returning to the vault no longer displays a missing permission error.

• AN-8743: Fixed issue when a shared folder has multiple records from multiple owners and the user then attempts to add an additional user or record to that folder.

• AN-8751: Resolved missing records in a shared folder when the records do not have a direct owner.

• AN-8752: Dialogue prompt updated when sharing a record to another user to display a proper success message.

• AN-8247: Addressed error when deleting a payment card that was previously linked to record(s).

• AN-8753: Updated the Recently Deleted page after emptying to remove highlights.

• AN-8755: Fixed Team Folder issue related to syncing team folders.

• AN-8772: Resolved sync dialogue display during sync on the account screen.

• AN-8797: Addressed shared folder sync upon login.

• AN-8799: Fixed shared dialogue dismissal.

Enhancements:

• AN-8485: We’ve implemented support for equivalent domains in the Android app to enhance the autofill functionality. This update will allow domains like Microsoft, Azure, and microsoftonline.com, that all use the same login information, to be suggested as fill options.

• AN-8429: The auto-suggest feature during record creation has been enhanced to include the user's primary Keeper account email as a suggested option in the email field. This improvement will streamline data entry by displaying the primary email alongside other suggestions, making it easier for users to fill in their records without repetitive typing or errors.

• AN-8198: Support for granular policies set by your enterprise administrator.

• AN-8383: Implemented granular re-authentication for enterprise users in the Android app, requiring users to verify their identity when viewing or copying masked passwords or fields. This feature is controlled by admin console settings.

• AN-8584: The Google Importer screen has been updated to include clear instructions for users on exporting passwords from Google Password Manager and importing them into Keeper. Additionally, the "Learn More" button will now direct users to the specific section of the user guides for importing passwords, improving user guidance and experience.

UI Updates:

• AN-7889: Migrated the profile photo and associated menu items; from the navigation drawer to the avatar menu for a refreshed UI.

• AN-8417: The record history page received significant updates to enhance UI consistency and improve user experience. Key changes include adding the current version number, displaying the record’s favicon, removing redundant text, updating date color for better visibility, showing all dates in local time, and providing a description of changes for each record entry.

• AN-7886: Refactored the filtering UI to integrate seamlessly between search and user object lists, aligned filtering menus for Vault, Favorites, and TOTP views, and updated colors on the filters bottom sheet.

• AN-8088: Added the new “Show Numbers in List View” setting to Settings, ensuring numbers appear in the Vault UI only when enabled, and only in specified views and filters.

Other Improvements:

• AN-8431: Users can now view files they've downloaded even when they're offline, eliminating the need for an internet connection.

• AN-7465: Improved ability to add or adjust users avatar image from Account screen.

• AN-8448: Updated the Change Master Password UIs to Jetpack Compose for improved performance and easier maintenance.

• AN-7186: ​​Researched ways to reduce contention between Keeper autofill and Gboard autofill/autosuggest, addressing issues where Keeper interrupts Gboard’s functionality during form entries.

• AN-8463/8468: File migration resulting in improved logging efficiency.

Bug Fixes:

• AN-7609: We've fixed the issue where users would lose unsaved changes and get logged out unexpectedly while creating or editing records, ensuring a smoother experience.

• AN-8533: We've resolved the issue where PAM record types were incorrectly appearing in the sorting screen for all Enterprise users, even for accounts that don't have PAM set up.

• AN-8492: Improved dialogue for the “Welcome to Keeper” screen.

• AN-8398: We've fixed the issue where expired paid users trying to upload a file would receive a "purchase unsuccessful" message instead of the payment prompt, ensuring the correct upsell dialog appears as intended.

• AN-8350: We've resolved issues with the BreachWatch feature where the green checkmark icon was missing after a first-time scan and was displayed incorrectly for updated passwords in v2 record details. Now, users will see the correct icons as expected.

• AN-7970: We've fixed the issue where adding a record to "Favorites" or "Watch Favorites" on one Android device was not syncing correctly to a second device, ensuring that favorites are now properly synced across devices.

• AN-8128: We've fixed the issue where a blank bottom sheet appeared when using the pinch-zoom feature on custom fields in v2 records, such as passwords, phone numbers, and website addresses. Now, pinch-zoom will be properly disabled in these scenarios.

• AN-8464: We've fixed the issue where the "Upgrade" button next to Secure File Storage appeared incorrectly for users with larger font size settings, ensuring that the button displays properly regardless of font size.

• AN-8265: We've resolved the issue where the Secured Note field did not display correctly as a custom field on Android after converting a Secured Note record. Now, it will show properly, just like in the Web Vault.

• AN-7169: We've fixed the issue where data in the Secured Note field would disappear when changing record types, ensuring that the information is retained and displayed correctly as a custom field when switching to another record type.

• AN-8404: We've fixed the issue allowing expired users to receive and view shared records beyond the 10-record limit, ensuring that these records remain on the server and do not appear in the user's vault until they reactivate their account.

• AN-8072: We've fixed the issue where converting a v2 record to v3 on the web vault did not reflect the new record type in edit mode on Android, ensuring that changes are properly displayed without needing to clear app data.

• AN-8543: Fixed an issue where the KeeperFill dialog reappeared after switching accounts, even when it was already activated.

• AN-8036: Resolved a bug where setting a Payment Card as "Default Card" would reset after refreshing the detail view across different devices.

• AN- 8574: Fixed an issue where the first password generated with the Password Generator didn’t include digits, even with the Digits toggle enabled. Subsequent passwords worked correctly.

• AN-8144: Resolved an issue preventing users from logging into accounts with Offline Access when the router is powered on but the internet is down.

• AN-8373: Fixed a UI issue where the save prompt animation appeared oddly when users saved via Autofill.

• AN-8413: Fixed a registration issue where email addresses with upper-case characters caused validation errors; now, email addresses are automatically converted to lower-case during registration.

• AN-7847: Resolved an issue where submitting a valid Recovery Phrase during account recovery after backing out would incorrectly display an error message.

• AN-8585: Fixed an issue where users with enterprise accounts without 2FA enforcement were incorrectly directed to the Two Factor Settings screen after switching from a 2FA-enforced account.

• AN-8586: Fixed an issue where auto-suggest was not working for the username and custom field title fields on certain accounts.

• AN-7752: Resolved an issue where Android users saw "No Data Changed" in Record History after changing passwords via the Browser Extensions flow, affecting other actions like adding or deleting data as well.

• AN-8471: Fixed an issue where the Biometrics UI was unavailable for Enterprise accounts after the first logout and for SSO accounts until the setting was toggled off and on.

