Home Programming News Easy and safe sign-in on Android with Credential Supervisor and passkeys — Google for Builders

Easy and safe sign-in on Android with Credential Supervisor and passkeys — Google for Builders

Easy and safe sign-in on Android with Credential Supervisor and passkeys — Google for Builders


Posted by Diego Zavala, Product Supervisor

We’re excited to announce that the general public launch of Credential Supervisor shall be out there beginning on November 1st. Credential Supervisor brings the way forward for authentication to Android, simplifying how customers check in to their apps and web sites, and on the identical time, making it safer.

Signing in may be difficult – passwords are extensively used, and sometimes forgotten. They’re reused, phished, and washed, making them much less safe. Moreover, there’s a proliferation of how to log in to apps; passwords, e-mail hyperlinks, OTP, ‘Sign up with…’, and customers carry the burden of remembering what to make use of the place. And for builders, this provides complexity – they should assist a number of sign-in strategies, rising integration and upkeep prices.

To handle this, Android is rolling out Credential Supervisor, which brings assist for passkeys, a brand new passwordless authentication, along with conventional sign-in strategies, akin to passwords and federated identification, in a unified interface.

Let’s check out the way it may also help make customers’ and builders’ lives simpler.

1.    Passkeys allow passwordless authentication

Passkeys are the way forward for on-line authentication – they’re safer and handy than passwords. With a passkey, signing in is so simple as deciding on the correct account and confirming with a tool face scan, fingerprint or PIN – that’s it. No must manually kind username or passwords, copy-paste a one-time code from SMS, or faucet a hyperlink in an e-mail inbox. This has resulted in apps decreasing the sign-in time by 50% after they applied passkeys. Logging in with passkeys can also be safer, as they supply phishing-resistant safety.

Image showing step-by-step passwordless authentication experience to sign in to Shrine app from an Android device

A number of apps are already built-in with Credential Supervisor and assist passkeys, together with Uber and Whatsapp.

“Passkeys add an extra layer of safety for WhatsApp customers. Simplifying the way in which customers can securely get into their account will assist our customers, which is why the Credential Supervisor API is so essential.” 

– Nitin Gupta, Head of Engineering, WhatsApp


“At Uber, we’re relentless in our push to create magical experiences with out compromising consumer security. Passkeys simplify the consumer expertise and promote accessibility, whereas enhancing the safety that comes from decreasing the dependency on conventional passwords. In the end this can be a win-win for Uber and Uber’s clients.

The Credential Supervisor presents a developer-friendly suite of APIs that allow seamless integration with our apps, eliminating issues about gadget fragmentation. We’ve seen nice outcomes from launching passkeys throughout our apps and encourage all customers to undertake passkeys.” 

Ramsin Betyousef, Sr. Director of Engineering at Uber

2.    All accounts out there in a single faucet, in a simplified interface

Customers typically find yourself with completely different sign-in strategies for a similar account – they might use a password on their telephone, and a “Sign up with…” on a browser, after which be supplied a passkey on their desktop. To simplify customers’ lives, Credential Supervisor lets them select the account they need, and use sensible defaults to choose one of the best expertise to do it (e.g. a passkey, password, or federated identification). That means, customers don’t must suppose whether or not they wish to sign-in with a password or a passkey; they simply select the account, and they’re in.

Let’s check out the way it works. Think about that Elisa has 2 accounts on the Shrine app

  • a private account for which she had a password and simply created a brand new passkey
  • a shared household account with only a password.

To facilitate her expertise, Credential Supervisor reveals her 2 accounts and that’s it. Credential Supervisor makes use of a password for her household account and a passkey for her private account (as a result of it’s less complicated and safer). Elisa doesn’t want to consider it.

Image showing Credential Manager on an Android device allowing user to choose a saved sign in from list of two accounts

3.    Open to the ecosystem

One of many explanation why customers choose Android is as a result of they can customise their expertise. Within the case of authentication, some customers choose to make use of the password supervisor that’s shipped with their gadget, and others choose to make use of a special one. Credential Supervisor offers customers the flexibility to take action, by being open to any credential supplier and permitting a number of enabled on the identical time.

Image showing Credential Manager in app allowing user to choose a saved sign in from list of two accounts

A number of main credential suppliers already built-in with Credential Supervisor.

“We’re at an inflection level within the historical past of authentication as passkeys signify the proper stability between ease and safety. Since 1Password launched assist for passkeys earlier this 12 months, we’ve had over 230,000 passkeys created and see 1000’s added every day. The information signifies sturdy consumer demand however we should proceed to prioritize assist for apps and providers, making it less complicated for builders to combine passkey authentication.” 

– Anna Pobletts, Head of Passwordless at 1Password


“At Enpass, we shortly acknowledged the potential of passkeys. Because of the Android Credential Supervisor framework, Enpass is totally ready to function a passkey supplier for Android 14. This integration empowers our clients to embrace a safe various to conventional passwords wherever it is out there.” 

– Vinod Kumar, Chief Know-how Officer at Enpass.

Find out how to combine with Credential Supervisor?

To get began, check out the assets beneath:



Please enter your comment!
Please enter your name here