Microsoft Authenticator users are facing a significant change as the app’s password management features are being discontinued, with all stored passwords set for deletion on August 1st. This move signals a major shift by the tech giant towards passkeys, a digital authentication method lauded by security experts as both simpler and more secure for online logins.
Passkeys aim to eliminate the need for complex, memorable passwords by leveraging existing biometrics such as facial recognition or fingerprints, digital patterns, or PINs to grant account access. They operate on a two-part encrypted code system: one half is stored securely by the user, often in the cloud via a compatible verification app like Authenticator or on a physical security dongle, while the other resides with the service or application being accessed. This dual-key approach significantly enhances security. However, a key drawback is the requirement to set up individual passkeys for each compatible service or application, which can be a challenge for users managing multiple accounts.
Microsoft’s rationale for this pivot is rooted in bolstering online security. In a recent blog post, the company highlighted the escalating threat of cyberattacks, stating: “Last year (2024), we observed a staggering 7,000 password attacks per second (more than double the rate from 2023). Although passwords have been around for centuries, we hope their reign over our online world is ending.”
For those yet to transition, setting up a passkey within the Authenticator app is straightforward. Many users will have already received a guided prompt to do so in recent months. If not, simply open the Authenticator app on your device, tap on your account, and select the “set up a passkey” option, then follow the on-screen instructions.
Crucially, all your old passwords remain synced to your Microsoft account. To access them after the August 1st deadline, you will need to install the Microsoft Edge browser on your chosen device and log in. For iOS users, navigate to Settings > General > Autofill & Passwords and enable Edge. Android users should go to Settings > General management > Passwords and autofill > Autofill service and select Edge. Desktop and laptop users can find their passwords by opening Edge and navigating to Settings > Profiles > Passwords. Here, you should also find an autofill toggle and an option to save new passwords.
If you prefer to use a different password manager, you can export your Authenticator passwords. Open the Authenticator app on your device, then navigate to Settings > Export Passwords. This will generate an export file containing your data. Most password managers, including those built into other browsers or Apple and Android’s native keyring apps, offer an import option that should accept this file. Should you encounter difficulties during the import process, consulting the customer service lines of your chosen password manager is advisable.
While Authenticator will no longer manage passwords directly, it will continue to serve as a vital tool for multi-factor authentication, one-time passwords, and biometric logins for passkey-compatible services. Its password management and autofill functions are now being consolidated within the Edge browser. It is important to note that not all websites and applications have fully adopted passkeys yet, meaning traditional passwords will still be required in many online spaces. Users are encouraged to take action to secure their digital credentials ahead of these changes.