• AN-7068: Resolved an issue where biometrics became disabled after account recovery via email, requiring users to manually toggle biometrics off and on for the next login.

• AN-8335: Fixed an issue where the Account screen was not scrollable in landscape mode, ensuring proper viewing and functionality.

• AN-8562: Resolved a bug with Outfit KS font files causing truncation to display as a dot instead of ellipsis; switched to standard Outfit font files as recommended by designers.

Enhancements:

• AN-7458: You can now easily import passwords from Google Password Manager into Keeper on Android. Just select the “Import Passwords” option in your vault to move your data securely right on your Android device.

  • For detailed instructions on importing passwords directly on your Android device click HERE.

• AN-8495: We've made improvements so that logging in and getting your account summary is quicker, helping you access your vault faster.

• AN-8416: The app now shows clearer messages when you try to edit records without permission, making it easier to understand what went wrong.

• AN-8430: We've refreshed the tool-tips you see when you first use the app, ensuring they align with the latest record type and work well on all devices.

• AN-8051: Enhanced the 'My Vault' functionality to automatically scroll to the top of the screen and reveal the search bar (if hidden) when clicked.

• AN-7829: Addressed the transfer owner feature to 'Change Owner' in the UI, adding options to remove records from vaults after ownership changes.

  • AN-7826: The look of the 'Transfer Ownership' feature has been refreshed.

• AN-6400: A new ‘Renew’ button is now available for users with an expired Family Plan, making it simple to renew without extra steps.

Other Improvements:

• AN-8503: Cache HTTP objects to improve login speed.

• AN-8436: Ensured that the latest records sync properly with the app via latest endpoint.

• AN-8433: Addressed internal errors related to deprecated parameters for master passwords.

• AN-8369: Autofill updated to not prompt to save a password if less than 4 characters in length.

• AN-8525: Old certification pinning has been removed as it is no longer supported.

Bug Fixes:

• AN-8252: Fixed a crash that happened when you pressed “Stop” while using the camera.

• AN-8153: Updated autofill to stop asking to save credentials in Outlook.

• AN-8489: Removed extra region check during login if 2FA is already done.

• AN-8435: Fixed login loop issue for SSO users after automatic logout.

• AN-7817: Improved delete function during account recovery to enhance character deletion.

• AN-8109: Updated autofill to stop asking to save the authenticator PIN in Microsoft Authenticator.

• AN-8268: Fixed issue where users with expired master passwords were not redirected to reset their password.

• AN-8357: Resolved crash when expired users tried to share records via KeeperFill.

• AN-8159: Fixed missing file attachments in 'History' and 'Deleted' sections when restoring records.

• AN-8136: Updated UI for deleting multiple custom fields in a record.

• AN-7720: Adjusted the ‘Save To:’ dropdown menu for better usability.

• AN-7485: Fixed autofill not working on paypal.com.

• AN-8542: Fixed ‘invalid login token’ error for users logging in via Okta SSO with 2FA.

• AN-7239: Resolved crash issue with custom records containing TOTP codes created in the Keeper Web Vault.

• AN-6559: Updated logic for account selection on the login screen to reduce pop-up frequency.

• AN-6643: Fixed crash when using ‘Take Video’ with ‘Prevent Screenshots’ enabled.

• AN-7741: Fixed crash that forced user to login screen after using ‘Take Video’.

• AN-8563: Resolved sync issue when creating a record in a shared folder.

• AN-8570: Fixed Keeper Push not moving the device to the password screen after approval.

• AN-8554: Made UI tweaks to the Desktop import instructions in the Keeper Android app.

• AN-8556: Fixed button padding around ‘Next’ and ‘Cancel’ in the import flow.

• AN-8578: Fixed issue where autofill save prompt didn't trigger to update the address.

Enhancements:

• AN-7602: Introduced comprehensive passphrase capabilities for the Keeper Android application, enabling users to generate and manage secure, user-friendly passphrases aligned with stringent enforcement policies and customizable settings.

  • Robust passphrase generator, giving users the ability to create secure passphrases up to 20 words long. Customizations include setting the length, including capitals and numbers in the passphrase and choosing from various symbols to separate the words.

  • Admins can set global and domain-specific policies for passwords and passwords within their "Record Password" enforcement policies.

  • Enhanced auto-suggest functionality and seamless integration across Keeper clients.

  

  • AN-8163: Enhanced the Passphrase Generator feature with character colors for better readability.

  • AN-8164: Added support for new JSON format in Passphrases, improving compatibility and data handling.

  • AN-8169: Updated the night mode theme colors for Passphrases, offering a better visual experience in dark environments.

  • AN-8173: The "Pin Code" custom field type now includes a password generator with the option to randomly generate a customized pin between 4-16 numbers.

  • AN-8184: The "Security Question & Answer" custom field type now includes the option to generate a random password for each field.

  • AN-8185: Users can generate a password or passphrase from their vault home screen by tapping the create new button.

  • AN-8186: Introduced a password generator history feature, allowing users to revisit previously generated passwords/passphrases.

• AN-7034: Extended the Logout Timer durations, providing users with more flexibility in session management. Users can now select extended durations, including up to 2 weeks. This change addresses customer requests for longer session durations beyond the previous 30-minute maximum.

  • Logout Timer options include: 1 Minute, 2 Minutes, 5 Minutes, 10 Minutes, 30 Minutes, 1 Hour, 4 Hours, 8 Hours, 1 Day, 1 Week, 2 Weeks.

• AN-8427: Updated Onboarding Wizard to direct users to the new v3 setup options, improving initial setup flow and enhanced security measures of that latest record types.

• AN-8467: Updated PlayCore Library dependency to Android 14 compatible version.

• AN-7977: Upgraded to Gradle 8 to support the latest build and performance enhancements.

• AN-8029: Updated app typography styles and fonts for a more modern and consistent look.

• AN-8358: This update introduces clone code functionality, enabling the Android client to remain logged in or re-login automatically if the user returns within the logout timer window.

• AN-8418: Updated the support email workflow in the account settings to streamline user support requests.

• AN-8508: Fixed the wrong icon displayed in the Filters Bottom Sheet, ensuring proper iconography.

Bug Fixes:

• AN-7816: This update ensures correct handling of security data when transferring records with passkeys and passwords. Specific scenarios include adjusting the strong password count when a record has a passkey with no password, updating the password score when a record has a password, and removing entries when a password is blanked out.

• AN-8412: Fixed a crash issue on the Play Store caused by an InvalidKeyException.

• AN-8346: Integrated "Share to Typer" functionality for seamless sharing between Keeper and Typer.

