Each one of our favorite Android phones comes with Google’s password manager built in. It offers a convenient and safe way to store your credentials and is much better than relying on your memory to manually enter the single password you use everywhere. While it is indeed convenient, this built-in tool from Google isn’t a great password manager per se. It certainly won’t be our default recommendation even if you’re just starting with a proper password management system. These are some major reasons you should avoid Google Password Manager and turn to better third-party alternatives instead.
It locks you in
The Google Password Manager doesn’t have an app of its own — it lives inside the Chrome browser on your computer and the Play Services on your phone. That arrangement works fine for Android phones because the Play Services are preinstalled and support autofill across websites open within any browser and app. But on other platforms, you will be forced to use Chrome just because you have your passwords saved in it, even if you prefer another browser. For example, you need to install and set Chrome as your autofill app to access your passwords on an iPhone.
Meanwhile, on your computer, Chrome can autofill your credentials only on websites; for other apps installed on your PC, you will have to take the longer route of manually copying and pasting your passwords. If Google’s password manager had a standalone app that you could install on your computer, it would’ve saved you from relying on the browser all the time. But that would also break the Chrome lock-in, which isn’t a wise business decision for Google.
Are your passwords protected?
To access your passwords in Google Chrome, you need to authenticate yourself using your biometrics on Android phones, and that is as secure as it gets. But your passwords can also be unlocked using your phone’s PIN. If someone gains access to your PIN, like it was famously reported in iPhone theft cases last year (which Apple subsequently fixed with iOS 17.4), your passwords stored in Chrome are only as secure as your lock screen PIN.
Third-party password management apps usually require you to set up a complex master password that is separate from any other service as a fallback when the biometric recognition fails. But in Google’s case, the password manager is connected to your Google account itself. So, you must remember your account password, which you cannot store in the password manager, and setting up a rather memorable password for your primary Google account risks all your passwords, or… there’s no other option, frankly.
Additionally, if one day Google decides to disable your account for any random policy violation like it has unfairly done to a few people, besides everything connected to your Google life, you will also have difficulties recovering your passwords. You may be able to retrieve local copies of your saved credentials in that case, but that depends on which devices you use and how up-to-date the synced copies are.
Not as feature-rich
While Google Password Manager is good enough for basic use, it lacks a lot of tools and features that you often find on dedicated alternatives, even on their free tiers. For instance, most modern managers support 2FA code autofill within the app. That helps you keep things organized in a single app while still having the second authentication factor included.
Password managers typically let you customize new passwords they generate to suit your (and the site’s) needs, but Google doesn’t offer that kind of tinkering. While family sharing was added recently, it again lacks advanced features like timed sharing, setting restrictions, or sharing items with those outside your family — all of which are supported by other password managers.
Many of us also like to use the extra security of password managers to store our sensitive documents such as identity cards and more, but Google’s version doesn’t offer such storage options either.
Security concerns
The biggest selling point of the Google Password Manager is its ease of use and lower barrier to entry even for people who aren’t much technically inclined. But instead of providing them with proper safety from the get-go, Google doesn’t have on-device encryption enabled by default. That means your username and passwords stored in its password manager could be more easily extracted from Google servers, whether by bad actors or the company itself.
You must manually go into the password manager’s settings, which itself lives within Chrome’s settings menu, to enable on-device encryption. And people who aren’t aware of this option will be left exposed to security concerns. As for Chrome on Windows, some tools could read browser data, including your passwords stored in Chrome, even if data protection is enabled. That’s one solid reason to switch away from any browser-based password manager right away to a real one.
If you have any questions or need guidance on choosing a password manager call us at 732-780-8615 or email at [email protected].
Karandeep Singh, Excerpt from, “4 reasons to switch away from Google Password Manager,” androidpolice.com, April 3rd, 2024