Android Phone & Tablet

Comprehensive guide for Keeper on Android phones and tablets.

Your Keeper Vault

With Keeper, your passwords, logins and other personal information are saved in a private, digital vault. It is here where you can view and edit all of your website login credentials and details, as well as store important files and photos.

Account Creation & Login

Signing up for Keeper's Android mobile app is easy. Simply visit the Google Play Store on your device and install the Keeper Password Manager. account or login to an existing account. Watch the video below to learn more about account creation and login.

New Users

To create your Keeper account, first enter your email address then you will be asked to create and confirm a Master Password which will be the only password you have to remember. We recommend that you choose a strong Master Password that is only used for Keeper -- don't forget your Master Password!

To finalize your account and proceed to your vault, you will be asked to enter the security verification code that was sent to your email.

Enterprise users who log in with SSO do not require selection of a Master Password.

Existing Users

IIf you are an existing user, tap Login and enter your email address. If you are attempting to log in on an unrecognized device, a device approval must take place before you can proceed to your Keeper Vault. Users have three methods of approval to choose from:

  • Email Verification

  • Keeper Push

  • Two-Factor Method

Keeper Push is Keeper’s proprietary notification-based device approval system that sends a push notification to an existing, recognized device.

If you select Send Keeper Push, a notification (push) will appear in your Keeper vault at an approved device or browser.

On the device, login and tap Yes to approve the new device. You must be actively logged into a an approved device to receive the notification.

Once your device has been approved, you will be prompted for 2FA (if enabled), then enter your master password to proceed to your vault.

Enterprise SSO Login

If you are an Enterprise customer using SSO Login, you can enter your email address and tap Next to login through SSO. Alternatively, you can tap Use Enterprise SSO Login and enter the enterprise domain provided by your Keeper administrator and tap Connect.

Next, you will be directed to the Safari browser for web-based SSO Enterprise authentication. After you have successfully entered your SSO credentials and two-factor authentication code (if enabled), you will be returned to Keeper to complete the login. You may be required to approve your device using Keeper Push or administrator approval after the SSO login process has been completed.

For more information about Enterprise SSO login, click here.

Importing Passwords

When you first login to your vault, Keeper will prompt you to import passwords from your computer and/or web browsers (if you're not near a desktop computer, you can perform the import at a later time).

After tapping I'm at my computer Keeper will ask you to navigate to keepersecurity.com/setup on your desktop computer to begin the process of importing your passwords.

Click here for detailed instructions on importing passwords from web browsers and other password managers to your Keeper Web Vault.

Creating New Records

Your passwords, logins, credit card numbers, bank accounts and other personal information are saved in your private digital vault (as "Records") and are encrypted on your device using 256-bit AES.

Tap + and Create New Record.

  • Choose a Record Type from the dropdown menu ("Login" is the default type)

  • Enter a Title for the record

  • Enter the Email or Username

  • Enter the Password or tap the dice icon to generate one (more on that here)

  • Enter the Website Address (if one wasn't already entered for you)

  • Tap Save to finish

Depending on the Record Type you selected, the default record fields will vary.

Organization

With Keeper you can organize your records into folders and subfolders. To create a folder, tap + and Create New Folder, then enter a name for the folder. To add records to the folder, Tap + and Add Existing Record or you can tap Create New Record to add a new record to the folder.

To create a subfolder, within the folder, tap + and Create New Folder.

Please note, once created, regular folders cannot be converted to a shared folder. To learn how to create a shared folder, click here.

Moving & Shortcuts

Keeper makes it easy to move records around within your vault. Individual or multiple records and folders can be moved and shortcuts can be created. Shortcuts, like alias files, can exist in two or more places and when edited, change together.

To move or shortcut a folder, record or multiples thereof, long press on the record or folder and select any additional folder(s) or record(s) you would like to move or shortcut. Next, select the action you would like to perform by tapping an icon located in the upper right corner of your screen. The options include:

  • Create a Shortcut

  • Move to a New Folder

  • Move to an Existing Folder

  • Change the record(s) "Type"

  • Delete

You can move or shortcut a single record by selecting the option listed within the record detail screen.

