NEW YORK — If you’re a Microsoft Authenticator user, like me, you’ve probably received at least one notice that the app’s password management features are no longer usable and that your stored passwords will be deleted on Aug. 1. Yes, you read right, your passwords will be DELETED this Friday.
Why? Because Microsoft is moving its signature sign-in app to a digital authentication method touted by security experts as an easier and more secure way to log in: passkeys.
“Last year (2024), we observed a staggering 7,000 password attacks per second (more than double the rate from 2023),” Microsoft wrote in a blog post. “Although passwords have been around for centuries, we hope their reign over our online world is ending.”
Authenticator has been a staple in providing multi-factor authentication, one-time passwords and biometric logins for services and some websites. Although the app will continue to provide authentication for passkey-compatible services, it is pushing its password management and autofill functions out to the company’s Edge browser instead.
Note that not all websites and applications have adopted passkeys yet, so many places still rely on passwords.
If you haven’t yet moved to a different password manager system or set up your passkeys, we’re here to help.
Passkeys do away with complex 14 character passwords because you never need to see them. Instead you are using existing biometrics like your face or fingerprints, digital patterns or PINs to access your accounts.
Passkeys are made up of two parts of a code that only makes sense when they’re combined, kind of like a digital key and padlock. You keep half of the encrypted code, typically stored either in the cloud with a compatible verification app — including Authenticator — or on a physical security dongle. The other half is stored on the participating apps, services or accounts you want to access.
The bad news? You do have to set up individual passkeys for each service or application that accepts them. Keeping track of where you can use them versus traditional passwords can be challenging.
If you’ve opened Authenticator in the last few months, you likely were prompted to set up a passkey through a guided experience.
If you didn’t receive such a prompt, you can set up a new passkey by opening the authenticator app on your device. Find and tap on your account, then select “set up a passkey” option. Follow the app’s instructions.
The good news is that all of your old passwords are synced to your Microsoft account. But to access them after Aug. 1, you will need to first install the Edge browser on your device of choice (and log into it).
For iOS users, navigate to Settings General Autofill & Passwords and turn on Edge.
Android users click their way to Settings General management Passwords and autofill Autofill service and select Edge.
Laptop and desktop users will need to open Edge and navigate to Settings Profiles Passwords. There you should find an autofill toggle and another option to save new passwords to your account.
Firstly, check out our advice on selecting and using password managers. There are many services — paid and free — out there and options to consider.
Now to export your Authenticator passwords, open the app on your device then navigate to Settings Export Passwords. This will spit out an exported file containing your data.
Most of the password managers out there — including those built into other browsers, or Apple and Android’s own key ring apps — will have an import option, which should accept this file. If you’re having difficulty with the import, it’s best to consult their customer service lines for help.
