Android virtual keyboard for field and password entry

Please implement a custom keyboard for filling usernames, passwords, and other fields, including custom ones, on Android. This would be useful for security, convenience, and usability reasons, as it would reduce use of the clipboard, allow easier selection of custom fields without leaving the target app, and be supported by almost any app, regardless of newness.

Rationale: Android 9.0 supposedly has “enhanced autofill features,” but it currently seems to be supported mainly by Chromium-based browsers. It doesn’t seem to help at all for filling custom fields, at least in my experience. Additionally, many apps will show an autofill option when you long-press their textbox, but when using it, absolutely nothing happens (regardless of which app is used for autofill, BitWarden or otherwise). As always with new Android versions, it’s going to take a long time for Android 9.0 and its autofill features to proliferate, but even now they’re not usable enough in most cases (from my experience, at least).

The accessibility service does a better job, but again, it doesn’t offer any way of dealing with custom fields that I could find, and it still doesn’t work with some apps, such as my banking app. (Ouch.)

Without a custom keyboard like BitWarden alternatives have, the only practical recourse in many situations is to use the clipboard, which as we know is incredibly insecure. (In short, although “read your clipboard” is an Android permission, even apps that don’t show it in their permissions can read it, and many devices have a “clipboard tray” that keeps stuff saved for a long time.)

I wish Android’s native autofill was better, but because it’s so flawed and its availability so limited, I foresee a virtual keyboard being a necessary evil over the next few years at least and, to save on frustration, I will likely have to use a password manager that includes one.

Without this feature, bitwarden isn’t an alternative for keepass.

1 Like

PS There are more people interested:

Also some apps in Android somehow block copy and paste (or any ‘menus’ in the text fields), so I can’t even paste in credentials. A virtual keyboard is the workaround for those apps.

Now I can not switch back and forward from chrome to bitwarden to copy and paste pass anymore, since chrome has new “feature” to refresh all the webpage…

This is essential for filling username and password when adding additional accounts on Android phones. Autofill won’t work during the process, this is where Bitwarden has failed. I was able to fill in the login fill using Keepass2Android and Enpass Keyboard…

Bitwarden is very good but critically lacks some secure input methods:

  • A Bitwarden custom keyboard on Android
  • A Bitwarden custom virtual keyboard as part of the browser extensions

This is not some decorative or convenience feature; this is required for security, which should be at the very heart of any password manager business.

  1. Android needs a Bitwarden custom keyboard because you cannot rely on any other third party’s keyboard (like Google, Samsung, Microsfot Swiftkey, …) for not logging your key strokes. This is specially critical when logging to his Bitwarden account itself. As a matter of fact, all the keyboards with a predictive completion feature does exactly that. With a custom Bitwarden keyboard, one would have an input method with the company he/she already trusts for keeping his passwords anyway. (And needless to say, if any password manager company would deceive its customers by implementing a keylogger, that would be the end of that company overnight).

  2. Likewise, a Bitwarden virtual keyboard is needed for the browser extensions. This is for when a user needs to log in to his Bitwarden account from a device he does not own or control, like at a public place or at some other people’s place. This keyboard would be part of the browser extension itself and would display a keyboard layout to click on. The keystrokes would only be made and processed within the plugin process, so with minimal exposure to any external keylogger or malware.

Once again, this is about security. This is core. Keepass has it; LastPass has it (maybe others I can’t say); but Bitwarden does not have it for some reason. This is critically needed.

I discovered bitwarden recently and it’s autofill (service and accessibility) is preferred over my current password manager and the modern interface is really great.

The only missing feature that I’m able to come up with is an integrated keyboard. There are a couple of reasons for me that it’s important.

  • quickly filling in keyboard information on a web browser (this is my main usage for the keyboard)
  • occasionally when autofill does not work properly

If this was present, there would be no hesitation for me to migrate over.

Evaluating Bitwarden coming from KeePass. KeePass2Android’s one big feature difference is the virtual keyboard. I’m still evaluating the auto fill integration, but never cared for it in KeePass because the virtual keyboard covers all the bases. Besides the added security, I’m able to fill in arbitrary fields when the autofill doesn’t match (credit card entry is the most egregious since every site does it differently).

Arguably this is one of those features that people don’t know they need until they have it so I can see why you wouldn’t immediately add it. This one feature though makes all the difference with the variability in input across the web.

1 Like

Could be good. But it might mess with Yubikey on Android, which uses it’s own custom keyboard for OTP codes.