Google quietly prepares passkey import and export on Android
Google Password Manager on Android is gaining a long‑requested capability: true passkey import and export. Hidden options discovered in the app’s settings replace the current “Import passwords” and “Export passwords” entries with “Import passwords & passkeys” and “Export passwords & passkeys.” Android Authority was able to activate these controls and get them working, even though they are not yet live for regular users. When triggered, the interface can prompt you to move passkeys between Google Password Manager and other apps, relying on Android’s underlying services to handle the transfer. GSM Arena notes that this implementation is built on top of the Credential Exchange Protocol (CXP), the emerging standard for secure passkey migration. While Google has not announced a rollout timeline, the presence of a functioning UI and working backend strongly suggests that Android‑wide passkey import export support is nearing public release.
How Android is catching up to Apple on passkey portability
Until now, Android has lagged behind Apple when it comes to moving passkeys between apps and platforms. Apple devices running the latest iOS and macOS versions already support CXP‑based transfers from iCloud Keychain to third‑party password managers, giving users a clear way to switch tools without re‑registering every account. Google, despite backing CXP, only offered passkey sync within its own ecosystem via Google Password Manager and Google Play Services. The new Android interface closes this gap by enabling Google passkey portability similar to what Apple offers. Importantly, the feature is designed to work across participating providers, not just within Google’s own stack. As CXP is adopted by major players like Bitwarden and 1Password, Android users should see the same kind of smooth, standards‑based passkey migration that Apple users already enjoy, reducing friction for those who want to change password managers.
Why passkey migration matters as passwords fade away
Passkeys are positioned as the successor to traditional passwords, using public‑key cryptography instead of shared secrets. A private key stays on your device, while a public key lives with each service; authenticating is as simple as using your fingerprint or face unlock, dramatically improving security and convenience. But this model breaks down if you cannot move the private key when you change devices or apps. Without a secure migration path, every switch would mean manually re‑enrolling passkeys on each website, effectively locking you into whichever manager you started with. CXP and Google’s new Android implementation solve this by providing a standardized way to move passkeys between apps and devices. That makes it more realistic for users to embrace passkeys fully, knowing they are not sacrificing flexibility or future choice when they leave traditional passwords behind.
Freedom to switch: ending password manager lock‑in on Android
For many Android users, Google Password Manager’s deep OS integration has been a double‑edged sword: convenient, but sticky. Once you began creating passkeys with Google’s built‑in manager, there was no straightforward way to move them to another app, even if you preferred a dedicated Android password manager such as Bitwarden or Samsung’s tools. The upcoming passkey import export flow directly addresses this limitation. According to Android Authority’s tests, you will be able to choose a source manager, select a supported app, and then complete the transfer within that app’s interface, moving passwords, passkeys, and other stored items. Because the mechanism is based on CXP, it should work among all compliant providers, not only Google’s. This portability reduces ecosystem lock‑in and lets users pick the manager that best fits their needs, whether that means richer features, different pricing, or cross‑platform consistency.
What Android users should expect next
There are still open questions about how widely and quickly passkey migration will roll out on Android. The feature remains hidden, and Google has not committed to a launch date or confirmed which password managers will be supported at first. Current clues suggest participation will be limited to providers that implement the Credential Exchange Protocol, a list that includes Google, Apple, Samsung, and several major independent managers. GSM Arena points out that CXP transfers on Android will rely heavily on Google Play Services and Google Password Manager as the underlying transport. That means OS updates alone will not be enough; app developers must also integrate with the new APIs. Even so, the groundwork is in place. As more apps adopt CXP, Android users should finally gain the flexibility to move passkeys between apps with minimal effort, making a future beyond passwords feel much more attainable.