Comprehensive guide for Keeper on Android phones and tablets.
With Keeper, your passwords, logins and other personal information are saved in a private, digital vault. It is here where you can view and edit all of your website login credentials and details, as well as store important files and photos.
Signing up for Keeper's Android mobile app is easy. Simply visit the Google Play Store on your device and install the Keeper Password Manager. account or login to an existing account. Watch the video below to learn more about account creation and login.
To create your Keeper account, first enter your email address then you will be asked to create and confirm a Master Password which will be the only password you have to remember. We recommend that you choose a strong Master Password that is only used for Keeper -- don't forget your Master Password!
To finalize your account and proceed to your vault, you will be asked to enter the security verification code that was sent to your email.
Enterprise users who log in with SSO do not require selection of a Master Password.
IIf you are an existing user, tap Login and enter your email address. If you are attempting to log in on an unrecognized device, a device approval must take place before you can proceed to your Keeper Vault. Users have three methods of approval to choose from:
Email Verification
Keeper Push
Two-Factor Method
Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.
If you select Send Keeper Push, a notification (push) will appear in your Keeper vault at an approved device or browser.
On the device, login and tap Yes to approve the new device. You must be actively logged into a an approved device to receive the notification.
Once your device has been approved, you will be prompted for 2FA (if enabled), then enter your master password to proceed to your vault.
If you are an Enterprise customer using SSO Login, you can enter your email address and tap Next to login through SSO. Alternatively, you can tap Use Enterprise SSO Login and enter the enterprise domain provided by your Keeper administrator and tap Connect.
Next, you will be directed to the Safari browser for web-based SSO Enterprise authentication. After you have successfully entered your SSO credentials and two-factor authentication code (if enabled), you will be returned to Keeper to complete the login. You may be required to approve your device using Keeper Push or administrator approval after the SSO login process has been completed.
For more information about Enterprise SSO login, click here.
When you first log in to your vault, Keeper will prompt you with two options: Import Passwords or Later. If you choose Import Passwords, you can import directly from Google via a CSV file upload.
Importing from other password managers is still supported via the Keeper Web Vault. If you're not near a desktop computer, you can select Later to perform the import at a later time using the Keeper Web Vault.
Open the Keeper App: Launch the Keeper app on your Android device.
Access the Menu: Tap on the Hamburger Menu (three horizontal lines) in the top-left corner.
Select Import Passwords: From the menu, choose Import Passwords.
Choose Import Source: In the import options, select Import from Google.
Export Passwords: You will be redirected to passwords.google.com/options. Here, select Export passwords. -- If you have multiple Google accounts, make sure to confirm you are logged into the proper account.
Confirm Export: An Export Passwords Dialog will appear. Tap on Export to begin downloading your passwords CSV file.
Download Confirmation: Once the file is downloaded, you will see a confirmation message letting you know your file has been saved to your device.
Select the Downloaded File:
The download confirmation prompt has an "Open" option, clicking this will display the "Open With:" dialog at the bottom of your screen, select Keeper to continue importing from your CSV.
If using the back button: Choose Upload a CSV in the Keeper app to locate and select your downloaded file.
You can also navigate to the file manager: Locate the exported CSV file and select it to open with the Keeper app. This will take you directly to the Selected File screen.
Import in Progress: Keeper will display a screen showing the progress of the import and encryption of your passwords.
Import Complete: A notification in your Vault will be displayed letting you know how many passwords have been successfully imported.
If you already have your Google Password CSV file on your Android device:
Open the Keeper App: Launch the Keeper app on your device.
Select Import Passwords: Go to the Hamburger Menu and choose Import Passwords.
Choose CSV Import: When prompted, select the Upload CSV File option. This will open the Files app, filtering to show only CSV files.
Select the CSV File: Browse through your files and select the desired CSV file for import.
Import in Progress: Keeper will display a screen showing the progress of the import and encryption of your passwords.
