Android Authority discovered a hidden interface in Google Password Manager: the company is preparing to support importing and exporting passkeys. The feature is not yet publicly enabled, but the presence of a finished UI indicates the development is in its final stage.
Why this matters right now
Passkeys have existed for several years, but their mass adoption has been hindered by one practical barrier: ecosystem lock-in. Buy a new smartphone — and the passkeys created in Google cannot be transferred to 1Password or Bitwarden without jumping through hoops. This gave passwords in CSV files an inconvenient advantage — at least they could be copied.
According to the FIDO Alliance, today over 12 billion online accounts already support passkey login. But without a portability standard, users were essentially leasing their credentials to a specific vendor.
Industry standard as a foundation
Google is not moving alone. The FIDO Alliance has developed two technical standards — Credential Exchange Format (CXF) and Credential Exchange Protocol (CXP) — that describe how to securely transfer passkeys between platforms with end-to-end encryption. Bitwarden, 1Password, and Dashlane have already announced support. Apple implemented a compatible mechanism in iOS 26 and macOS Tahoe 26, where transfer occurs directly between applications — without an intermediate CSV file on disk.
«Login via passkeys is 75% faster and 20% more successful than passwords combined with SMS codes».
FIDO Alliance
Before CXP/CXF appeared, the industry «standard» for password transfer was an unencrypted CSV file — an approach that security experts called primitive. The new specifications replace it with a direct encrypted channel between managers.
What Android users will actually get
- Transfer of passkeys when switching to a new device without reconfiguring each service
- Ability to migrate from Google Password Manager to a third-party manager (and vice versa) without losing keys
- Backup of passkeys in encrypted format
Google has not yet announced a specific launch date — the hidden interface may appear in one of the upcoming service updates or alongside a future Android release.
If Google implements full CXP/CXF compatibility before the end of 2025, the password manager market will get its first truly competitive environment for passkeys: users will be able to choose a platform based on quality, rather than where they happened to create the first key. The question is whether Google will want to open this channel completely — or will leave technical limitations that make migration from Google more convenient than migration to competitors.