• AN-8490: This update addresses several UI inconsistencies on the edit photo screen within the Identity and Payments section. Specifically, the header text color is corrected to white and re-centered. Additionally, the bottom bar's color and icon placement have been fixed to ensure alignment and proper visual hierarchy.

• AN-8493: Improved registration process by adjusting the password strength meter location.

• AN-8511: Fixed an issue where the "Deleted" UI in OTS (One-Time Share) wasn't appearing correctly.

• AN-8512: Addressed a rare debug build crash that occurred when returning to the app from the background.

• AN-8513: Resolved a rare encryption crash issue that occurred when returning to the app from the background.

• AN-8514: Fixed a crash issue caused by a specific dialog when accessing the app via Autofill.

• AN-8491: Corrected the font used in certain UI elements to maintain design consistency.

• AN-8526: Resolved an issue when moving a record to a shared folder, ensuring proper functionality and permissions.

Improvements

• AN-8426: Implemented the capability to view PAM (Privileged Access Management) records in a read-only format on the Android app. Users can view all details of PAM records, but editing capabilities are disabled

• AN-8434: Updated the Android app to support the display and management of records that contain only custom fields

• AN-8469: Updated the UID generation process to prevent creating UIDs that start with a '-' character

Bug Fixes

• AN-8347: Fixed and issue for free trial users who purchased an unlimited or family plan and encountered a black screen

• AN-8465: Fixed the license account application related to purchasing a 10GB license

Bug Fixes

AN-8425: Crash on Viewing PAM Records

• Issue: The Android app was crashing when attempting to view certain PAM (Privileged Access Management) records.

• Fix: Resolved the issue to ensure the app handles data correctly and no longer crashes when viewing PAM records.

AN-8459: Crash on Login

• Issue: The app was crashing upon login.

• Fix: Fixed the issue to ensure the app no longer crashes and users can log in without problems.

Improvements

• AN-7872: Finnish and Swedish support has been added, enhancing the app's accessibility for these languages.

Platform | Design Updates

• AN-7991: Addressed compatibility issues with clipboard functions on Android 13.

• AN-8099: Corrected padding issues on the 'Deleted' screen for better visual alignment.

• AN-8214: Updated cryptographic standards to align Keeper Authentication (KA) and Android platforms.

• AN-8244: Resolved issues where Chrome was not triggering Autofill correctly on username fields.

• AN-8377: Removed the gift box icon from the Vault screen to simplify the interface.

• AN-8411: Added a disclaimer to guide users on how to manually select "Keeper" in device settings if it doesn't appear automatically during the onboarding process.

• AN-8420: Adjusted settings to ignore Automatic Update Settings (AUS) for development and quality assurance environments.

Bug Fixes

• AN-8399: Enhanced management of expired file plans and old user data for cleaner user experience.

• AN-8403: Resolved display issues for upgrade offers to users with multiple accounts.

• AN-8408: Corrected storage limit displays for active unlimited users with 10 GB plans.

• AN-8409: Fixed issues with active trial popups to improve user experience.

• AN-7575: If an enterprise user in certain state (hasn't accepted vault transfer notice) recovers their account, they will be able to login once and use Keeper without the vault transfer acceptance prompt appearing.

• AN-7665: Resolved issues related to submitting invalid phone numbers during two-factor authentication setup.

• AN-8079: Resolved a crash occurring when loading favicon in the Play Store.

• AN-8055: Fixed a crash related to deleting identity and payment information.

Bug Fixes:

• AN-8256: Fix for expired paid user logging into fresh app install.

• AN-8266: Update for Create button when KeeperFill login and move into main app.

• AN-8264: Display fix for Breachwatch pop-up after purchase.

• AN-8258: Fix for clicking on a shared record as an expired user.

• AN-8344: Fix for navigating into a record before the activity dialog is displayed.

• AN-8392: Adjustment for proper display when active & expired trial account clicks Breachwatch.

• AN-8395: Expired trial displays both “Trial has ended” and “Record Limit Reached”.

• AN-8394: Fix for expired user attempting to upload a file, show proper dialogue.

• AN-8393: Update for 24 Hour warning during trial period.

• AN-8400: Proper display when in an expired Unlimited Family state.

• AN-8402: Fix for duplicate dialog display when creating account.

• AN-8244:Fix for username field triggering autofill in Chrome.

Bug Fix:

AN-8080: Resolved an issue causing application crashes due to certain devices' inability to connect to Google APIs.

Features:

• AN-7757: Passkey Support: This feature allows users to securely sign into websites using passkeys stored in the Keeper Android Application. By leveraging autofill, users can conveniently authenticate without passwords, enhancing security and usability. Requires Android 14.

  • Passkeys work on websites and applications that have been specifically built to support them. Keeper maintains a passkey directory, which can be found HERE.

  • Upon tapping Create Passkey on a site or app, Keeper will intercept the request to create and save a passkey to your vault.

• Returning to sites or apps where you have a stored passkey you will either be prompted to sign in with passkey or will be able to select Sign in with Passkey. Keeper does the rest!

Enable Passkeys on Android.

To enable Credential Manager follow these steps:

1. Open Chrome or a Chromium based browser.

2. Type chrome://flags into the address bar.

3. In the flags page that opens, tap the search box and search for passkeys

4. Select Default button to display dropdown menu options and choose Enable for Google Password Manager and 3rd party passkeys.

5. Click the Relaunch button that appears at the bottom of the browser.

Additional Updates:

• AN-7768: Android 14 Support: Update ensures Keeper is fully optimized and functional with Android 14, allowing users to experience the latest security features, enhanced performance and improved usability.

• AN-8006: UI Improvements: Addresses layout inconsistencies in the record view screen. Ensuring elements are aligned properly and visually synchronized for a cleaner and more intuitive user experience.

• AN-7951: Biometric Login Enhancement: Speed improvements to biometrics. Reduces login time by half for improved user experience. Users upgrading from a previous version of Keeper will need to log in, navigate to settings, disable biometrics, and then re-enable them to benefit from this faster biometrics authentication.

Bug Fixes:

• AN-8126: UI enhancement for passkey visibility when in dark mode.

• AN-8069: Removal of 'Delete' icon when updating a Payment Card record type to another (e.g. Login, File Attachment, etc).

• AN-7644: Fixes pop-up dialogue when downloading a .zip file from Keeper.

• AN-8062: Update to Secure File Storage usage display. Only display to 2 decimal places.

• AN-7503: Fix date display when using a timezone that is more than 1 day ahead of PST.

• AN-8059: UI fix for 10GB subscriber to add more storage, button visibility.

• AN-8044: Edit button visibility in record detail view, Arabic Language only

• AN-7547: Allow Japanese character input via Security Answer Fields. Allow JP Keyboard.

