Google has made major improvements to how passwords are stored inside Chrome, taking some of its best features from its mobile browser and applying them to the desktop.
There has always been some tension between the browser and password managers in terms of which app holds the keys to your digital life. Google already offers to store your passwords within the Google cloud, offering additional features such as trolling the deep web to ensure that they haven’t been leaked as part of a breach.
Today Google and Chrome add some new key features: a quick shortcut to your passwords from the desktop, the ability to import passwords stored elsewhere, and, perhaps most importantly, the ability to use biometric identification to unlock your password vault on the desktop browser. You’ll also be able to add notes to a password file, to identify a PIN or store other useful information. The note will also be securely stored, with the same protections applied to the password. Password Checkup is also coming to iOS.
Biometric authentication is probably the most important update. On mobile, that generally means using a fingerprint scanner to unlock the password vault or identify yourself to an app.
On the desktop, Google will use whatever biometric methods are available to your PC — Windows Hello depth cameras, typically. (If you don’t own a Windows Hello webcam, you can buy one — they’re more available and much cheaper than they were a couple years ago.) This is an optional feature, but provides a powerful layer of security that takes little effort. Anecdotally, facial logins via Windows Hello can “degrade” over time as you shave or grow a beard, for example. However, if Windows Hello works for Windows, it will work for Chrome.
Google has also added a “home” for managing passwords within Chrome, via the new “Password Manager” heading in your Chrome settings menu.
You’ll probably welcome the ability to add notes to your passwords, too. In most cases a site will simply ask for a username and password, but there may be cases where the site itself undergoes a revamp, or a username shifts, or any number of reasons where a note to yourself will clear up any lingering confusion.
Naturally, Google and Android are inseparable. But Google added that it’s bringing its Password Checkup tool to iOS, too. If you’ve reused any passwords on your iPhone, or if they’ve been breached, Google Chrome on iOS will alert you to change your password. Google already added password autofill on iOS.
The one feature that we’d question is the ability to import passwords from other password managers. Chrome now allows you to do that by downloading those passwords as a CSV file, which sounds implicitly unsafe. Another weakness is that while you can import passwords to Chrome, Chrome is only a web browser. A password manager syncs your passwords across apps and services; Chrome doesn’t. If you store your passwords within Chrome or Edge, that’s where they’ll stay.