Each one of our favorite Android phones comes with Google’s password manager built in. It offers a convenient and safe way to store your credentials and is much better than relying on your memory to manually enter the single password you use everywhere. While it is indeed convenient, this built-in tool from Google isn’t a great password manager per se. It certainly won’t be our default recommendation even if you’re just starting with a proper password management system. These are some major reasons you should avoid Google Password Manager and turn to better third-party alternatives instead.

Related

The 5 top reasons you should use a password manager

They’re helping push us closer to a truly passwordless future

1 It locks you in

All hail the Chrome ecosystem

The Google Password Manager doesn’t have an app of its own — it lives inside the Chrome browser on your computer and the Play Services on your phone. That arrangement works fine for Android phones because the Play Services are preinstalled and support autofill across websites open within any browser and app. But on other platforms, you will be forced to use Chrome just because you have your passwords saved in it, even if you prefer another browser. For example, you need to install and set Chrome as your autofill app to access your passwords on an iPhone.

Meanwhile, on your computer, Chrome can autofill your credentials only on websites; for other apps installed on your PC, you will have to take the longer route of manually copying and pasting your passwords. If Google’s password manager had a standalone app that you could install on your computer, it would’ve saved you from relying on the browser all the time. But that would also break the Chrome lock-in, which isn’t a wise business decision for Google.

Image shows a username and password pop-up for reddit.com.

2 Are your passwords protected?

You sure?

To access your passwords in Google Chrome, you need to authenticate yourself using your biometrics on Android phones, and that is as secure as it gets. But your passwords can also be unlocked using your phone’s PIN. If someone gains access to your PIN, like it was famously reported in iPhone theft cases last year (which Apple subsequently fixed with iOS 17.4), your passwords stored in Chrome are only as secure as your lock screen PIN.

Third-party password management apps usually require you to set up a complex master password that is separate from any other service as a fallback when the biometric recognition fails. But in Google’s case, the password manager is connected to your Google account itself. So, you must remember your account password, which you cannot store in the password manager, and setting up a rather memorable password for your primary Google account risks all your passwords, or… there’s no other option, frankly.

Additionally, if one day Google decides to disable your account for any random policy violation like it has unfairly done to a few people, besides everything connected to your Google life, you will also have difficulties recovering your passwords. You may be able to retrieve local copies of your saved credentials in that case, but that depends on which devices you use and how up-to-date the synced copies are.

3 Not as feature-rich

Dedicated password managers are far ahead in the game

While Google Password Manager is good enough for basic use, it lacks a lot of tools and features that you often find on dedicated alternatives, even on their free tiers. For instance, most modern managers support 2FA code autofill within the app. That helps you keep things organized in a single app while still having the second authentication factor included.

Password managers typically let you customize new passwords they generate to suit your (and the site’s) needs, but Google doesn’t offer that kind of tinkering. While family sharing was added recently, it again lacks advanced features like timed sharing, setting restrictions, or sharing items with those outside your family — all of which are supported by other password managers.

Many of us also like to use the extra security of password managers to store our sensitive documents such as identity cards and more, but Google’s version doesn’t offer such storage options either.

bitwarden-android-2

4 Security concerns

Data encryption isn’t enabled by default

The biggest selling point of the Google Password Manager is its ease of use and lower barrier to entry even for people who aren’t much technically inclined. But instead of providing them with proper safety from the get-go, Google doesn’t have on-device encryption enabled by default. That means your username and passwords stored in its password manager could be more easily extracted from Google servers, whether by bad actors or the company itself.

You must manually go into the password manager’s settings, which itself lives within Chrome’s settings menu, to enable on-device encryption. And people who aren’t aware of this option will be left exposed to security concerns. As for Chrome on Windows, some tools could read browser data, including your passwords stored in Chrome, even if data protection is enabled. That’s one solid reason to switch away from any browser-based password manager right away to a real one.

Related

6 best password managers in 2024

Protection where you need it most

Best Google Password Manager alternatives you can check out

I agree that Google Password Manager has the lowest barrier to entry of all password managers for Android users, but that slight initial trouble of starting with a reliable third-party alternative will go a long way. For instance, you will have a proper cross-platform experience and won’t be locked to the browser’s ecosystem. Plus, dedicated password managers are far more secure since they’re made from the ground up to store your most sensitive data and aren’t affected by various browser vulnerabilities either.

My personal password manager of choice is Enpass since I’m on its grandfathered Enpass Pro subscription. One of its biggest benefits is that I get to choose where I want to save my password vault. But for everyone else, I’d recommend going for Bitwarden. It has been our top password manager recommendation for a long time now, and it deserves to be there for its rich free tier while its open-source nature is the cherry on the cake. Besides that, 1Password has proven to be a reliable alternative that you could get for its nice interface and additional security features that make it worth the price.

Whatever password manager you choose, it is important in this day and age that you use one. Using a password manager and setting up two-factor authentication on all your accounts will eliminate a bulk of cyberattacks that are only getting more common by the day.

bitwarden play store square icon
Bitwarden

Bitwarden is the perfect password manager for all users, and it doesn’t cost anything either. Its free tier comes packed with features you will need in your everyday life, while you can upgrade to its paid tier for a small fee if you need extra benefits like Bitwarden Authenticator and file storage.