Favorites

Adding a record to your vault Favorites is an easy way to locate your most frequently visited sites. To add a record to your Favorites, tap the menu icon (three vertical dotes) and select Add to Favorites.

Sharing

Securely create, share and manage records and folders with other Keeper users such as friends, family, friends and colleagues.

Share a Record

Open the record you would like to share and tap Share > Share with User. Enter the user's email address, then use the toggle switches to select permissions (Can Edit, Can Share, Make Owner) then tap the checkmark icon to save.

If this is the first time you are sharing with this person, you will first need to establish a "sharing relationship". The user will receive an email prompting them to login to Keeper and either accept or deny the share request. Once you establish a sharing relationship, the user will appear in the email dropdown list.

Keeper "One-Time Share" provides time-limited secure sharing of a record to anyone even if they don't have a Keeper account. To learn more about One-Time Share, click here.

Share a Folder

Shared folders allow you to share multiple records at once and new records can be added to the folder as needed.

Create a Shared Folder & Share with Others:

  1. Tap + > More > Create Shared Folder.

  2. Enter a name for the folder and tap Save.

  3. Tap the menu icon in the upper right corner of your screen and select Manage Users & Records.

  4. Tap Add Users and enter the email addresses of the user(s) you would like to share the folder with and tap the checkmark to save.

Assign Permissions & Add Records

  1. You can assign permissions for each user by tapping on their email address under the "Users" tab (Can Manage Users, Can Manage Records).

  2. To add records to the folder, switch to the "Records" tab and tap Add Records.

  3. Select the record(s) you would like to add to the shared folder and tap the checkmark icon to save.

  4. Once a record has been added, select it from the list to assign permissions (Can Edit, Can Share).

Identity & Payments

Identity & Payments is the place for you to store your personal contact/address information and credit card numbers safely.

Payment cards can also be stored in your vault as records using the "Payment Card" record type which allows them to be shared with other users. See our Record Types Guide for more information.

Key Features

Password Generator

Long, random passwords that are created for each login help protect your information and reduce your exposure to data breaches. Keeper generates and securely stores strong, random passwords for all of your sites and apps by tapping the dice icon.

This will NOT automatically change the website's existing login password. You must still visit the corresponding website's "Change Password" form to update the old password to match the new, stronger password. Click here to learn how to easily change your password with KeeperFill.

Password Zoom

To generate a zoomed-in view of a record password, tap the eye icon then long press on your password. Any numbers and symbols can be easily identified by blue and red color-coding.

Security Audit

Security Audit gives your passwords an overall security score and lets you clearly see what passwords are weak from a password strength visual indicator (red being the weakest, green being the strongest).

If a record is indicated as having a high risk password, Keeper recommends changing the password at the affected site immediately and updating the corresponding record in your Keeper Vault.

Record History

Users also have the ability to conveniently restore previous versions of a record. While viewing a record, tap the menu icon in the upper right corner of your screen and select Record History.

To restore a record back to a previous state, tap on the version you would like to restore. Review the record information by tapping the info icon then tap Restore.

A few notes on Record History:

  • Restoring a record does not place it back into the original folder structure.

  • Record History is only available as part of the paid consumer and business plans.

  • Deleted records can be reviewed and restored by visiting "Deleted Items" in the left navigation menu.

KeeperFill

Use KeeperFill to quickly autofill passwords into web browsers such as Chrome, Firefox, Edge, Brave, DuckDuckGo and all other native apps like banking and social media. Once enabled, KeeperFill login prompts and fill results are seamlessly integrated into your device's keyboard.

KeeperFill is currently supported for Android versions 9 and above.

Setup

To enable KeeperFill, navigate to Keeper's Settings menu, then toggle "KeeperFill" on.

