LogoLogo
User Guides
User Guides
  • Keeper End-User Guides
  • System Requirements
  • Quick Start Guides
    • Web Vault & Desktop App
    • iOS - iPhone & iPad
    • Android - Phone & Tablet
  • Enterprise End-User
  • Enterprise End-User (SSO)
  • Web Vault & Desktop App
  • Browser Extensions
    • Install for Chrome
    • Install for Firefox
    • Install for Safari
    • Install for Edge
    • Install for Opera
    • Enterprise Deployment
  • KeeperFill for Apps
  • iOS - iPhone & iPad
  • Autofill & Passkey Setup for iOS
  • Android Phone & Tablet
  • Autofill & Passkey Setup for Android
  • Record Types
  • Sharing
  • Time-Limited Access
  • One-Time Share
  • Self-Destructing Records
  • Vault Offline Access
  • Security Audit
  • BreachWatch
  • Secure File Storage
  • Emergency Access
  • Keeper Family Plan
  • KeeperChat
  • Passkeys
  • Keeper Forcefield
  • Troubleshooting
    • Hardware Security Keys on iOS
    • Master Password Reset & Account Recovery
    • Troubleshoot Extension Issues
    • Autofill Issues
    • Troubleshooting Vault Issues
    • Clearing Browser Cache
    • Website Developers
    • Internet Explorer
  • Tips & Tricks
    • Protecting your Keeper Vault
    • Stay Logged In
    • Protecting TOTP Codes
    • Using Keeper TOTP with Azure or Office 365
    • Changing Passwords Using KeeperFill
    • Free Family License for Personal Use
    • One Record with Multiple URL Domains
    • KeeperFill Right-Click Context Menu
    • Keyboard Shortcuts
    • Resetting Desktop App
    • Login to Keeper with Windows Hello
    • Login to Keeper on macOS with Touch ID
    • Using Windows Hello or Touch ID with SSO
    • Logging in with DUO
  • Social Media Management
  • Use Cases
  • Uninstall Keeper
  • Web Vault & Desktop App (Legacy, Abridged)
    • Enterprise End-User (SSO)
  • Docs Home
  • Import Records
    • Import Overview
    • Import from Chrome, Firefox, IE, Edge, Safari
    • Import from Chrome via export
    • Import Text File (.csv)
    • Import Text File (.json)
    • Import from Excel
    • Import from 1Password
    • Import from Avast
    • Import from Bitwarden
    • Import from CyberArk
    • Import from Dashlane
    • Import from EnPass
    • Import from Kaspersky
    • Import from KeePass (.kdbx)
    • Import from KeePass .XML
    • Import from LastPass
    • Import from MacPass
    • Import from mSecure
    • Import from MyKi
    • Import from Passpack
    • Import from Passportal
    • Import from Password Boss
    • Import from Proton Pass
    • Import from Psono
    • Import from RoboForm
    • Import from Safari
    • Import from SplashID
    • Import from Sticky Password
    • Import from Thycotic / Delinea
    • Import from True Key
    • Import from ZOHO
    • Import from Commander CLI
  • Microsoft Store App
  • Export and Reports
    • Vault Export
    • Shared Records Report
  • Documentation Home
Powered by GitBook

Company

  • Keeper Home
  • About Us
  • Careers
  • Security

Support

  • Help Center
  • Contact Sales
  • System Status
  • Terms of Use

Solutions

  • Enterprise Password Management
  • Business Password Management
  • Privileged Access Management
  • Public Sector

Pricing

  • Business and Enterprise
  • Personal and Family
  • Student
  • Military and Medical

© 2025 Keeper Security, Inc.

On this page
  • Which hardware keys are supported with Keeper on iOS?
  • What are the iOS version requirements for hardware key compatibility?
  • Do I need a PIN for my hardware security key on iOS?
  • What happens if I enter the wrong PIN for my hardware key too many times?
  • Can I use NFC hardware keys on iOS devices?
  • Can I use my hardware keys on my iPad?
  • Known Issues:
  • YubiKey FIDO PIN Loop
  • Long-Tap Autofill and Hardware Security Keys

Was this helpful?

Export as PDF
  1. Troubleshooting

Hardware Security Keys on iOS

Support for FIDO2 security keys on Keeper for iOS

PreviousTroubleshootingNextMaster Password Reset & Account Recovery

Last updated 4 months ago

Was this helpful?

This guide provides important compatibility information and troubleshooting tips for using hardware security keys with Keeper on iOS devices. If you're encountering issues with PINs, autofill, or NFC key support, this page will help you understand which iOS versions are compatible and how to resolve common problems.

To ensure seamless use of hardware security keys with Keeper, make sure you're using the latest version of Keeper and that your iOS device is running the most up-to-date version of the operating system. USB-C keys require Keeper Version 16.12.0 or greater.

Which hardware keys are supported with Keeper on iOS?

  • Keeper works with any FIDO® Certified security keys. Ensure you have the latest version of Keeper installed for full compatibility with hardware keys.

    • For a complete list of certified keys from the FIDO Alliance, visit the .

  • Unsupported Keys: Currently, software keys such as Passkeys or iCloud Keys are not supported for login or autofill with Keeper.


What are the iOS version requirements for hardware key compatibility?

