Skip to main content

Google Password Manager starts offering on-device encryption on Android, iOS, and Chrome

The technology industry (Apple, Google, Microsoft) ultimately wants to get rid of passwords with passkeys. Until then, the Google Password Manager is starting to offer on-device encryption so that “only you can see your passwords.”

Today, the Google Password Manager — found at passwords.google.com and inside Chrome — offers “standard password encryption” where: 

The encryption key, used to access your passwords, is safely stored in your Google Account. Google then uses this key to access (decrypt) your passwords.

On-device encryption makes it so that “your passwords can only be unlocked on your device using your Google password or the screen lock for an eligible device,” like fingerprint, PIN, etc. “No one besides you will be able to access your passwords” as Google no longer has the encryption key, which is now stored on your device in a secure way. 

Google says that on-device encryption cannot be removed once set-up and can be enabled on multiple devices, thus doubling as a recovery option. There are instructions today for enabling on desktop web, Android, and iOS.

Meanwhile, accessing passwords on a new device just involves signing-in (with secondary authentication) to your Google Account, while Sync must be enabled in Chrome. 

Google places a strong emphasis on making sure you have Account recovery options in place before using on-device encryption. User experience downsides include automatic sign-in no longer working on some services and Password Checkup requiring manual invocation.

In a support article today, Google somewhat implies that on-device encryption will be the default approach going forward:

Over time, this security measure will be set up for everyone to help protect password security.


The “Set up on-device encryption” process can be initiated from either the Chrome desktop/mobile browser or Password Manager (website or built-in Android experience). However, it’s not yet widely rolled out on the web and we’ve only encountered it in Chrome Beta (103, on Android).

Set up on-device encryption for your passwords on the Web/Android/iOS

  1. Go to passwords.google.com, or Settings app > Google > Manage your account > Security tab > Password Manager
  2. Click Settings
  3. Click Set up on-device encryption

Set up on-device encryption for your passwords on Chrome

  • In your Chrome browser, at the top right, select More (three-dot overflow menu) > Settings > Passwords  > Set up on-device encryption

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Google — experts who break news about Google and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Google on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Abner Li Abner Li

Editor-in-chief. Interested in the minutiae of Google and Alphabet. Tips/talk: abner@9to5g.com