On November 1st, Google will deploy its new Credential Manager for Android 14 devices. Credential Manager keeps all your passwords and passkeys in a single location. And, more importantly, it ensures that all Android apps can offer passkey sign-in for a more convenient and secure experience.
Passkeys will slowly replace passwords over the coming years. The idea is simple—instead of memorizing passwords, an encrypted passkey will be saved directly to your device for quick and easy login. You perform a biometric scan or enter a PIN, and you’ll immediately log into an app or website. Passkeys can’t be stolen in corporate data breaches, and they’re resistant to phishing, so the security benefit over traditional passwords is quite clear.
Google’s Credential Manager, which first debuted in an Android 14 Developer Preview, is a unified interface for passwords, passkeys, and federated identity services. The Credential Manager will pop up when you’re prompted to log into an app. It will serve you all relevant sign-in methods, giving you the choice of how you want to log into an app (or a choice of which account you want to log into). Notably, the Credential Manager supports third-party password managers, so you’re free to pick and choose from several password databases or save an app’s passkey to your password manager of choice. Google confirmed that 1Password and Enpass will integrate with Credential Manager.
App developers who implement the Credential Manager API can offer passkey sign-in. Some apps, including Uber and WhatsApp, have already implemented this API. And companies like Amazon have already promised passkey support for Android, so Credential Manager API uptake should be pretty fast. That said, Google is depreciating several of its legacy Identity Services to encourage Credential Manager API usage.
The Credential Manager will roll out to Android 14 users on November 1st. Passkey support on Android will become fairly common as app developers implement the Credential Manager API. Note that passkeys will coexist with passwords for some time. If you create a passkey for an app or website, you can still log in with your password. Visit passkeys.directory for a full list of apps and websites that currently offer passkey sign-in.
Source: Google