You will then prompted to enable various settings on your device including:

  • Selecting Keeper as the Autofill service

  • Enabling KeeperFill in the installed services

  • Enabling KeeperFill in the available virtual keyboard section

  • Enabling Keeper to display over other app

Autofill for Apps & Web Browsers

From the app or website login screen, tap Sign in to Keeper located above the keyboard and enter your Keeper master password.

If Keeper identifies a record match, your login will then be displayed. Simply tap on your login next to the Keeper icon to autofill your credentials and log in.

Some apps and sites have more than one login screen and may require you to tap your login on each screen.

If your device's keyboard does not support autofill, KeeperFill's appearance and location will vary like in the example below.

Record Search & Creation

If you would like to search for a record in your vault or create a new record, tap Search/Add. Then select whether you would like to Search or Create New Record.

If searching, select the record in your records list and tap Fill to autofill the login in the app or site.

If creating a new record, enter the record details and tap Save and Fill to save the record to your vault and autofill the newly created login in the app or site.

Secure Add-Ons

Secure File Storage

Keeper offers Secure File Storage to protect your confidential files, photos and videos. Securely upload and store files such as passport photos, medical cards, drivers licenses, tax and loan documents, videos and any other private file to your Keeper Vault.

You can either add an attachment to any existing record or create a new record using the "File Attachment" record type. Tap Add Files or Photos to upload your file.

To learn more about Secure File Storage, click here.

BreachWatch

BreachWatch is a powerful, secure add-on feature that monitors the internet and dark web for breached accounts matching records stored within your Keeper Vault. BreachWatch alerts you so that you can take immediate action to protect yourself against hackers. Once activated, BreachWatch continuously monitors for compromised credentials and notifies you if any of your records are at risk.

To start your BreachWatch scan, tap BreachWatch in the lower menu of your screen tap then Let's Begin > Scan.

BreachWatch will then scan your records and report any risks associated with them. Resolving the risk requires you to change the password at the affected website. Once you have done that, be sure to update the corresponding record in your Keeper vault with the same password.

If you tap Ignore, then that record will be skipped on future scans until the password is reset. You may also do nothing (deferring a response) and leave the risky password unchanged and thus still at risk.

To learn more about BreachWatch, click here.

Settings

The Settings menu allows you to customize the display, personalization and security features of the application, including:

  • Theme

  • Login Options (Two-Factor Authentication, Biometric Login, Auto-Logout)

  • Security (Self-Destruct, Fast Login Mode)

  • KeeperFill

  • Prevent Screenshots

  • Clipboard Expiration

  • Hide Passwords

  • Sort Record Types

  • Change Email Address

  • Account Recovery

  • Reset Master Password

Please note that some security settings may be enforced by your Keeper Administrator if you are part of a Keeper Business account.

Dark Mode

You can enable Dark Mode at the top of Keeper's Settings menu. By default, the app will match your device's system display settings. Alternatively, tap the dropdown to turn Dark Mode for Keeper on or off.

Account Recovery

If you forget your Master Password, this feature will help you quickly regain access.

Set up Account Recovery:

  1. Tap Account Recovery from the Settings menu.

  2. Confirm your Master Password and tap Generate New Phrase.

  3. Once your recovery phrase has been generated, be sure to store it in a safe place. For added convenience, you will be given the option to copy or download it.

  4. Check the confirmation box to confirm that you've stored your Recovery Phrase.

  5. Tap Set Recovery Phrase.

Reset Master Password

To change your Master Password:

  1. Tap Reset Master Password.

  2. Enter your current master password.

If you have Biometric Login enabled, you won't be required to enter your current master password.

  1. Create and confirm a new master password.

If you are unable to login with your current master password, and you've set a recovery phrase, go to Forgotten Master Password & Account Recovery to recover your account.

Two-Factor Authentication

Two-Factor authentication (2FA) provides an extra layer of security when logging into your Keeper Vault or another site or application by requiring a secondary passcode upon logging in.

Enabling two-factor authentication is especially advised for highly valuable or sensitive accounts (e.g. banking, medical and social media accounts).

Keeper offers two ways to take advantage of 2FA:

  • To log into your Keeper Vault.