Import Complete: A notification in your Vault will be displayed letting you know how many passwords have been successfully imported.
Keeper on Android directly supports importing from Google Password Manager via CSV file. While CSV files from other sources may work, their compatibility can vary based on formatting—only Google’s export is guaranteed to function seamlessly.
If you're importing from another password manager:
Keeper will ask you to navigate to keepersecurity.com/setup on your desktop computer to begin the process of importing your passwords.
For detailed instructions on importing passwords from web browsers and other password managers to your Keeper Web Vault, click here.
Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital vault (as "Records") and are encrypted on your device using 256-bit AES.
Tap + and Create New Record.
Choose a Record Type from the dropdown menu ("Login" is the default type)
Enter a Title for the record
Enter the Email or Username
Enter the Password or tap the dice icon to generate one (more on that here)
Enter the Website Address (if one wasn't already entered for you)
Enter Notes, add Files & Photos, a Two-Factor Code and Custom Fields
Tap Save to finish
Depending on the Record Type you selected, the default record fields will vary.
With Keeper you can organize your records into folders and subfolders. To create a folder, tap + and Create New Folder, then enter a name for the folder. To add records to the folder, Tap + and Add Existing Record or you can tap Create New Record to add a new record to the folder.
To create a subfolder, within the folder, tap + and Create New Folder.
Please note, once created, regular folders cannot be converted to a shared folder. To learn how to create a shared folder, click here.
Keeper makes it easy to move records around within your vault. Individual or multiple records and folders can be moved and shortcuts can be created. Shortcuts, like alias files, can exist in two or more places and when edited, change together.
To move or shortcut a folder, record or multiples thereof, long press on the record or folder and select any additional folder(s) or record(s) you would like to move or shortcut. Next, select the action you would like to perform by tapping an icon located in the upper right corner of your screen. The options include:
Create a Shortcut
Move to a New Folder
Move to an Existing Folder
Change the record(s) "Type"
Delete
You can move or shortcut a single record by selecting the option listed within the record detail screen.
Adding a record to your vault Favorites is an easy way to locate your most frequently visited sites. To add a record to your Favorites, tap the menu icon (three vertical dotes) and select Add to Favorites.
Securely create, share and manage records and folders with other Keeper users such as friends, family, friends and colleagues.
Open the record you would like to share and tap Share > Share with User. Enter the user's email address, then use the toggle switches to select permissions (Can Edit, Can Share, Make Owner) then tap the checkmark icon to save.
If this is the first time you are sharing with this person, you will first need to establish a "sharing relationship". The user will receive an email prompting them to login to Keeper and either accept or deny the share request. Once you establish a sharing relationship, the user will appear in the email dropdown list.
Keeper "One-Time Share" provides time-limited secure sharing of a record to anyone even if they don't have a Keeper account. To learn more about One-Time Share, click here.
Shared folders allow you to share multiple records at once and new records can be added to the folder as needed.
Tap + > More > Create Shared Folder.
Enter a name for the folder and tap Save.
Tap the menu icon in the upper right corner of your screen and select Manage Users & Records.
Tap Add Users and enter the email addresses of the user(s) you would like to share the folder with and tap the checkmark to save.
You can assign permissions for each user by tapping on their email address under the "Users" tab (Can Manage Users, Can Manage Records).
To add records to the folder, switch to the "Records" tab and tap Add Records.
Select the record(s) you would like to add to the shared folder and tap the checkmark icon to save.
Once a record has been added, select it from the list to assign permissions (Can Edit, Can Share).
Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.
Payment cards can also be stored in your vault as records using the "Payment Card" record type which allows them to be shared with other users. See our Record Types Guide for more information.
Long, random passwords that are created for each account help protect your information and reduce your exposure to data breaches. Alternatively, by combining multiple words, passphrases are an even more secure alternative to traditional passwords.
Keeper's password generator can create and securely store strong, random passwords or passphrases for all of your sites and apps.
