I'm using Google Smart Lock on the Android app I'm currently developing. When I access passwords.google.com I can see the same account/password pair multiple times for the same app package. Is this because I'm using different debug signing certificates to generate my APKs?
Yes, that's right, the credentials are associated with a package/fingerprint combination, not just the package.