Android users may soon gain full freedom to move passkeys between password managers, ending one of the most criticized limitations in Google’s passwordless login system.
Google is moving closer to fixing one of the most persistent weaknesses in its Android passkey ecosystem, as new evidence suggests the company is testing a system that allows users to import and export passkeys across password managers. The move signals a major shift toward true credential portability and brings Android closer to parity with competing platforms that have already begun enabling similar flexibility.
Passkeys, which replace traditional passwords with cryptographic login credentials tied to a device or biometric authentication, are widely seen as the next major step in online security. However, Android’s implementation has long faced criticism for keeping passkeys locked within Google Password Manager, limiting user control and cross-app flexibility.
That limitation now appears to be changing.
The development is being closely watched because it directly addresses one of the most requested improvements in the passkey ecosystem: interoperability.
A major shift in Android passkey handling
Early reports indicate that Google’s updated Password Manager interface includes options such as importing and exporting passwords and passkeys. This would allow Android users to transfer credentials between apps like third-party password managers and Google’s own ecosystem tools.
Industry analysts say this change represents a shift away from a closed credential environment toward a more open model of authentication management.
The broader goal aligns with global standards led by the FIDO Credential Exchange standard, which defines how secure credentials like passkeys can be moved between platforms without exposing sensitive data.
Why passkey portability is so important
Passkeys are designed to eliminate phishing, password reuse, and credential leaks by using cryptographic authentication instead of traditional passwords. However, their adoption has been slowed by one major issue: portability.
On Android, passkeys have historically been tied to a single password manager, meaning users who wanted to switch services faced a difficult process of re-registering accounts manually.
This is where the new development becomes significant. If fully implemented, Android users would be able to move credentials between services more freely, reducing lock-in and increasing competition among password managers.
Apple has already begun enabling similar functionality across its ecosystem, increasing pressure on Google to respond with an equivalent system for Android users.
How Google’s system is expected to work
Based on early testing behavior, the updated system will likely function as a controlled migration tool rather than a continuous sync feature.
Users would initiate an export from Google Password Manager, then select a destination app installed on their device. The credentials would then be transferred using encrypted channels designed to prevent exposure of sensitive authentication data.
Technical documentation for Android’s credential handling can be found in the official
Android passkey system documentation, which outlines how Google integrates passkeys into Android and Chrome environments.
Industry-wide push toward open authentication
The move toward passkey portability is not happening in isolation. Password manager providers, platform developers, and standards organizations are increasingly aligning around the idea of cross-platform credential mobility.
A growing number of companies are working on enabling secure transfer systems, as highlighted in industry coverage such as passkey portability across password managers.
This shift is part of a broader effort to make authentication more user-centric, reducing dependency on single providers and improving flexibility across devices.
Security implications and technical concerns
While portability improves usability, it also introduces new security considerations. Moving cryptographic credentials between systems must be handled carefully to avoid interception or unauthorized access.
Research into these models, including work published on
synced passkeys security model, highlights both the benefits and risks of synchronized or transferable passkey systems. The study notes that while usability increases, implementation must ensure strict cryptographic safeguards to prevent exploitation.
Evidence of real-world testing inside Android
The strongest indication that Google is actively working on this feature comes from UI-level testing discovered in Google Password Manager builds. These hidden features include visible import and export controls for credentials, suggesting that internal testing is already underway.
Reports from Android-focused researchers confirm these findings in detail, including early interface behavior and system responses. One of the most detailed breakdowns of this testing can be found in coverage from
Android passkey export feature testing.
Android security ecosystem continues evolving
This development also fits into a broader trend of Android strengthening its security architecture. Google has been gradually expanding protections around identity systems, app security, and device-level encryption.
In parallel, Android’s security direction continues to evolve through enhanced monitoring and threat detection systems, including improved defense layers such as the
Android spyware detection system, which reflects a wider push toward stronger mobile security infrastructure.
What this means for Android users
If Google fully rolls out passkey import and export functionality, Android users could gain several key benefits:
- Ability to move passkeys between password managers
- Reduced dependency on a single credential provider
- Easier switching between Android and other ecosystems
- Improved long-term control over digital identity data
However, early versions are likely to be limited in scope, with support depending on whether third-party password managers adopt the required standards.
The road ahead
Google has not officially announced a release timeline for the feature, suggesting it is still in testing or staged rollout phases. However, the direction is clear: Android is moving toward a more open and interoperable passkey ecosystem.
As adoption of passwordless authentication accelerates globally, the ability to freely move credentials between services may become a defining requirement rather than an optional feature.
If successful, this change could mark a major turning point in how digital identity is managed on mobile devices, making passkeys not only more secure but also genuinely portable across platforms.
