Edgar Cervantes / Android Authority
TL;DR
- Chrome for Android is working on adding biometrics to password fill-in.
- Systems like this already exist on browsers like Edge.
- The tool would add an additional layer of authentication to help keep your accounts secure
Good security is all about striking a balance: Make a system too secure, and it’s likely to be arduous to use, while err on the side of being too lax, and your data risks going exposed. Companies like Google are constantly tweaking their approach in the hopes of finding the right balance, like we’ve been seeing with its emphasis on passkeys for authentication. Right now we’re checking out what could be one of Google’s next changes in pursuit of that goal, as Chrome for Android gets better about handling saved passwords.
Over on X, Leopeva64 has spotted some recent commits to the Chromium codebase, setting up a means to require users to re-authenticate with biometrics prior to their browser filling in saved passwords on websites. Password managers in general are a great example of tools that exist to balance security vs convenience, but in this case, Google clearly seems worried that maybe the needle had swung a little too far in the “convenience” direction. Even if your phone itself is secured behind biometrics or a PIN (as it very well should be), you still don’t want someone grabbing it while unlocked and unprotected, and an additional layer of verification before giving anyone holding it access to your accounts sounds like a totally reasonable move.
In fact, it’s so reasonable, you’re probably wondering where it’s been this whole time. Leopeva64 suggests that Chrome may have tried doing this before only to back down from the idea, and points out that other browsers like Microsoft Edge on Android are already doing this very same thing.
Right now this change is being implemented as a flag in Chrome’s Canary channel release, so it still may be a little while before you can hope to see it come to a stable build.