Generate a Password
To begin, tap the dice icon within a new or existing record. You can customize your password by character length (8-99 characters) and choose to include lowercase and uppercase letters, numbers and symbols.
Check the box at the bottom of your screen if you'd like to make your selections the default setting for all passwords moving forward. Tap Use Password to update the record or Copy Password to copy it to your device's clipboard.
Tap the dice icon within a new or existing record and from the dropdown menu next to "Type", select Passphrase.
You can customize your passphrase by setting the length, including capitals and numbers in the passphrase and choosing from various symbols to separate the words.
Passphrases can be up to 20 words long, with a minimum length of 5 words and each word including at least 3 characters.
Check the box at the bottom of your screen if you'd like to make your selections the default setting for all passphrases moving forward. Tap Use Passphrase to update the record or Copy Passphrase to copy it to your device's clipboard.
This will NOT automatically change the website's existing login password. You must still visit the corresponding website's "Change Password" form to update the old password to match the new, stronger password. Click here to learn how to easily change your password with KeeperFill.
To generate a password or passphrase from your vault home screen, tap the yellow create button and select Generate Password. Select either password or passphrase next to "Type". You can either use the password/passphrase to create a new record or copy it to your device’s clipboard to use elsewhere.
To view your password/passphrase history, tap Generate Password from either your vault home screen or create one within a record and tap the clock icon. You can delete your generator history at any time by tapping on the trash icon.
To produce a zoomed-in view of a record's password or passphrase, tap the eye icon then long press on the password field. An enlarged view of your password/passphrase will appear at the bottom of the screen. Any numbers and symbols can be easily identified by blue and red color-coding.
The password generator on end-user vaults will adhere to the minimum character length, minimum number of lowercase/uppercase/numbers/symbols and allowed list of symbols as defined by your Keeper Administrator.
The passphrase generator on end-user vaults is enabled by default, but can be disabled by your admin. Passphrases will adhere to the minimum number of words and can be configured to include capital letters and numbers. The separators between words will be selected from the list of allowed symbols.
For more information on record password enforcement policies, please see our Enterprise Guide.
Security Audit gives your passwords an overall security score and lets you clearly see what passwords are weak from a password strength visual indicator (red being the weakest, green being the strongest).
If a record is indicated as having a high risk password, Keeper recommends changing the password at the affected site immediately and updating the corresponding record in your Keeper Vault.
Users also have the ability to conveniently restore previous versions of a record. While viewing a record, tap the menu icon in the upper right corner of your screen and select Record History.
To restore a record back to a previous state, tap on the version you would like to restore. Review the record information by tapping the info icon then tap Restore.
A few notes on Record History:
Restoring a record does not place it back into the original folder structure.
Record History is only available as part of the paid consumer and business plans.
Deleted records can be reviewed and restored by visiting "Deleted Items" in the left navigation menu.
Use KeeperFill to quickly autofill passwords into web browsers such as Chrome, Firefox, Edge, Brave, DuckDuckGo and all other native apps like banking and social media. Once enabled, KeeperFill login prompts and fill results are seamlessly integrated into your device's keyboard.
KeeperFill is currently supported for Android versions 9 and above.
To enable KeeperFill, navigate to Keeper's Settings menu, then toggle "KeeperFill" on.
You will then prompted to enable various settings on your device including:
Selecting Keeper as the Autofill service
Enabling KeeperFill in the installed services
Enabling KeeperFill in the available virtual keyboard section
Enabling Keeper to display over other app
From the app or website login screen, tap Sign in to Keeper located above the keyboard and enter your Keeper master password.
If Keeper identifies a record match, your login will then be displayed. Simply tap on your login next to the Keeper icon to autofill your credentials and log in.
Some apps and sites have more than one login screen and may require you to tap your login on each screen.
If your device's keyboard does not support autofill, KeeperFill's appearance and location will vary like in the example below.
