Something is happening with the Google password manager. Having made this a little more accessible, changes around security are now imminent. The decryption of the passwords can be moved from the cloud to the locally used device with one of the next updates. This can increase security, but also shifts some of the responsibility onto the user.
A lot of sensitive data is stored in the Google account, but the Google password manager probably belongs to the most sensitive category, because it potentially stores the access data for all important online services. Of course, the passwords are not stored in plain text in the cloud, but are stored in encrypted form and are decrypted after they have been called up by the user. For decryption, the Google servers have a key ready, which converts it into plain text for use.
In the settings under Android, you can now specify that the decryption should instead be carried out locally on the smartphone. This means that the decryption key is no longer stored in the cloud but on the device. Something similar is planned for iOS and Chrome. This is currently optional, but Google’s goal is to move decryption entirely from the cloud to the user’s devices. This means that the database can only be accessed using the previously registered device. Changing devices or additional devices is possible but requires syncing the key the first time.
For the end-user, nothing changes as a result of this relocation. I wouldn’t call it safer or less secure, but whoever has the key has the responsibility – that’s the way it is. Should there be a hacker attack of any kind, then the decryption took place on the device and thus in the hands of the user, no longer in the cloud.
With on-device encryption, you enclose your passwords in Google Password Manager and take the key with you. This means that only you can see your passwords. However, it also means that if you lose the key, you will also lose your passwords.
- How it works: Once on-device encryption is set up, you can use your Google password or the screen lock on compatible smartphones or tablets to unlock it.
- What does that mean?: With this encryption method, only you have the key to unlock your passwords.
- Important Points: Remember that if you lose the key to your passwords, you may lose your passwords as well.
If you like our news and you want to be the first to get notifications of the latest news, then follow us on Twitter and Facebook page and join our Telegram channel. Also, you can follow us on Google News for regular updates.