• AN-7600: Update to display proper dialogue when blocked SSO users attempts biometric login.

• AN-7898: Allow search and autofill for Password Rotate Records created via Keeper Secrets Manager.

• AN-8030: Updating a weak password to a strong one updates BreachWatch to resolved without having to utilize buttons in BreachWatch directly.

• AN-8191: Fix to allow passkey authentication when accessing site logins on other devices.

• AN-8194: Favorite Icon only appears on appropriate records.

• AN-8192: Favorite Records & Recently modified records display at top of list.

• AN-8201: Proper filtering results when selecting specific record types.

• AN-8202: Design alignment for Passkeys.

• AN-8210: Update "Overwrite Existing" prompt to "Create New" when existing is "Read Only".

• AN-8208: Adjust "Login" record type when Enterprise enforcements prevent it.

• AN-8212: Passkey Icon display follows Browser Extension.

• AN-8209: Updated logic when adding passkeys to existing records

• AN-8272: Record edit, UI Update to line spacing between menu options.

Features

• AN-7836: Account deletion feature added to the consumer version to adhere with app store policies

• AN-7896: Support for FIDO2 Security Key as the only second factor. Additionally, users can now manage how often they are prompted to sign in on their device with their selected two-factor method from Settings > 2FA Frequency (every login, every 12 hours, every 24 hours, every 30 days, or not again on this device)

• AN-7962: Performance updates

• AN-7842: Any copyable field is also sendable to the Typer app (Long Press > Send to Typer)

• AN-7563: Autofill creates V3 (Login) record types instead of old "general" type

• AN-7542: Migrated to new records_revert API for reverting records from revision history

Bug Fixes

• AN-7967: Switching screen orientation on family plan screen crashes the app

• AN-8081: Plugging in certain USB Yubikey devices during registration causes a restart of the process

• AN-8058: Crash in Android Wear app animation

• AN-7861: Record preview for deleted V3 records not working

• AN-8053: Watch favorite not updating for V2 (general) records

• AN-8108: Crash when switching to landscape mode in Add Records screen

• AN-8132: Password Zoom feature not following privacy screen enforcement policies

• AN-8140: If a user with a large record count (e.g. 1k+ records) logs in from registration, the vault loads early (when compared to previous release 16.8.0) and no progress bar / loading bar appears.

New Features

• AN-8007: Dark Mode

Features

• AN-7909: New and improved search which matches iOS, Web Vault, Desktop App and Browser Extension algorithm.

Bug Fixes

• AN-7892: Android is not receiving changed logout timer from iOS

• AN-7397: If User A shares a record with a linked address or payment card to User B, User B cannot see the address or card fields.

• AN-7946: Cannot open files of office types, such as .doc or .xls

• AN-7988: KeeperFill prompt to enable is not appearing for Enterprise users

• AN-7490: Auto-suggestion fixes

• AN-7581: If a user changes a typed record (via Edit) that contains a TOTP field to a type that doesn’t have a TOTP field (in template), the record does not appear with the TOTP filter applied to the vault.

Security Updates

• AN-7932, AN-7933: Security improvements found by Bugcrowd researchers

Older release note content is still available, but anything older than the last 10 updates is placed here.

Features

• AN-7631: UI Refresh (Phase 1 of complete user interface update)

• Note: Official "Dark Mode" is coming in an upcoming release.

Other Changes

• AN-7541: Removal of legacy "internal" Keeper web browser. Users can activate KeeperFill from the settings screen to enable autofill across any mobile app or web browser. See KeeperFill setup guide for Android.

• AN-7650: Update compilation to Android SDK 33

• AN-7952: Implemented Android 13 real-time requests for permissions based on user action, including:

  • POST_NOTIFICATIONS

  • READ_EXTERNAL_STORAGE

  • READ_MEDIA_IMAGES

  • READ_MEDIA_VIDEO

  • READ_MEDIA_AUDIO

Bug Fixes

• AN-7480: Onboarding a new Enterprise user on Android via Cloud SSO does not work properly

• AN-7791: If a user creates a v2 (general) record in vault, it will not be triggered in the Autofill UI automatically.

• AN-7713: Crash when switching accounts after a linked record is removed from shared folder.

• AN-7649: If a user deletes a Security Key, adds another Key, then plugs it in via USB on (one of) the first Google screen(s), Keeper crashes during setup.

• AN-7818: Stop making calls to update_security_data for records that are not owned. This includes all shared records in shared folder or directly shared.

• AN-7601: Creating a record in DuckDuckGo sets title to DuckDuckGo

• AN-7835: Minor recovery phrase bug fixes

Features

• AN-7744: Recovery Phrase. We have upgraded our account recovery process with a new and more secure 24-word “recovery phrase” feature. Read more on the Keeper Blog.

Bug Fixes

• AN-7787: Crash during device approval process when Chrome is uninstalled/disabled

• AN-7803: Error message when attempting to download a file from a record that was converted from "general" to another record type.

Improvements

• AN-7733: Increased default Master Password requirements to 12 chars

• AN-7743: Allow users to reset their Master Password using existing biometrics

• AN-7739: Migrate from RSA to Elliptic Curve transmission keys

Bug Fixes

• AN-7751: Better handling for access denied message when updating records

• AN-7772: Cybertest pen test finding related to local handling of image thumbnails which were stored on disk unencrypted in a temporary cached location. The temporary thumbnails are now deleted from disk.

• AN-7407: Support for Android 13 android.content.extra.IS_SENSITIVE setting for copying a password to the clipboard.

Bug Fixes

• AN-7645: KeeperFill keyboard mode is not logging out. Relates to Bugcrowd ticket 5157c781-23eb-4e7f-a93e-f2b281193c1b reported by DavidM338c.

• AN-7404: Folder colors not appearing when moving objects

• AN-7379: Account Recovery + 2FA + Record types - the types are not enabled after account recovery.

• AN-7516: Crash when launching a browser if there is no browser installed on the device.

• AN-7343: Record Type change not functioning if the Record Types filter is enabled

• AN-7181: No error and hanging happens upon upload of large file size

• AN-6735: Entering a blank 2FA code provides no user feedback or error message

• AN-7651: Shared Folder user lacks permission to create record even if they are part of a team that has permission

• AN-7698: Enabling a security key can sometimes cause a crash

• AN-6690: If a user's password gets changed on another client, after upgrading Android app- they will be prompted for the new password after login. After updating to the current password, user is not logged in automatically.

• AN-7636: When a user changes their email on another client, Android misbehaves in a few different ways.