  • To log into any site or application from your Keeper Vault by embedding a TOTP (time-based one-time password) into your records.

2FA for Keeper Vault

To enable 2FA for your Keeper Vault, tap Settings > Two-Factor Authentication, tap the dropdown menu under "Primary Method" and select a method from the list of options.

Text Message Setup:

(1) Select a Region (US+1 by default), enter your 10 digit phone number including your area code and tap the checkmark icon to save.

(2) Select how long you want the two-factor method to be valid for.

You will be prompted for 2FA every time you login to your vault unless you select an alternative duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.

(3) Enter the code that was sent to the phone number you provided then tap the checkmark icon to save. Codes will only last for a minute; if you need another code sent, tap Send a new code.

(4) Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.

If you are not receiving SMS messages from Keeper, please use the TOTP method or contact support@keepersecurity.com to troubleshoot the issue.

Authenticator App (TOTP) Setup:

(1) Once you select "Authenticator App" tap the checkmark icon to save.

(2) Select how long you want the two-factor method to be valid for.

You will be prompted for 2FA every time you login to your vault unless you select an alternative duration. Business customers may be required to enter the code every login as determined by their Keeper Administrator.

(3) You will be asked to scan the QR Code or enter your secret key in your authenticator or TOTP app. Copy the code displayed in Keeper. Open Google or Microsoft Authenticator (or whichever app you use for 2FA) and add a TOTP record, pasting in the copied Secret Key.

(4) Return to Keeper and copy or enter the TOTP code provided.

(5) Backup codes will be shown next. If you are unable to receive two-factor codes via the phone number you entered, you can enter one of the backup codes listed instead. Tap one of the listed options to confirm you saved the codes somewhere safe.

In order for Azure MFA (using the Microsoft Authenticator app) to be utilized as a TOTP, the Azure Administrator needs to allow the verification method "Verification code from mobile app or hardware token" when setting up MFA in Azure.

2FA for Websites & Apps

Keeper can fill 2FA codes on any website or application that supports TOTP by scanning a QR code to generate a code (requires a second device).

(1) Open the Keeper record on your mobile device and tap the pencil icon (to edit) > Add Two-Factor Code (this will open your device's camera).

In order to open your device's camera you must first "allow" Keeper permission when prompted.

(2) On a secondary device (e.g. tablet, computer), navigate to the corresponding record's 2FA set up screen to retrieve the site's QR code.

(3) Scan the QR code with your mobile device. You will see the code has been added to the record.

(4) Tap the checkmark icon to save, then tap the code to copy it to your device's clipboard.

(5) Return to the site to paste the code to complete the setup.

Biometric Login

Enable Biometric Login

From the left navigation menu, select Settings then toggle "Biometric Login" on.

For security reasons, Android has designated only certain biometric authentication methods as secure. Samsung face biometric is considered insecure by the Android operating system (because it can be fooled by a photo). Keeper Security does not permit insecure biometric access to the vault.

Biometric Login

At the Keeper login screen, tap Biometric Login and touch the fingerprint sensor when prompted (or use Face/Iris Authentication where available).

FIDO2 WebAuthn Security Keys

Keeper provides two-factor authentication (2FA) with any FIDO2 WebAuthn compatible hardware key such as the YubiKey 5 NFC, YubiKey 5C NFC and YubiKey 5Ci.

Setup & Registration

(1) Before you add a security key, a two-factor authentication method must be in place as a backup.

(2) Navigate to Settings > Two-Factor Authentication and tap Add next to "Security Keys".

(3) Tap + Add Key and enter a name for the security key, then tap REGISTER.

(4) Select NFC Security key from the list of devices.

(5) Hold your key flat against the back of your device until it stops vibrating.

Your security key has been registered. You can register up to 5 security keys. Any one of those keys will unlock the account.

Prompt Frequency & Offline Access

The FIDO2 WebAuthn device will be required for login based on the configuration of the first 2FA method. For example:

  • If the first 2FA method is set to "Prompt Every Login", then the Yubikey will be required on every login, and offline login will be disabled.

