The technology industry (Apple, Google, Microsoft) eventually wants to get rid of passwords with passwords† Until then, Google Password Manager will begin to offer on-device encryption so that “only you can see your passwords.”
The encryption key used to access your passwords is stored securely in your Google account. Google then uses this key to access (decrypt) your passwords.
On-device encryption ensures that “your passwords can only be unlocked on your device using your Google password or the screen lock for an eligible device”, such as fingerprint, PIN, etc. “No one but you can access your passwords” , as Google no longer has the encryption key, which is now stored securely on your device.
Google says that encryption on the device cannot be removed once it is set up and can be enabled on multiple devices, making it a recovery option as well. There are instructions on how to enable it today on desktop web, Android and iOS.
Meanwhile, opening passwords on a new device only involves signing in (with secondary authentication) to your Google account, while Sync must be enabled in Chrome.
Google strongly emphasizes that you have account recovery options before using on-device encryption. Disadvantages of the user experience include that automatic login to some services no longer works and Password check manual calls required.
In a supporting article today, Google is somewhat implying that on-device encryption will be the default approach going forward:
Over time, this security measure will be put in place for everyone to help protect password protection.
The “Set up encryption on device” process can be started from the Chrome desktop/mobile browser or Password Manager (website or built-in Android experience). However, it has not yet been widely rolled out on the web and we only encountered it in Chrome Beta (on Android).
Set encryption on the device for your passwords on the web/Android/iOS
- Go to passwords.google.comor Settings app > Google > Manage your account > Security tab > Password manager
- Click Settings
- Click Set encryption on the device
Set up on-device encryption for your passwords in Chrome
- In your Chrome browser, at the top right, select More (three-dot overflow menu) > Settings † Passwords † Set encryption on the device
FTC: We use auto affiliate links that generate revenue. More.