Improvements

• AN-6170: Refactored the UI for the BreachWatch screen

• AN-6789: Clicking the "Dice" button to generate a password on an existing record will regenerate the password with at least the current strength setting.

Bug Fixes

• AN-6647, AN-7594, AN-7370: Various crashes

• AN-7484: Unable to login offline with Yubikey after app restart.

• AN-7488: Unable to download a file if it can't be opened by the operating system.

Bug Fixes

• AN-7576: Record detail stays on the screen when switching user accounts

• AN-7565: SSO users unable to login offline with biometrics and swipe-kill app

• AN-7448: Poor visibility of button colors with white text on yellow button

• AN-7537: Removing an account from the Autofill login screen causes bad state

• AN-6902: Incorrect screenshot showing in Autofill setup screens for Android 11+

• AN-7311: Crash launching Autofill settings from device settings

• AN-7495: Crash when user changes their email on another device while the Android app is in the foreground.

Improvements

• AN-7429, AN-7519: Performance improvements

• AN-7464: Autofill settings gets a Help button

Improvements

• AN-7459: Autofill support for Vivaldi Web Browser

• AN-7461: Autofill support for Brave browser

Bug Fixes

• AN-7114: Password not filling for Instagram App

• AN-6685: Card field not triggering Autofill in Doordash App

• AN-6682: Autofill showing in "To" and "Search" fields in Samsung Mail App

• AN-6246: Autofill unable to create records in landscape mode

• AN-6691: Crash when clicking "Send New Code" in account recovery

• AN-7438: Crash when the website favicon is too large

• AN-7474: Autofill issues with DSW App

• AN-7560: SSO user unable to complete account recovery

• AN-7561: App hanging after submitting a capital letter security answer

• AN-7579: App failure when attempting to purchase consumer add-on products

Features

• AN-7449: Launch of Keeper One-Time Share for Android.

See the user guide for more info: https://docs.keeper.io/user-guides/one-time-share

Bug Fixes

• AN-7392: Camera icon in Identity & Payments needs update

• AN-7389: Bugs with profile photos

• AN-7388: Country dropdown list not in alphabetical order

• AN-7354: Date picker causes keyboard to appear briefly

• AN-7332: Crash when backgrounding the app in Identity & Payments section

• AN-7358: Custom record template fields not masked properly

• AN-6979: Crash on Samsung Galaxy Fold device

• AN-6950: Account screen showing negative value for "Referral invites" on consumer

• AN-7160: Autofill on US Bank App fills fields incorrectly

• Several other crashes reported in the Google Play store resolved

Bug Fixes

• AN-7368: Crash when searching record types

• AN-7364: Crash during account signup when sending app to background

• Various other small bug fixes reported by customers

Improvements

• Color coding enhancements for folders and subfolders

Bug Fixes

• AN-6978: Support for Android 12 which includes showing the number of passwords from the Android "Passwords & Accounts" screen.

• Many UI fixes related to Record Types

Bug Fixes

• AN-6677: Crash during SSO registration flow

• AN-7282: Missing record type icons in list view

• AN-7155: Unable to login to SSO account hosted in AU region

• AN-7258: Crash when saving a custom record type

• AN-6821: Remove URL validation rules that prevented saving URLs such as https://localhost:8080/

• AN-7265: Crash when clearing out an invited user field in shared folder

• AN-7318: Crash when a payment card has a null card number

• AN-7153: File upload disappears from record when the notification tray is open

• AN-7081: Crash when removing linked record types at certain timing

• AN-6683: Custom logout timer causing login hang and value not being saved

• AN-7252: Save button missing in Arabic/Hebrew language modes

• AN-6746: Generated password complexity still enforced after user removed from role

• AN-7183: Unable to purchase storage from new Record Type record

• AN-7143: Fallback to CBC decryption mode for legacy records

• AN-6956: Government access notice not triggered during SSO login flow

• AN-7268: Eyeball icon not changing when toggling field mask on record types

• AN-6811: Expired storage plan is not reflected correctly

• AN-7308: Ensure record in shared folders can fallback to CBC encryption mode when necessary

• AN-7346: Saving record edits causes duplicate fields if editing a record, backing out, editing again

New Features

Keeper for Android now supports FIDO2 WebAuthn for two-factor authentication using NFC and plug-in devices, such as the Yubikey NFC device. We also introduce website icons within the vault records.

• AN-5412: FIDO2 WebAuthn

• AN-6983: Display of Website Icons

Bug Fixes

• AN-7094, AN-7097: Record deletion bugs

• AN-7109: Record Type icons showing "general" icon in security audit screen

• AN-7091: No ability to edit the label of a multi-line custom field

• AN-6907: Password Change / Zoom feature added back for Typed Records

• AN-7110: Record Type values appear in record when blank

• AN-7125: No error dialog when trying to share with already shared user

• AN-7121: Wrong font displayed on Changed Password dialog

• AN-7098: TOTP field countdown animation stops running after switching apps

• AN-7082: 2FA on/off switch shows the wrong value for a second

• AN-7149, AN-7166, AN-7122, AN-7164, AN-7192, AN-7185, AN-7184: Various small Record Types bugs

• AN-7201: Cannot save some Record Types with just a title

• Various crashes

Features

• AN-6212: Support for Keeper Record Types (Enterprise customers only)

  A Keeper Record Type is a structured template that can contain any type of information such as logins, payment cards, bank accounts, and many more. There are several out-of-the-box record types available, and Admins can create custom types that fit the needs of your organization. Custom types can be created for all users, or users within specific roles. Learn more about Keeper Record Types below:

  https://docs.keeper.io/enterprise-guide/record-types

• AN-6823: Support for Compliance Reports (Enterprise customers only)

  Compliance Reports provide on-demand visibility to access permissions on records and credentials in your enterprise. These reports simplify the compliance auditing process for Sarbanes Oxley (SOX) and other regulations requiring periodic access control auditing. These Keeper Administrator-defined Compliance Reports run on-demand and can be forwarded to automated compliance systems or sent directly to external auditors. Since the reports contain some non-credential encrypted record data, an administrator must have permission to run and view these reports. The encrypted record data is included in the report and can also be used as report filters.

  More information can be found here:

  https://docs.keeper.io/enterprise-guide/compliance-reports

Bug Fixes

• AN-6916: Site auto-suggestion on GovCloud environment not working

• AN-6889: Deleting file before save can cause it to re-appear

• AN-6893: Referral button showing on Enterprise users

• AN-6621: Autofill triggering on Signal App group chat

• AN-6699: Email validation to include .cpa TLD

• AN-6938: Blank screen showing on some purchase flows

Features

• 🇱🇷 Support for the Amazon AWS GovCloud environment. Keeper is currently FedRAMP in-process and public sector entities can now establish their Keeper tenant in the GovCloud environment. Contact the public sector sales team at govsales@keepersecurity.com for more information.

