From Passwords to Passkeys—and the Lock-In Problem
Passkeys replace traditional passwords with a pair of cryptographic keys: a private key stored on your device and a public key held by the service you log into. Instead of typing a password, you prove you own the key pair using biometrics or a device passcode, which makes phishing much harder and eliminates the need to memorize complex strings. The catch has been portability. For years, passkeys were effectively tied to a single ecosystem or password manager, because there was no easy way to move them elsewhere. If you wanted to switch tools, your passkeys became a reason to stay put, even if you preferred another app. That friction discouraged many users from adopting passkeys at all. The industry’s answer is passkey portability through standardized import and export, so you can bring your credentials with you when you change password managers.
How Apple’s Passwords App Makes Passkey Export Practical
Apple’s Passwords app now includes a dedicated passkey import and export workflow, which removes one of the biggest barriers to switching. Within the app, you can choose Export Data to Another App, select specific logins that contain passkeys or simply select everything, and then hand those credentials off directly to a compatible password manager. On macOS, a similar option lives under File > Export Selected Items to App. The feature is built on the Credential Exchange Protocol (CXP), a standard defined by the FIDO Alliance to securely move passkeys between providers without exposing the private key. In practice, users have already tested moving passkeys from Apple Passwords into third-party tools like 1Password, confirming that the process is smooth enough to rely on. Knowing those keys are portable makes it far less risky to embrace passkeys across your accounts.
Google Password Manager Adds Passkey Import and Export
On Android, Google Password Manager is gaining its own passkey import export interface, closing a major gap in passkey portability. Under the hood, CXP transfers on Android rely on Google Play Services and Google Password Manager to move keys between providers, so Google’s implementation is critical. A hidden interface already shows options to import and export passkeys, suggesting the plumbing is largely in place and ready to surface in future updates. Once fully enabled, this will allow users to move passkeys between Google Password Manager, Android-based managers like Samsung Pass, and other compatible apps without re-registering every account. Combined with Apple’s implementation, Google’s support means the two largest platform vendors now back the same migration standard. That alignment is what turns passkey portability from a niche feature into something everyday users can actually depend on when they change devices or password managers.
Why Passkey Portability Changes Password Manager Switching
Traditional password manager switching has always depended on simple exports and imports of password databases. Passkeys disrupted that pattern because they are tightly bound to hardware and ecosystems by design, which initially made them hard to move. With Apple Passwords and Google Password Manager now supporting passkey portability, those bindings loosen. You can migrate your passkeys alongside your passwords to new tools without losing access to your accounts or re-enrolling each service. This removes a major psychological and practical barrier: you are no longer locked into one provider just because it holds your passkeys. It also increases competitive pressure on password managers, since users can leave more easily if a service stagnates or changes terms. Ultimately, portable passkeys encourage broader adoption by reassuring users that choosing passkeys today will not trap them in any single app tomorrow.
What This Signals for the Future of Authentication
The industry’s embrace of passkey import export is a strong signal that passkeys are moving into the mainstream. When both major platforms and leading password managers implement the same portability standard, it shows they expect passkeys to be a long-term replacement for passwords, not an experimental add-on. This also sets expectations for new and existing password managers: supporting passkeys alone will no longer be enough; they must also support seamless migration in and out. Users gain real control over where their authentication lives, whether in Apple Passwords, Google Password Manager, or a third-party app. As more services adopt passkeys for sign-in, this ecosystem of interoperable tools should make secure, phishing-resistant logins feel routine rather than exotic. In that world, the choice of password manager becomes a matter of features and trust, not a one-way door you enter when you create your first passkey.