Passkeys on Android devices, a highly anticipated feature for enhanced security and convenience, is now available on Android devices running Android 14+. This update marks a significant enhancement in our mobile applications capabilities, offering users an even more secure and streamlined experience. To learn more about Passkeys with Keeper, click HERE.
Passkeys work on websites and applications that have been specifically built to support them. Keeper maintains a passkey directory, which can be found HERE.
Creating a passkey for a website or app is a simple process on your Android device.
Tapping Create Passkey on a site or app will triggerKeeper to intercept the request. Keeper then prompts you to create a passkey for your associated login and saves it to your vault.
Returning to sites or apps where you have a stored passkey you will either be prompted to sign in with passkey or will be able to select Sign in with Passkey. Keeper does the rest!
Passkey functionality is not enabled by default on Android devices. To enable passkeys with Keeper follow the steps below.
Android devices do not have passkeys enabled by default. To enable passkeys on your device follow these steps:
Open Chrome or Chromium based browser on your Android device.
Enter chrome://flags into the address bar.
In the flags page that opens, tap the search box and search for "M124".
Under "Temporarily unexpire M124 flags" select Enabled from the dropdown menu, then click the Relaunch button that appears at the bottom of the browser.
Next, enter "Passkeys" in the search bar.
Under "Android Credential Management for passkeys" select Enabled for Google Password Manager and 3rd Party Passkeys from the dropdown menu, then click the Relaunch button that appears at the bottom of the browser.
If you would like to search for a record in your vault or create a new record, tap Search/Add. Then select whether you would like to Search or Create New Record.
If searching, select the record in your records list and tap Fill to autofill the login in the app or site.
If creating a new record, enter the record details and tap Save and Fill to save the record to your vault and autofill the newly created login in the app or site.
Keeper offers Secure File Storage to protect your confidential files, photos and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper Vault.
You can either add an attachment to any existing record or create a new record using the "File Attachment" record type. Tap Add Files or Photos to upload your file.
To learn more about Secure File Storage, click here.
BreachWatch is a powerful, secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper Vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.
To start your BreachWatch scan, tap BreachWatch in the lower menu of your screen tap then Let's Begin > Scan.
BreachWatch will then scan your records and report any risks associated with them. Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper vault with the same password.
If you tap Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.
To learn more about BreachWatch, click here.
The Settings menu allows you to customize the display, personalization and security features of the application, including:
Theme
Login Options (Two-Factor Authentication, Biometric Login, Auto-Logout)
Security (Self-Destruct, Fast Login Mode)
KeeperFill
Prevent Screenshots
Clipboard Expiration
Hide Passwords
Sort Record Types
Change Email Address
Account Recovery
Reset Master Password
Please note that some security settings may be enforced by your Keeper Administrator if you are part of a Keeper Business account.
You can enable Dark Mode at the top of Keeper's Settings menu. By default, the app will match your device's system display settings. Alternatively, tap the dropdown to turn Dark Mode for Keeper on or off.
If you forget your Master Password, this feature will help you quickly regain access.
Set up Account Recovery:
Tap Account Recovery from the Settings menu.
Confirm your Master Password and tap Generate New Phrase.
Once your recovery phrase has been generated, be sure to store it in a safe place. For added convenience, you will be given the option to copy or download it.
Check the confirmation box to confirm that you've stored your Recovery Phrase.
Tap Set Recovery Phrase.
To change your Master Password:
Tap Reset Master Password.
Enter your current master password.
If you have Biometric Login enabled, you won't be required to enter your current master password.
Create and confirm a new master password.
If you are unable to login with your current master password, and you've set a recovery phrase, go to Forgotten Master Password & Account Recovery to recover your account.
Two-Factor authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.
Enabling two-factor authentication is especially advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).
Keeper offers two ways to take advantage of 2FA:
To log into your Keeper Vault.
To log into any site or application from your Keeper Vault by embedding a TOTP (time-based one-time password) into your records.