• Increased the number of special characters to this set:

  !@#$%()+;<>=?[]{}^.,

Bug Fixes

• AN-6676: Auto-logout enforcement policy doesn't reset after being removed by Admin

Other

• Updated to Google Play Billing Library v3

Features & Improvements

This version includes several UI improvements surrounding the main search bar, filtering and sorting. We also added Password Zoom (press-and-hold the password field) with additional colors for clarity.

Bug Fixes

• AN-6798: Security updates regarding implicit notifications

• AN-6615: Biometrics become disabled if 2FA is enforced but not set.

• AN-6396: Unable to set default payment card if many are saved.

• AN-6345: Autofill appears on the Calculator app 😂

• AN-5838: User locked out when account transfer acceptance is blocked.

• AN-6805: Unable to login to SSO when Chrome is not the default browser.

• AN-6804: More than 29 accounts on the same domain don't show any autofill results.

• AN-6767: Android sending BreachWatch request to server that generates an error.

• AN-6377: Unable to scroll long security answers in the Account Recovery flow

• AN-6739: Share dialog appears twice after record shared

• AN-6835: Crash on long click within Deleted Records screen

• AN-6836: Tell a Friend screen replaced with new referral screen

Other Improvements

• AN-6723: Completely removed Firebase Analytics which shows as a "tracker"

• AN-6838: Added colors in the password viewer

New Features & Improvements

• Expansion to AU Data Center - Keeper now supports an AU data center. Users have the option to select "AUS" from the region selector at login.

New Features & Improvements

• Keeper Autofill Keyboard Integration for Android 11 - With the release of Android version 11, KeeperFill login prompts and fill results may be fully integrated into your device's keyboard. This autofill integration is only supported by certain keyboards such as, Google's "Gboard" Keyboard version 10.3 and Samsung's keyboard version 5.2.00.87.

Bug Fixes

• AN-6751: KeeperFill's password generator display's incorrect minimum/maximum character requirements.

Improvements

• AN-638: The password zoom feature allows users to pinch/long press on a password within a record to enlarge it for improved visibility

Bug Fixes

• AN-6671: Crash occurs during token verification

• AN-6432: Logout timer forces logout if the user selects an unsupported value

• AN-6489: A user is prompted twice for a Security Question/Answer if logout timer expires during creation

• AN-6500: 2FA screen is not dismissed after user sets up Duo

• AN-6505: SSO users are not logged out of the IdP on first logout attempt

• AN-6540: Duo is not pre-selected as 2FA method after user completes enrollment

• AN-6501: Changing Duo Voice from "Require code every login" to a different duration fails to save

• AN-6190: "X" button to dismiss BreachWatch popup is not functional on some Pixel devices

• AN-6097: Users added to an Enterprise Team don't automatically see Team folders when there are multiple accounts

• AN-6376: "Invalid Client Version" error does not appear when multiple accounts are setup and the client is blocked by Keeper

• AN-6230: Wildcard for generated password complexity enforcement should apply to empty URL

• AN-6072: Master Password complexity enforcements are not narrowed down as the user meets requirements

• AN-6050: Restoring a record's history does not bring the user back to record detail view

• AN-6652: An error message is needed when a client key is not valid during Master Password update

• AN-6457: Attempting to delete "https://" from a custom field fails to save

• AN-6288: Users are prompted for 2FA method twice after Admin adds 2FA enforcement

• AN-6712: A crash occurs when records are encrypted with the data key

• AN-6547: Password generator doesn't generate passwords beyond 51 characters for users in a role with a password complexity enforcement requiring more than 51 characters

• AN-6726: Share notifications do not appear when a share relationship exists

Bug Fixes

• AN-6034: New Enterprise users experience enforcement policies prior to accepting invite

• AN-6662: Incorrect password enforcements are applied to new users registering with enterprise domains

Bug Fixes

• AN-6658: DUO push fails after opening main DUO app

• AN-6654: Crash occurs during account registration

Release Features

• AN-6347: Login V3 General Availability (GA) More information available here: https://docs.keeper.io/enterprise-guide/login-api-v3

Improvements

• AN-6481: Users are now able to back out of the security question/answer creation screen

Bug Fixes

• AN-6476: Logging in with incorrect password triggers "Password Update" prompt

• AN-6487: A crash occurs when the logout timer expires and the user attempts to switch between apps or log in with Biometrics

• AN-6516: User is not alerted on Android when their email address is changed on another client

• AN-6538: A crash occurs when a user logs in with Biometrics when a password expiration prompt should appear

• AN-6296: For accounts with a password complexity enforcement enabled, the password generator will not create passwords greater then 51 characters

• AN-6555: Biometric login lost after first login

• AN-6556: Logout from Settings menu fails on first attempt

• AN6470: KeeperFill fails in various cases

• AN-6471: A blank dialogue appears during new password creation flow when incorrect current password is submitted

• AN-6482: "Connect" button fails for SSO users (EU)

• AN-6478: User is prompted to login after updating new password

• AN-6395: An error is generated when updating an expired password for a specific user type

• AN-6492: Various issues with offline mode causing crashes, etc.

• AN-6477: Session timer times user out during registration; unable to click "Next" to move forward

• AN-6491: Biometrics button disappears after unsuccessful Master Password submission

• AN-6497: Failed launch or crash occurs if the logout timer expires while Keeper is backgrounded

• AN-6506: Backing out of IDP login and using Biometrics causes a hang on login

• AN-6526: Admin approval hangs after session times out (SSO)

• AN-6532: User is not brought back to original screen after 2FA session timeout occurs

• AN-6573: Enterprise invite sends new user in loop

Bug Fixes

• Fixed: Various issues with SSO login flow, preventing users from advancing past various screens.

• Fixed: KeeperFill unresponsive to fill password request in Instacart application.

Bug Fixes

• Fixed: Various German and Italian translation errors on Keeper Unlimited and Keeper Secure File Storage purchase screens.

Bug Fixes

• Fixed: Upon upgrading their IPs, users are being prompted for IP verification at login.

Benefits & Enhancements

• Referral Program - The rollout of Keeper's new referral program thanks our consumer customers for sharing Keeper with their friends, family members and colleagues by offering our current customers a $15.00 Amazon gift card for each purchase made. Using their unique referral link, users can easily share Keeper through text, email and other platforms (e.g. Facebook, Twitter, etc.) by tapping the referral icon located in their Keeper vault.

