Sneak Peek of the Updated Mobile App

At the risk of repeating ourselves, the native Mobile Clients for Android and iOS, first introduced in Passwordstate V9 Build 9000, offer substantial flexibility for System Administrators and Users on the move.  These apps are used in a revised architecture, requiring the installation of a Passwordstate App Server, which brokers connectivity between the client device and the Passwordstate instance.

The Apps authenticate using an independent credential set and store password records on the smartphone within an encrypted cache.  All authentication and access of credentials is audited and synced back automatically with Passwordstate on next connection.  This solution only offered simple read only access to authorized password records…until now!   

For the Uninitiated…

For those that haven’t see the app I’ve included a screen capture from my iPhone below.  This shows the Light colour scheme on the left hand side and the Dark colour scheme on the right hand side.  You can select either or choose to match the System Default on your device.

Once you’ve setup the App you can select to either unlock the app using the Unlock With Credentials (using the independent credential set) or Unlock With Biometrics (which will appear if you’ve selected the option to use Biometric Unlock).  From here you are presented with the default home page.

Password Lists Home

The image below shows the Password Lists page, the current system default home page in the App.  We intend on also providing an option of setting the OTP page (what?) as the default in a later build, possibly before the updated app is available in the respective Apple and Google stores.

While this all looks normal in the app, lets select a password list and show some neat enhancements.  The first is editing an existing Password Record.  I’ve selected a Password List on the Password Lists screen, then selected the top Password Record ending in  Now I’ve simply swiped in from the right hand side and the Edit control appears.  I can then go through and edit the required fields and save the record (we’ll explain how to do that further down),

Alternatively, if you discovered you no longer needed that Password Record, you can delete it by swiping-in from the left hand side and the Delete control appears,

And for those that guessed it… that’s right… you can Add a Password Record by clicking on the + sign up the top of the screen (with the green circle around it).

One-Time Passwords

Passwordstate has had the ability to service One-Time Passwords for a number of years.  All that’s required is a Password List to be based on the One-Time Password Authenticator Template.  This allows you to access the OTP codes via our Web Browser Extension.

But what about when you’re away from your computer?  Well, with the introduction of the native Mobile Clients you could have access to your Password Record that was stored in the encrypted cache, and that was it.  You’d still need a separate app, like Google Authenticator, to access the OTP.  But this is really inefficient!  Why have two apps when Passwordstate contains all the information?

With the release of the next version of the Mobile App we now provide mobile access to your OTP records, 

And, what’s more, you can also add new OTP records by pressing the camera icon at the top.  This will open the device’s camera and prompt to Scan the OTP QR Code.  Once scanned it will open up a new Password Record so the other details such as Title, Username, URL, Password etc. can be entered.  As with the Password Records shown above you can both Edit and Delete OTP records by swiping in from the right and left respectively.

Adding New Records

There’s a couple of ways to add a new Password Record via the App.  The first is by scanning a QR Code

Once scanned the App will open the New Password Record screen and require as a minimum the Title, Password and Confirm Password fields to be filled out.  Note, the app will check that the Password and Confirm Password fields match.  The Generate Password button will generate a password and populate both the Password and Confirm Password fields.  The generated password is based on the Password Generator Policy set for the Password List in your Passwordstate instance.  The One Time Password will already be filled out and cycling through every 30 seconds as you’ve scanned the QR code (not showing in the image below).

To save the record press the Tick Icon at the top or the Cross to exit without saving.  On successful saving you receive a Saved pop-up like below,

The second way of adding the record is via the + sign as show in the images under the Password Lists Home section above.  Note if you add a Password Record this way and the Password List isn’t based on the One-Time Password Authenticator template you won’t have the option to scan a One Time Password QR Code.


The new functionality of Adding, Editing, Deleting Password Records, including adding OTP Records via the Mobile App requires a connection back to your Passwordstate Instance.  The functionality is not designed to work just with the offline encrypted cache.  New records are first added to your Passwordstate instance and are then immediately synchronized with your mobile device.

Access to your OTP records however does work offline.  Your encrypted cache will always be populated with your OTP records each time you synchronize with your Passwordstate instance.  This means if you replace your phone you won’t have to set them up from scratch unlike with some other Authenticators.

We’re really excited about the newest version of the Mobile App.  If you would like to share your feedback, we’d love to hear it.  Just email it through to