To help you understand the compatibility of your iOS version with hardware keys and Keeper, refer to the table below:

iOS Version

Keeper App (Main)

Autofill

KeeperFill (Legacy)

iOS 16 or earlier

iOS 17

iOS 18+


Do I need a PIN for my hardware security key on iOS?

  • Setting a PIN for your hardware security key is optional. You can choose whether or not to set up a PIN when configuring your key. The PIN setup process is done through the hardware key manufacturer’s software (e.g., Yubico Authenticator).

  • Once a PIN is set for your security key, iOS will ask you to enter the PIN every time you use the key, whether for login or filling passwords.

  • No PIN Bypass: Unlike the Keeper Web Vault, iOS does not support bypassing the PIN. You must enter the PIN each time the key is used.


What happens if I enter the wrong PIN for my hardware key too many times?

  • If you enter the wrong PIN 6 times in a row, your hardware key will be locked. To unlock it, you will need to reset the key before you can use it again.

    • To reset your hardware security key please use the hardware key manufacturer’s software (e.g., Yubico Authenticator).


Can I use NFC hardware keys on iOS devices?

  • Yes, NFC hardware keys are supported on most iOS devices.

  • iPads do not support NFC hardware keys at all. This is a restriction at the OS level, and only physical hardware keys that plug into the device (via Lightning or USB-C) will work.

  • NFC hardware keys are not supported in Keeper extensions (Autofill | KeeperFill) on iOS.


Can I use my hardware keys on my iPad?

  • Yes, you can use hardware security keys with your iPad, but please note that only hardware keys that plug into the device (via Lightning or USB-C) are supported. NFC hardware keys are not compatible with iPads due to limitations at the OS level. This means that if you're using a hardware key with only NFC functionality, it will not work on iPad devices.

    • Combination hardware keys, that support both plug-in and NFC, will work via the plug-in method only.

    • USB-C keys require Keeper Version 16.12.0 or greater.

For iPad users, ensure your key is compatible with the appropriate connector (Lightning or USB-C) and that you have the latest version of Keeper installed to ensure full functionality.


Known Issues:

Issue Overview: Some users with FIDO CTAP 2.1 security keys (specifically YubiKeys with firmware 5.7) have reported being repeatedly prompted to enter their FIDO PIN in a loop, even after entering it correctly. This issue began after upgrading to Safari 18.1 or iOS/iPadOS 18.1. Users may experience difficulties authenticating with their security keys, as the prompt fails to complete the authentication process.

Affected Devices and Scenarios:

  • iOS/iPadOS: On mobile devices, after upgrading to iOS/iPadOS 18.1, the following issues are observed:

    • Physical key plugged in: Users will see an error after entering the FIDO PIN.

    • NFC authentication: The system may not prompt users for authentication when attempting to authenticate via NFC.

  • MacOS: This issue affects Safari 18.1 and certain 3rd-party browsers that rely on Safari’s WebKit engine. It can occur when a username allowlist and PIN verification are required during authentication.

Status: Yubico has acknowledged the issue and is working with Apple to resolve it. Apple has released a beta fix in macOS 15.2 Developer Beta 4 and iOS/iPadOS 18.2 Developer Beta 4. This update addresses the FIDO2 PIN prompt issue, but it is still in development, and users are advised to report any persistent issues to Apple.

Workaround Options: If you're experiencing this issue, consider the following options:

  1. Re-register Your Key: If you're already on iOS/iPadOS 18.2 public beta and still encountering the issue, try removing and re-registering your security key. This may help resolve any lingering issues.

  2. As a temporary workaround, you can log into your Keeper account on another device or browser and remove the hardware key from your authentication settings. This will allow you to continue using other methods of authentication while awaiting a full fix from Apple.

Long-Tap Autofill and Hardware Security Keys

With the addition of iOS 18, Apple introduced a new long-tap autofill feature that allows users to quickly fill in login credentials from their password manager directly into apps or websites. However, when using a hardware security key for authentication, long-tap autofill will not work as expected. This limitation occurs because the system requires interaction with the hardware key to complete authentication, which isn’t compatible with the autofill feature’s workflow.

Affected Devices and Scenarios:

  • iOS/iPadOS 18+ Devices: The long-tap autofill feature does not work with accounts secured by hardware security keys.

Recommendation: To work around this limitation, we recommend using the following steps:

  1. Enable "Stay Logged In" from the Desktop App:

    1. Open the Keeper web/desktop app (this option is not available in the mobile app for now) and enable the "Stay Logged In" option. This will ensure you remain authenticated for a longer period, allowing long-tap autofill to function without needing to re-authenticate with your hardware key.

  2. Log into the Keeper Main app on your iOS device and then you can proceed to use the long-tap autofill feature as intended.

Supported

Not Supported

Not Supported

Supported

Supported

Not Supported

Supported

Supported

Supported

Recommendations to work around this limitation can be found .

YubiKey

To check the firmware version of your YubiKey, download the Yubico Authenticator .

Upgrade to iOS/iPadOS 18.2 Public Beta: If you're not already on the public beta, upgrading to iOS/iPadOS 18.2 may resolve the issue, as it addresses the FIDO2 PIN loop problem. You can opt into the public beta via .

For more details and updates, please refer to the .

FIDO® Certified Showcase
FIDO PIN Loop
HERE
Apple's Beta Software Program
Yubico support article
HERE
✅
❌
❌
✅
✅
❌
✅
✅
✅