Passkeys UX updates on Chrome on Android

Chrome on Android now integrates the Credential Manager allowing third-party password managers provide passkeys on Android 14 and later.

Eiji Kitamura

Passkeys are a safer and more user friendly alternative to passwords. They enable users to sign in to apps and websites by unlocking their device screen–with a biometric sensor (such as a fingerprint or facial recognition), PIN, or a pattern. With passkeys, users no longer need to remember and manage passwords. Passkeys are already supported in Chrome across many operating systems.

On Android 14 and newer, passkeys from all providers are displayed by the Credential Manager. On earlier versions of Android, Google Password Manager is displayed on an interface provided by Google Play services.

With this update, Chrome users on Android 14 and later will see the following changes:

An updated user interface with a more streamlined sign-in experience.
An ability to sign in with a passkey stored with a third-party password manager.

An updated user interface with a more streamlined sign-in experience

The biggest change users will notice in this update is the user interface. For example, the appearance of the passkey authentication dialog is shown in the following figure:

The existing passkeys sign-in dialog using Google Play services.

The new passkeys sign-in dialog powered by the Credential Manager.

There are a few notable changes in the new user interface:

The domain the user is signing in to is indicated with larger text.
The display name is shown above the username instead of just a username.
Passkeys are prioritized over other options.
The Sign-in options button appears to show alternative sign-in options, such as passwords, and other passkeys—including ones on a security key or another phone.

Passkeys are prioritized over other options in the new passkeys sign-in dialog.

Users can choose from alternative sign-in options as well.

When no passkeys are found, the existing passkey dialog simply shows the OK button.

The new passkey dialog shows a Use a different device option when no passkeys are available. — The new passkey dialog shows a **Use a different device** option when no passkeys are available.

An ability to sign in with a passkey stored to a third-party password manager

While Google Password Manager is the default passkey provider on Android, the user can choose passkeys from all third-party password managers enabled in Android settings. Chrome on Android 14 and later respects the user's choice, and will use passkeys saved to the selected password manager as a passkey provider.

Passkey sign-in dialog when the user selects Dashlane as the password manager, for example.

If you are interested in making your password manager compatible with the Credential Manager, you can learn more by reading Integrate Credential Manager with your credential provider solution.

Impact on web developers with this update

There are no additional implementations required for the relying parties with this update. However, there are chances your service may receive passkeys created by a third-party password manager, and you can optionally improve the passkey management user experience using AAGUID.

AAGUID (Authenticator Attestation Global Unique Identifier) is an identifier of the password manager. AAGUID is contained in the public key credential that relying parties receive after creating a new passkey. By looking using a list of AAGUIDs, the server can determine the password manager the user has used to create the passkey. This can help you create a more user-friendly list of passkeys in the passkey management screen.

You can learn more about how this works by reading Determine the passkey provider with AAGUID.

Photo by Brock Wegner on Unsplash