Google Tests Passkey Portability Inside Android Password Manager
Google Password Manager on Android is quietly gaining the ability to handle both importing and exporting passkeys, closing a long-standing gap in the platform’s security tools. Hidden options discovered in the app’s settings replace the familiar “Import passwords” and “Export passwords” entries with new controls labelled “Import passwords & passkeys” and “Export passwords & passkeys.” These aren’t just cosmetic changes: testers have successfully activated the interface and completed transfers, indicating that the underlying system is already functional even though it is not yet broadly enabled. Rather than a simple “export file” button, Google’s approach relies on prompting users when they open another password manager that supports the same protocol. On Android, this passkey export capability is deeply tied to Google Play Services and Google Password Manager, suggesting that once Google flips the switch, many third-party Android password manager apps will be able to participate in secure passkey migration.
Closing the Gap with Apple’s Passkey Ecosystem
With this move, Google is finally catching up to Apple’s already-mature support for passkey portability. Devices running recent versions of iOS and macOS can already move passkeys between system keychains and third-party managers using the Credential Exchange Protocol (CXP), an emerging standard backed by the FIDO Alliance. Until now, Android has only offered passkey syncing within Google’s own ecosystem, effectively locking users into Google Password Manager if they relied on passkeys for everyday logins. The new interface proves that Google is now implementing CXP on Android as well, turning Google Password Manager into the central hub that coordinates passkey transfers between providers. Once live, this will give Android users the same kind of flexibility Apple users enjoy, making it much easier to adopt passkeys without worrying about being trapped in a single vendor’s ecosystem over the long term.
How Passkey Export on Android Will Work in Practice
The new passkey export Android flow is designed to keep the user in control while maintaining strong security guarantees. When a user selects “Import passwords & passkeys” in Google Password Manager, they are first asked to choose the password manager that currently stores their credentials. Android then displays a list of compatible apps installed on the device, such as Bitwarden, that support the same CXP-based migration. After selecting an app, the user is handed off to that password manager to authorize the transfer of passwords, passkeys, and other stored items into Google’s vault. Exporting works inversely: rather than a universal “export” button, Android will prompt users to move passkeys between apps when a new password manager is opened and requests migration. This model builds a consistent, system-level experience while leaving room for other Android password manager providers to implement their own user interfaces on top of the shared protocol.
Why Passkey Portability Matters for the Future of Logins
Passkeys are widely seen as the successor to traditional passwords, relying on public–private key pairs and secure local authentication instead of memorized strings. Users log in by confirming their identity with biometrics or a device lock, while the cryptographic heavy lifting happens invisibly in the background. However, this convenience has come with a catch: because the private key is stored locally, moving to a new phone or switching password managers has been tricky, often discouraging people from embracing passkeys. Google Password Manager portability on Android directly addresses this problem by making it possible to move passkeys between apps and platforms using CXP. As more services adopt passkeys, having a safe, standardized way to migrate them will be essential for avoiding vendor lock-in and giving users the confidence to commit fully to a passwordless future without sacrificing freedom of choice.