Google Tests Passkey Import and Export on Android
Google Password Manager is quietly preparing to solve one of the biggest pain points with modern authentication: moving passkeys between apps on Android. Researchers have enabled an unfinished interface inside Google Password Manager that replaces the current “Import passwords” and “Export passwords” options with new entries labelled “Import passwords & passkeys” and “Export passwords & passkeys.” These hidden controls reportedly work end‑to‑end, even though Google has not yet activated them for the public. On Android, passkey migration depends on Google Play Services and Google Password Manager acting as the system‑level broker, so this behind‑the‑scenes plumbing is critical. Once it rolls out, Android users should see migration prompts not only in Google’s own tool but also in third‑party managers that support passkeys, bringing practical password manager portability much closer to reality.
How Passkey Export on Android Will Work in Practice
The new interface suggests that Android’s passkey export flow will be tightly integrated with other password manager apps. When a user chooses “Import passwords & passkeys” in Google Password Manager, they are asked to select which manager currently holds their data. The system then lists compatible apps installed on the device—Bitwarden is one confirmed example—and hands control over so that passwords, passkeys, and related items can be transferred into Google’s vault. For exporting, Google indicates that you will be prompted to transfer passkeys when you open another password manager that supports the same protocol, rather than manually generating a file. This design keeps sensitive keys inside secure channels and makes it simpler to move passkeys between apps without wrestling with complex settings, advancing the goal of seamless password manager portability on Android.
Apple’s Head Start and the Credential Exchange Protocol
Android’s new capabilities are catching up to functionality Apple users already enjoy. Devices running recent versions of iOS and macOS can move passkeys between Apple’s built‑in keychain and third‑party managers, thanks to the Credential Exchange Protocol (CXP). CXP is an emerging standard backed by the FIDO Alliance and major industry players, including Google, Apple, and several leading password managers such as Bitwarden and 1Password. On Android, CXP‑based transfers rely on Google Play Services and Google Password Manager to shuttle keys between providers like Samsung Pass and others. While Google’s implementation is still hidden, the fact that the interface is working shows the CXP groundwork is largely complete. This closes an important feature gap with Apple and signals that cross‑platform, cross‑app passkey portability is becoming a baseline expectation rather than a luxury.
Why Passkey Portability Matters for Everyday Users
Passkeys are designed to replace passwords with cryptographic key pairs stored on your devices, authenticated using biometrics or other secure unlock methods. They dramatically reduce phishing risk and eliminate the hassle of remembering complex strings, but they also raise a practical question: what happens when you change phones or want to switch password managers? Without easy migration, users might be locked into a single app or forced to recreate passkeys one by one. Android’s emerging import and passkey export Android features directly address that concern. By letting people move passkeys between apps that support the Credential Exchange Protocol, Google Password Manager passkeys become portable assets rather than platform‑bound credentials. That flexibility lowers the risk of trying passkeys today, because users can later change providers without losing access.
What This Means for the Future of Password Managers
As passkeys gain traction, cross‑app compatibility will shape which password managers users trust for the long term. The ability to move passkeys between apps removes a key barrier to adoption: fear of lock‑in. With Android now preparing to match Apple’s transfer options, password manager portability is evolving into a competitive necessity instead of a niche perk. Established providers that already support CXP, including major third‑party managers and ecosystem services like Samsung’s tool, should benefit from streamlined migration flows once Google flips the switch system‑wide. For users, the takeaway is straightforward: it will soon be safer and easier to switch password managers without sacrificing passkey data. That, in turn, should accelerate the broader shift from passwords to passkeys and push the industry toward truly interoperable, user‑controlled credential management.