To enable 2FA for your Keeper Vault, tap Settings > Two-Factor Authentication, tap the dropdown menu under "Primary Method" and select a method from the list of options.
(1) Select a Region (US+1 by default), enter your 10 digit phone number including your area code and tap the checkmark icon to save.
(2) Select how long you want the two-factor method to be valid for (not again for the device, every 30 days, 24 hours, 12 hours or at every login).
Business customers may be required to enter the code every login as determined by their Keeper Administrator.
(3) Enter the code that was sent to the phone number you provided then tap the checkmark icon to save. Codes will only last for a minute; if you need another code sent, tap Send a new code.
(4) Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.
If you are not receiving SMS messages from Keeper, please use the TOTP method or submit a support ticket at https://www.keepersecurity.com/support.html.
(1) Once you select "Authenticator App" tap the checkmark icon to save.
(2) Select how long you want the two-factor method to be valid for (not again for the device, every 30 days, 24 hours, 12 hours or at every login).
Business customers may be required to enter the code every login as determined by their Keeper Administrator.
(3) You will be asked to scan the QR Code or enter your secret key in your authenticator or TOTP app. Copy the code displayed in Keeper. Open Google or Microsoft Authenticator (or whichever app you use for 2FA) and add a TOTP record, pasting in the copied Secret Key.
(4) Return to Keeper and copy or enter the TOTP code provided.
(5) Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.
In order for Azure MFA (using the Microsoft Authenticator app) to be utilized as a TOTP, the Azure Administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.
You can manage how often you are prompted to sign in on your device with your selected two-factor method at any time. Once you have set up two-factor authentication for your vault (following the steps above), the 2FA Frequency setting will be available within the "Settings" menu. Tap 2FA Frequency and select from: every login, every 12 hours, every 24 hours, every 30 days, or don't ask again on this device.
Keeper can fill 2FA codes on any website or application that supports TOTP by scanning a QR code to generate a code (requires a second device).
(1) Open the Keeper record on your mobile device and tap the pencil icon (to edit) > Add Two-Factor Code (this will open your device's camera).
In order to open your device's camera you must first "allow" Keeper permission when prompted.
(2) On a secondary device (e.g. tablet, computer), navigate to the corresponding record's 2FA set up screen to retrieve the site's QR code.
(3) Scan the QR code with your mobile device. You will see the code has been added to the record.
(4) Tap the checkmark icon to save, then tap the code to copy it to your device's clipboard.
(5) Return to the site to paste the code to complete the setup.
From the left navigation menu, select Settings then toggle "Biometric Login" on.
For security reasons, Android has designated only certain biometric authentication methods as secure. Samsung face biometric is considered insecure by the Android operating system (because it can be fooled by a photo). Keeper Security does not permit insecure biometric access to the vault.
At the Keeper login screen, tap Biometric Login and touch the fingerprint sensor when prompted (or use Face/Iris Authentication where available).
Keeper provides two-factor authentication (2FA) on Android with compatible hardware keys such as the YubiKey 5 NFC, YubiKey 5C NFC and YubiKey 5Ci. Listed below are supported physical keys on Android.
Keeper is committed to enhancing the security and flexibility of your experience. Support for more plug-in style physical keys will come with a future release.
(1) Before you add a security key, a two-factor authentication method must be in place as a backup.
(2) Navigate to Settings > Two-Factor Authentication and tap Add next to "Security Keys".
(3) Tap + Add Key and enter a name for the security key, then tap REGISTER.
(4) Select NFC Security key from the list of devices.
(5) Hold your key flat against the back of your device until it stops vibrating.
Your security key has been registered. You can register up to 5 security keys. Any one of those keys will unlock the account.
The FIDO2 WebAuthn device will be required for login based on the configuration of the first 2FA method. For example:
If the first 2FA method is set to "Prompt Every Login", then the Yubikey will be required on every login, and offline login will be disabled.
If the first 2FA method is set to "Every 30 days", then the Yubikey will be required every 30 days, and offline login will be disabled.