Bug Fixes

• Fixed: The new user intro video experiences a brief resize when first launched.

• Fixed: Various crash scenarios related to links to the Google Play Store.

• Fixed: The Identity & Payments country code drop-down menu appears in alphanumeric order rather than listed alphabetically.

• Fixed: Issue preventing some users from sharing within a group when the "Prevent sharing outside of group" enforcement is enabled.

Benefits & Enhancements

• Single Tap to Open Record URL - A single tap of a record's URL will open a dialog allowing the user to choose whether to open the site with a browser (e.g. Firefox, Chrome), with Keeper, or copy the URL to the clipboard.

• Updated Privacy Policy - By clicking on a URL from the Help or Registration screens, users are directed to view our updated privacy on the Keeper website.

Bug Fixes

• Fixed: Autofill is not working correctly for TOTP and phone number fields on both the LinkedIn and Twitter applications.

• Fixed: A crash occurs when a user attempts to take a photo for their Keeper profile.

• Fixed: A white field blocks the users ability to view the KeeperFill keyboard on Huawei devices.

• Fixed: A blank pop-up appears when a EU account shares a record with a US account.

• Fixed: Various scenarios related to KeeperFill cause a crash to occur on Huawei devices.

• Fixed: Users aren't prompted to select a duration upon enabling KeeperDNA as their Two-Factor Authentication method.

Bug Fixes

• Fixed: The autofill feature fails to fill the password field of the Instagram application at login.

Benefits & Enhancements

• User Confirmation for Biometric Login - To prevent a user from unintentionally logging into their Vault upon face detection, a prompt requiring the user to confirm the biometric login action has been implemented. This will allow users the option to cancel the login and/or switch accounts.

• Master Password & Security Answer Character Length Enforcement - For added security purposes, the minimum character length for users' Master Password has increased to 10, while the minimum character length for a Security Answer has increased to 8.

• Two-Factor Code Duration Timer Update - New two-factor code timer functionality provides users with additional timer options to select from (require code every 24 hours, 1 week, 2 weeks).

• Duo Two-Factor Authentication Policies - Enterprise administrators now have the ability to enable a policy in Duo that gives them the ability to eliminate and control the different types of two-factor authentication capabilities that are available to the user (e.g. sms, phone).

Bug Fixes

• Fixed: Entering any capitalized letters at the registration screen causes a "bad_request" pop-up notification to appear. Capital letters should automatically be converted since login characters are not case-sensitive.

• Fixed: An error message alerting the user that a shared folder requires an administrator fails to appear when a user attempts to delete all users, including the administrator.

• Fixed: Some folders are not appearing or syncing correctly in the user's Vault when multiple Keeper accounts are set-up on a single device.

Benefits & Enhancements

• Privacy Notice Update - Our privacy notice and certification status, including a TRUSTe seal (Privacy Shield Verification Program) have been updated within the Registration and Help screens.

Bug Fixes

• Fixed: Upon clicking the link to "Learn More" at "https://keepersecurity.com/security" from the Reset Security Question screen, user is logged out of their Vault.

• Fixed: Offline changes made to the Identity & Payments section are overwritten and do not appear again at next sync.

• Fixed: Inconsistency between password strength indicators in Vault and Console.

• Fixed: Invalid error message received when user shares a folder with another user (Enterprise) if the "Prevent record sharing to users outside of Keeper Enterprise" enforcement is turned on.

• Fixed: Various crash scenarios.

Features and Benefits:

• Protect a Friend: New icon in the top left section of the Vault screen is now available to make it easier to send invites to friends, family and colleagues. In addition, Protect a Friend option was added to the "+" button in order to make the function more easily accessible.

• Password Generator: Default length is now going to be 20 characters

• Font and Themes: New Overpass font is applied across the app and a new Dark Blue theme is available in Settings

• Two-Factor Authentication: Descriptions and labels that previously referred to KeeperDNA are now transitioned to Two-Factor authentication, reserving the trademarked KeeperDNA for watch and other wearable methods

• TOTP (Time-based One-Time Password): TOTP code is now available from the dropdown when the Keeper Web Browser is used to access sites requiring codes for login authentication such as Amazon, DropBox, GitHub, Twitter and others.

Bugs & Fixes:

• Fixed: Users unable to delete files on HTC-08 in some cases.

• Fixed: Enterprise users unable to sign-in in offline mode when 2FA is enabled in some cases.

• Fixed: Inconsistent overflow menu options based on the filter users used to get to a record. Options such as "Move To" and "Create Shortcut" would not appear for some users.

• Fixed: Logout Timer was not functioning correctly for some users.

Features & Benefits:

• TOTP (Time-based one-time password): 2FA (Two-Factor Authentication) tokens were added within records to support TOTP for new and existing records

• BreachWatch for Business: Ability to track and scan master password for vulnerabilities

• Password Complexity Improvements: Added record creation, multiple role and other enforcement capabilities

Bug Fixes:

• Fixed: An issue with Samsung devices causing biometric login to be restricted

• Fixed: An issue causing a crash while user device goes to sleep while inactive

• Fixed: An issue causing a crash when creating a record with a password complexity enforcement

• Fixed: Removed a second, broken menu appearing when user taps the 3-dot menu while viewing a record

• Fixed: An issue with an unknown device appearing after a user registers using their G-Suite SSO login credentials

• Fixed: An issue causing a crash when a user taps the info button in the BreachWatch screen

• Fixed: An issue with the Password Complexity Enforcement Slider only allowing 43 characters; now supports up to 51 characters

Features and Benefits:

• Storage Add-on: Updated Storage Upsell Flow supporting multiple scenarios of users with expired subscriptions trying to attach files to records

Features & Benefits

• Support for Android Q biometric login. We are excited to be adopting the new BiometricPrompt API introduced for Android P. This new capability allows you to log in to Keeper with all forms of biometric methods such as iris scanning, fingerprint, facial recognition, and others.

• Support for Iris/face recognition on Samsung devices

• Improved tablet support

Bug Fixes

• Fixed: Decryption errors on certain user accounts

• Fixed: Crash logging into Android 5.x

• Fixed: Account Recovery - with 2FA causes Biometrics and Self Destruct to appear when they shouldn't

• Fixed: "none.com" appearing in some vault records.

• Fixed: Password complexity enforcement for master password.

This is a major bug fix release which was fully rolled out by Aug 16, 2019.

Features & Benefits

• Initial support for Android Q

Bug Fixes

• Enterprise invite acceptance dialog not displayed on first login. Fixed.

• Records restored from record preview screen not showing until next sync. Fixed.