  • If the first 2FA method is set to "Every 30 days", then the Yubikey will be required every 30 days, and offline login will be disabled.

  • If the first 2FA method is set to "Remember Forever", then the Yubikey will only be required one time on each new device. Offline vault login will be enabled.

Account Switching

Keeper supports the use of multiple vaults on the same device allowing you to switch between a personal account and business account, for example.

To switch to another account on your device, tap Account then tap the dropdown menu icon to the right of your email address. Select the account you would like to switch to or tap Add Account to register another account on that device.

You can also switch and add accounts from the Keeper login screen.

2FA Prompting Behavior & Offline Access

When 2FA is activated on an account, it protects the user on all devices and all platforms because 2FA is protecting access to the backend cloud system.

By definition, two-factor authentication protects access to the cloud and it protects access to online accounts. It therefore requires an online connection to be prompted for 2FA. 2FA is triggered when a request is made from the client device to the server. For example when logging into a new device, syncing new information on an existing device or performing any other cloud-based features.

By default, the native Keeper app for iOS, Android, Mac and Windows allow users to login quickly with their master password (offline mode) to access their vault. After typing in the master password or using biometric login, the user decrypts the data locally, then the app sends a sync request to the server at which time the user may be prompted for their 2FA code. Depending on the speed of the Internet connection, the 2FA prompt may be received a couple seconds after logging into the native application because the local decryption of data occurs much faster.

Offline authentication and vault access is permitted by all consumer customers. Enterprise customers may restrict the use of offline access for their employees.

2FA Token Retention & Timing

When activating 2FA on your Android device for the first time, the user selects how often they want to be prompted. Users can be prompted for 2FA every login, once every 30 days, or only one time per device. It's important to understand that 2FA is always enabled on the Keeper servers. After a successful login on a device, a "token" is generated from the 2FA code and stored locally on the device as long as it's deemed valid by the server. This is why you are still able to login to the same device over and over without being re-prompted. By default, consumer customers will be prompted only one time per device. Enterprise customers may enforce users to be prompted every time for a new code.

Currently, the 2FA token retention timing on Android will default to "only one time" on a device if the 2FA was initially set up on the Web Vault or Desktop App. To change this behavior, please turn 2FA off and then re-activate 2FA on the iOS device.

Import & Export

To import and export data from your Keeper vault, visit the Keeper Web Vault or download Keeper Desktop for your computer.

Keeper Web Vault: https://keepersecurity.com/vault

All Downloads: https://keepersecurity.com/download

Uninstall & Account Reset

The instructions below apply to the latest OS. Third party operating system instructions may differ.

Uninstall Keeper:

Uninstalling Keeper will delete the data from Keeper on the local device. Data stored in Keeper's Cloud Security Vault is NOT erased.

  1. Open your device's Settings menu.

  2. Tap Apps or Application Manager (depending on device).

  3. Navigate to the Keeper App.

  4. Tap Uninstall.

  5. Confirm by tapping OK when prompted.

Account Reset:

Resetting Keeper will erase all records from all Keeper accounts stored locally on your device. Data stored on Keeper's Cloud Security Vault is NOT erased.

  1. Open your device's Settings menu.

  2. Tap Apps or Application Manager (depending on device).

  3. Navigate to the Keeper App > Storage.

  4. Tap Clear data and Clear cache.

  5. Confirm by tapping OK when prompted.

Privacy

Keeper's mobile apps do not contain any trackers. All mobile apps go through vulnerability testing with Keeper's 3rd party testers and the Bugcrowd Bug Bounty Program.

Exodus Privacy is an organization that monitors the applications that perform user tracking. Keeper's Android application showing zero trackers is listed below:

https://reports.exodus-privacy.eu.org/en/reports/com.callpod.android_apps.keeper/latest/#trackers

Customer Support Form: https://keepersecurity.com/support.html​​

Business Customers: business.support@keepersecurity.com

System Status: https://statuspage.keeper.io

Last updated