100% Local Storage
Your data never leaves your device. No cloud sync, no backend calls, no analytics. The app functions entirely offline, giving you full sovereignty over your credentials.
New version — Export update available
Passwords & 2FA.
No cloud ever.
Qlerky is the offline-first password manager that stores all your credentials and two-factor authentication codes locally on your device — encrypted with your master password. No backend, no sync, no risk.
0
Servers touched
AES
Encryption standard
4
Export formats
2FA
Next-code preview
Core Features
Everything you need.
Everything you need.
Nothing you don't.
Qlerky is purpose-built for people who deal with a lot of accounts — exchange accounts, wallets, email, services — and need a reliable, private place to keep it all.
Master Password Encryption
All data is encrypted with a master password you set on first launch. Without it, the encrypted vault is completely unreadable — even if someone has access to your device files.
Next 2FA Code Preview
See the upcoming TOTP code before the current one expires. Never again race against a 2-second countdown trying to paste a code into a login form.
Flexible Entry Types
Store passwords, API keys, wallet seeds, 2FA codes, or any combination — all in a single structured entry. Organize exactly the way you think, not how the app thinks.
Multi-Format Export
Export individual entries or your entire vault in four different formats — each with its own security trade-off. From steganography to universal CSV compatibility.
Android Native
Built specifically for Android with a clean, responsive UI. iOS and desktop versions are in development. Biometric unlock support for quick access without compromising security.
Four ways to move
your data safely.
Every format is designed for a specific scenario. Pick the one that matches your threat model and use case.
🗝️ Qlerky File
The native export format. Your entry is
serialized and encrypted with your password into
a proprietary
.qlerky
file. Maximum security — only openable by
another Qlerky installation with the correct
password. Ideal for backups and migrating
between Android devices.
📷 QR Code
Generates an encrypted, scannable QR code embedding the entry data. Perfect for quick device-to-device transfers — just open Qlerky on the receiving device and scan. No cables, no cloud, no file system. The QR itself is still encrypted, so intercepting the image alone is useless without the password.
🖼️ Inside Image
The most covert export option. Your encrypted entry is hidden inside a cover image using steganographic techniques — the data is encoded into the least-significant bits of pixel color values. The resulting image looks completely identical to the original to the human eye. Share a photo and secretly transfer credentials at the same time. Note: Sensitive to image compression — always share as a lossless PNG or original file.
📄 CSV
Standard comma-separated format compatible with virtually every password manager on the market — 1Password, Bitwarden, LastPass, KeePass and others. Use this when migrating away from Qlerky or moving data to another app. Store with care — this format is plaintext and unencrypted.
Deep Dive
How steganography
How steganography
hides your data.
Inside Image is Qlerky's most technically fascinating export. It uses a technique called steganography — the art of hiding information in plain sight inside ordinary files.
01
Encrypt first
Your entry data is encrypted with your chosen password before any image processing — even the steganographic payload is ciphertext.
02
LSB encoding
The encrypted bytes are converted to
bits and embedded into the
least-significant bits (LSB) of RGB
pixel color channels. A pixel with
color
RGB(200, 140, 80)
might become
RGB(201, 141, 80)
— a difference of 1 out of 255.
Completely invisible to human
vision.
03
Indistinguishable result
The output is a perfectly normal-looking image. No metadata, no visible artifacts — just a photo that secretly carries your encrypted credentials inside its pixels.
04
Lossless transfer required
Because the data lives in the LSBs, any compression (like JPEG re-encoding in WhatsApp or Telegram) destroys the payload. Always share via direct file transfer, cloud storage links, or AirDrop.
PIXEL DATA VISUALIZATION
← 16 pixels · each carries 1 bit of hidden
data
// Original pixel
RGB(200, 140,
80) binary:
11001000 10001100
01010000
// After LSB encoding (bit
flipped)
RGB(201, 140,
80) binary:
11001001 10001100
01010000
// Difference: 1/255 —
imperceptible
Normal pixel — unmodified
Data pixel — LSB carries 1 bit of
encrypted payload
Adjacent pixel — modified in surrounding
area
Up and running in
under 60 seconds.
📥
Install
Download Qlerky from Google Play for free
🔑
Set Master Password
Create a strong master password on first launch — this encrypts everything
➕
Add Entries
Add passwords, 2FA codes or any combination. Organized however you like
✅
You're secure
All data encrypted locally. Use, export, or share as needed
Why choose offline
over cloud?
Cloud password managers are convenient, but they introduce a server that can be breached, subpoenaed, or discontinued. Here's how Qlerky stacks up.
| Feature | Qlerky | LastPass | Bitwarden | Google Passwords |
|---|---|---|---|---|
| Local-only storage | ✓ | ✗ | ✗ | ✗ |
| No server required | ✓ | ✗ | ✗ | ✗ |
| 2FA code storage | ✓ | ✓ | ✓ | ✗ |
| Next 2FA code preview | ✓ | ✗ | ✗ | ✗ |
| Steganography export | ✓ | ✗ | ✗ | ✗ |
| Free to use | ✓ | ✗ | ✓ | ✓ |
| Works fully offline | ✓ | ✗ | ✗ | ✗ |
| Data breach risk | None | High | Medium | Medium |
Common questions.
Since all data is encrypted with your master
password and stored only on your device, there
is no account recovery, no reset email, and no
backdoor. If you forget your master password,
the vault data cannot be decrypted. This is a
feature, not a bug — it means no one else can
access your data either. Write your master
password down and store it securely offline.
Yes. The app contains no analytics, no crash
reporting that transmits data, no cloud sync,
and no network requests related to your password
data. You can verify this by running the app in
airplane mode — everything works exactly the
same.
Qlerky uses AES (Advanced Encryption Standard)
to encrypt vault data with your master password.
The master password itself is never stored —
only its derivative key is used for
encryption/decryption operations at runtime.
Yes — use the QR Code export on the source
device and scan it on the destination device.
Alternatively, export as a Qlerky File and
transfer via Bluetooth, USB, or any file sharing
method. The data remains encrypted during
transit either way.
Most messaging apps (WhatsApp, Telegram by
default, Instagram) automatically re-compress
images when sending. This re-encoding changes
the exact pixel values that hold the hidden
data, corrupting the payload. To successfully
transfer a steganographic image, use services
that preserve original file quality: cloud
storage direct links (Google Drive, Dropbox),
AirDrop, Telegram "send as file" option, or
direct USB transfer.
iOS and desktop (Windows, macOS, Linux) versions
are in active development. Qlerky's Qlerky File
export format is designed for cross-platform
compatibility from the start, so your data will
transfer seamlessly once other platforms launch.
The secure password manager built for people who take privacy seriously.
Qlerky Password Manager was created out of a real need: a secure, offline place to store credentials and TOTP 2FA codes for exchanges, wallets, and online services — without trusting a third-party server with the most sensitive data you own.
Unlike cloud-based password managers such as LastPass or 1Password, Qlerky stores everything locally on your Android device. There is no account to create, no email to verify, no sync to configure — just install, set your master password, and start adding entries.
The application supports a unique next-code preview for 2FA entries, solving the common frustration of time-based one-time passwords expiring in the few seconds it takes to switch apps and paste the code.
With four export formats — including the unprecedented steganographic image export that hides your encrypted credentials inside ordinary photo pixels — Qlerky is the most versatile offline password manager available for Android today.
Your passwords belong
on
your device.
Download Qlerky for Android and take back control of your digital security. No account, no cloud, no compromise.
iOS & Desktop coming soon · Open to feedback in the comments