A MODEST STEP FORWARD Google Password Manager finally syncs to iOSheres how Chrome for iOS no longer syncs solely to iCloud. Dan Goodin Feb 26, 2025 8:20 am | 1 The Google Password Manager logo Credit: Google The Google Password Manager logo Credit: Google Story textSizeSmallStandardLargeWidth *StandardWideLinksStandardOrange* Subscribers only Learn moreLate last year, I published a long post that criticized the user unfriendliness of passkeys, the industry-wide alternative to logging in with passwords. A chief complaint was passkey implementations tend to lock users into whatever platform they used to create the credential.An example: when using Chrome on an iPhone, passkeys were saved to iCloud. When using Chrome on other platforms, passkeys were saved to a users Google profile. That meant passkeys created for Chrome on, say, Windows, wouldnt sync to iCloud. Passkeys created in iCloud wouldnt sync with a Google account.GPM and iOS finally play nice togetherThat headache is finally over. Chrome on all platforms now uses the Google Password Manager, a tool built into Chrome, to seamlessly sync keys. GPM, as its abbreviated, will sync passkeys to all Chrome browsers logged in to the same user account. Ive spent a few days testing the new capabilities, and they mostly work hassle free. The tool can be accessed by opening this link in Chrome.GPM allows me to log in to passkey-protected accounts not just in Chrome, but also in standalone iOS apps such as those from Kayak, eBay, or LinkedIn. When creating a passkey in a standalone app, I now get the option to sync it through either GPM or iCloud. That means the same passkeys I created on Chrome for Android, Windows, or macOS work out of the box on my iOS apps. These passkeys are synced using end-to-end encryption, as mandated by the FIDO specification, which is maintained by the FIDO Alliance. Creating a passkey on the Kayak app and syncing with GPM. Creating a passkey on the Kayak app and syncing with GPM. Using GPM to log in to the LinkedIn app for iOS. Using GPM to log in to the LinkedIn app for iOS.Creating a passkey on the Kayak app and syncing with GPM.Using GPM to log in to the LinkedIn app for iOS. When saving a passkey, Chrome allows users to choose where to sync it. When saving a passkey, Chrome allows users to choose where to sync it. Creating a passkey for Kayak. Creating a passkey for Kayak.When saving a passkey, Chrome allows users to choose where to sync it.Creating a passkey for Kayak.The first step to using GPM on iOS is to enable it in the iOS settings menu, specifically, Settings > General > Autofill & Passwords, and then flip on the Chrome option. The next time Chrome is invoked to work with a passkey, the user will be prompted for a PIN. Those who are already using a Pixel can enter the unlock code for that device. Those without a Pixel will have to select a PIN.If the first passkey for Google Password Manager is created on desktop, Chrome asks to create a Google Password Manager PIN and it will be used, a Google tutorial explains. The user needs to sign in to their Google Account and enter their Android device screen lock or Google Password Manager PIN to decrypt a synced passkey on a new environment.Theres no lock in with GPM. I configured an iPhone to autofill from both Apple Passwords, the new interface for working with iCloud Passwords, and Chrome. From then on, I got the option to use either when saving passkeys in both Chrome or in standalone apps.GPM provides a modest step forward in simplifying passkey storage and syncing. Third-party apps such as 1Password and Dashlane have already provided this level of convenience. Unfortunately, there are still no ways to transfer passkeys in bulk from one app to another. This is a major shortcoming, since GPM, Apple Passwords, and most other password managers already allow passwords to be imported or exported, making it easy to move from one to another. The FIDO Alliance says passkey transfer capabilities are in the works.Dan GoodinSenior Security EditorDan GoodinSenior Security Editor Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords. In his spare time, he enjoys gardening, cooking, and following the independent music scene. Dan is based in San Francisco. Follow him at here on Mastodon and here on Bluesky. Contact him on Signal at DanArs.82. 1 Comments