• Crash on BreachWatch purchase screen. Fixed.

• Moving user into SSO node doesn't allow login until app reset

• Keeper not appearing in Amazon Fire store. Fixed compatibility.

• Autofill doesn't work properly when login and registration on same page. Fixed.

• Can't sign into SSO with apostrophe in email. Fixed.

• Autofill on Wallmart and eBay native apps fixed.

• Password strength meter showed nothing when only 1 character entered.

• Error during registration (attempt to invoke virtual method) fixed.

• Autofill on Ameritrade app fixed.

• Payment card autofill fixed on Walmart.com site.

• Password masking enforcement policy not working with Autofill screens. Fixed.

• Moving a record outside of a shared folder not reflected by other users. Fixed.

• Sony experia device unable to download file attachments. Fixed.

• Autofill with Firefox Focus visual issues - Fixed.

Features & Benefits

• New Keeper logo

Features & Benefits

• Support for BreachWatch Business customers

• App Launcher Shortcuts

• Android Q Autofill Night Mode support

Security Update

This update addresses a potential security vulnerability on the Android application related to installation of a malicious 3rd party Android application. For the exploit to be realized, a sequence of conditions would be required which in turn, would impact the Keeper Android application. No customer reported being affected by this issue.

Reporting Sequence

The security researcher’s findings were reported via Keeper's Bugcrowd Public Vulnerability Disclosure Program on May 18, 2019. The issue disclosed in the report was accepted and validated on May 20, 2019. The fixes were completed and submitted for publication to the Google Play app store on June 21, 2019 in version 14.3.0.

Summarized Findings in the Security Researcher’s Report

A rogue 3rd party malicious application installed on the user's device could monitor events on the Keeper application and wait for certain conditions to capture a user's record login and password, when the user uses the "Copy to clipboard" feature. The researcher pointed out that while Keeper had FLAG_SECURE enabled at the application level, this flag must be enabled on all app fragments to address this potential vulnerability.

Keeper’s Security Team’s Response

In order for this potential vulnerability to result in an exploit of the user’s password for a website, the following conditions would need to exist:

1. User installs malicious 3rd party Android application 2. User opens Keeper app and opens password record 3. User taps on "eyeball" to display the plain text password 4. User taps on password field to copy to clipboard Result: The "Toast" message containing the password could be read by the malicious application.

Resolution

Added FLAG_SECURE to all app fragments to prevent 3rd party malicious application from monitoring clipboard events when the user taps "eyeball" to show password and taps password field to copy to clipboard.

Special thanks to phosphore Bugcrowd researcher for the detailed report and validation of the fix.

Bug Fixes & Improvements

• Removed KitKat support

• Improved user account switching between KeeperChat and Keeper

• Crash when clicking "Protect your business" promotion

Features & Benefits

• Migrated from Google Cloud Messaging to Firebase (no affect on end-user)

• Fixed URL hyperlink to Business trial version

• User registration on EU data center automatically redirects user to US if necessary

• Added Autofill support for Firefox Fenix

• Improved Autofill support for several websites and services

Bug Fixes

• Resolved "Unauthorized Device" popup error message

• Resolved theme not changing when switching user vaults

• Fixed crash when switching accounts and using the wrong password

• Fixed opening of attachments on Chromebook devices

• Swipe-kill now logs the user out when performed

• Setting a theme no longer sets it for all vaults on the device

• Fixed issue related to using multiple Android devices, adding a file on one device not appearing on the other

• Improved error messages instead of showing confusing error codes

• Fixed invalid prompt related to editing a record, discarding changes without making any edits

• Resolved Autofill on Amtrak app

• Some weak passwords were not showing BreachWatch alerts. This is fixed.

• Resolved ability to create http:// URLs in the record.

• Resolved various app crashes

• Resolved US Bank Autofill

This is a bug fix release focused on customer reported issues.

Bug Fixes

• Removing the "Google Login" feature which has confused many customers (Thanks Google for the confusing UI)

• Fixed several crashes in legacy KeeperFill reported by customers

• Fixed crash when adding non-Keeper accounts to shared folder

• Improved real-time syncing of shared folder changes between devices

• Unable to delete shared folders with long-click

Enhancements & Benefits

• ​Event data support for Advanced Reporting and Alert Module (Enterprise Only)

• New users can pre-fill the Email Address field using your Google account

• Autofill speed improvements

• Reduction of binary size by over 50% (only 10MB binary size)

Bug Fixes

• ​KeeperFill search stays on Home screen

• Crash on KitKat devices

• Dolphin browser crash

• Account Recovery - Old folder structure appears (no sub folders)

• SSO - Password complexity rules being prompted on Android login (Enterprise)

Enhancements & Benefits

• ​Improved AutoFill performance

Known Limitations

• ​All events in the new Advanced Auto & Reporting module analytics system are not fully supported.

Bug Fixes

• ​KeeperFill on Android Pie crashes

• Crash changing accounts, enterprise login and transferring ownership

• Missing localizations

• Sometimes a blank screen is shown when opening the app

Coming Soon

Version 14.2.0 will contain support for all Advanced Auto & Reporting module events

Enhancements & Benefits

• ​Support for Dolphin web browser in KeeperFill

• Improved handling of password masking enforcement policy

• Upgrade to latest SQLite 3.26.0.

Known Limitations

• ​Enforcement policies for Admin Console v13.1 are not yet fully supported.

Bug Fixes

• ​Ensure that masked passwords can only be filled into password fields

• "Object does not exist" error message with deleted records that don't sync

• Small UI design fixes on Version History screen

Coming Soon

• Android Release 14.1.3 is a bug fix release

• Android Release 14.2.0 is a feature release with Admin Console v13.1 enforcement support

Enhancements & Benefits

• ​Over 25 bug fixes addressed

• Improvements to AutoFill, KeeperFill, BreachWatch and Translations

• Addition of Clipboard Expiration timeout enforcement policy

Known Limitations

• ​Enforcement policies for Admin Console v13.1 are not yet fully supported.

Bug Fixes

• ​BreachWatch "Add to Scan" fixed

• Google Play store crash

• Crash on logout screen when backing out of Enterprise SSO Login

• Fingerprint login issues

• AutoFill on Twitch, Apple Music, Cigna, Capital One apps

• Identity & Payment bug fixes and crashes

• Unable to delete shared folders in certain scenarios

• In-app browser not loading Chase.com sign-in screen

• Android Wear unable to use "Verify" button

Coming Soon

• ​Android Release 14.1.2 is a bug fix release

• Android Release 14.1.3 is a bug fix release

• Android Release 14.2.0 is a feature release with Admin Console v13.1 enforcement support