The technology industry (Apple, Google, Microsoft) ultimately wants to get rid of passwords with passkeys. Until then, the Google Password Manager is starting to offer on-device encryption so that “only you can see your passwords.”
Today, the Google Password Manager — found at passwords.google.com and inside Chrome — offers “standard password encryption” where:
The encryption key, used to access your passwords, is safely stored in your Google Account. Google then uses this key to access (decrypt) your passwords.
On-device encryption makes it so that “your passwords can only be unlocked on your device using your Google password or the screen lock for an eligible device,” like fingerprint, PIN, etc. “No one besides you will be able to access your passwords” as Google no longer has the encryption key, which is now stored on your device in a secure way.
Google says that on-device encryption cannot be removed once set-up and can be enabled on multiple devices, thus doubling as a recovery option. There are instructions today for enabling on desktop web, Android, and iOS.