If the first 2FA method is set to "Remember Forever", then the Yubikey will only be required one time on each new device. Offline vault login will be enabled.
Keeper supports the use of multiple vaults on the same device allowing you to switch between a personal account and business account, for example.
To switch to another account on your device, tap Account then tap the dropdown menu icon to the right of your email address. Select the account you would like to switch to or tap Add Account to register another account on that device.
You can also switch and add accounts from the Keeper login screen.
When 2FA is activated on an account, it protects the user on all devices and all platforms because 2FA is protecting access to the backend cloud system.
By definition, two-factor authentication protects access to the cloud and it protects access to online accounts. It therefore requires an online connection to be prompted for 2FA. 2FA is triggered when a request is made from the client device to the server. For example when logging into a new device, syncing new information on an existing device or performing any other cloud-based features.
By default, the native Keeper app for iOS, Android, Mac and Windows allow users to login quickly with their master password (offline mode) to access their vault. After typing in the master password or using biometric login, the user decrypts the data locally, then the app sends a sync request to the server at which time the user may be prompted for their 2FA code. Depending on the speed of the Internet connection, the 2FA prompt may be received a couple seconds after logging into the native application because the local decryption of data occurs much faster.
Offline authentication and vault access is permitted by all consumer customers. Enterprise customers may restrict the use of offline access for their employees.
When activating 2FA on your Android device for the first time, the user selects how often they want to be prompted. Users can be prompted for 2FA at every login, once every 12 hours, every 24 hours, every 30 days, or only one time per device. It's important to understand that 2FA is always enabled on the Keeper servers. After a successful login on a device, a "token" is generated from the 2FA code and stored locally on the device as long as it's deemed valid by the server. This is why you are still able to login to the same device over and over without being re-prompted. By default, consumer customers will be prompted only one time per device. Enterprise customers may enforce users to be prompted every time for a new code.
Currently, the 2FA token retention timing on Android will default to "only one time" on a device if the 2FA was initially set up on the Web Vault or Desktop App. To change this behavior, please turn 2FA off and then re-activate 2FA on the iOS device.
To import and export data from your Keeper vault, visit the Keeper Web Vault or download Keeper Desktop for your computer.
Keeper Web Vault: https://keepersecurity.com/vault
All Downloads: https://keepersecurity.com/download
The instructions below apply to the latest OS. Third party operating system instructions may differ.
Uninstalling Keeper will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.
Open your device's Settings menu.
Tap Apps or Application Manager (depending on device).
Navigate to the Keeper App.
Tap Uninstall.
Confirm by tapping OK when prompted.
Resetting Keeper will erase all records from all Keeper accounts stored locally on your device. Data stored on Keeper's Cloud Security Vault is NOT erased.
Open your device's Settings menu.
Tap Apps or Application Manager (depending on device).
Navigate to the Keeper App > Storage.
Tap Clear data and Clear cache.
Confirm by tapping OK when prompted.
Keeper's mobile apps do not contain any trackers. All mobile apps go through vulnerability testing with Keeper's 3rd party testers and the Bugcrowd Bug Bounty Program.
Exodus Privacy is an organization that monitors the applications that perform user tracking. Keeper's Android application showing zero trackers is listed below:
https://reports.exodus-privacy.eu.org/en/reports/com.callpod.android_apps.keeper/latest/#trackers
Customer Support Form: https://keepersecurity.com/support.html
Business Customers: business.support@keepersecurity.com
System Status: https://statuspage.keeper.io
| Supported Physical Keys | NFC Support | Plug-in Support |
|---|---|---|
Yubikey 5 NFC
✅
❌
YubiKey 5C NFC
✅
✅
YubiKey 5Ci
❌
✅
Identiv uTrust NFC
✅
❌
Feittian ePass K9 NFC
✅
❌
GoTrust Idem NFC
❌
✅
Thetis Pro NFC
✅
✅
