Microsoft is set to retire the password autofill feature in its popular Authenticator app this week, marking a significant shift in how users manage their digital credentials. Starting August 1, 2025, passwords stored in the Authenticator app will no longer be accessible, and users will need to transition to alternative methods to keep their accounts secure.
The tech giant is steering users toward a new era of digital authentication by embracing passkeys, a cutting-edge security technology that experts hail as both simpler and safer than traditional passwords. This move comes amid a dramatic rise in cyberattacks targeting passwords, with Microsoft reporting an alarming 7,000 password attacks per second in 2024—more than double the rate from the previous year.
For years, Microsoft Authenticator has been a trusted tool for multi-factor authentication, providing one-time passwords, biometric logins, and password management all in one place. However, the company has decided to phase out the password management and autofill functions within the app, transferring those responsibilities to its Edge browser. This consolidation aims to offer users a more integrated and secure experience by combining password management with advanced security features like Defender SmartScreen, password monitoring, and AI-assisted protection.
Since June 2025, Microsoft users have been unable to add or import new passwords into the Authenticator app, and automatic data filling was disabled in July. Now, as the final step in this transition, stored passwords are being removed from the app entirely. Payment information saved in Authenticator will also be deleted, and any generated passwords that weren't explicitly saved will be lost. Users who want to retain their password data must export it before the August 1 deadline.
Microsoft has made it clear that passwords and address details will remain stored within users' Microsoft accounts and can be managed through the Edge browser. To continue accessing autofill data on mobile devices, users need to set Edge as their default autofill provider. On iOS, this involves navigating to Settings > General > Autofill & Passwords and enabling Edge, while Android users can go to Settings > General management > Passwords and autofill > Autofill service and select Edge. Desktop and laptop users can manage their passwords by opening Edge and going to Settings > Profiles > Passwords, where toggles for autofill and password saving are available.
The shift to passkeys represents a fundamental change in digital security. Unlike traditional passwords—often long, complex strings that users struggle to remember—passkeys rely on biometric data like fingerprints or facial recognition, digital patterns, or PINs. These passkeys are made up of two parts: one half is stored securely on the user's device or a compatible verification app like Authenticator, and the other half resides with the service or application the user wants to access. This split-key system acts like a digital key and padlock, ensuring that neither half alone can grant access, thereby greatly reducing the risk of hacking.
However, adopting passkeys requires some effort. Users must set up individual passkeys for each service that supports them. Over the past few months, many Authenticator users have been prompted through a guided setup experience to create these passkeys. For those who missed the prompt, setting up a new passkey is straightforward: open the Authenticator app, tap on the relevant account, select the "set up a passkey" option, and follow the instructions.
It’s important to note that while passkeys are gaining traction, not all websites and applications have adopted this technology yet. Many still rely on traditional passwords, making it essential for users to maintain access to their stored passwords during this transition period.
For users who prefer not to use Microsoft Edge for password management, Microsoft allows exporting passwords from Authenticator until August 1. This exported file can be imported into other password managers, including popular options like Google Password Manager and Apple’s iCloud Keychain. If users encounter difficulties during the import process, consulting the customer support of their chosen password manager is advisable.
One critical detail is that the Microsoft Authenticator app will continue to support passkeys as its primary function moving forward. Users who have set up passkeys linked to their Microsoft accounts must keep the Authenticator app active to maintain passkey functionality. Disabling the app would render passkeys unusable, effectively locking users out of their accounts that rely on this authentication method.
Microsoft’s decision to end password autofill in Authenticator and pivot to passkeys reflects a broader industry trend toward more secure and user-friendly login methods. As cyber threats evolve, companies are increasingly recognizing that traditional passwords are vulnerable and cumbersome. Passkeys offer a promising alternative by leveraging biometrics and cryptographic security, removing the need for users to remember or manage complex passwords.
Still, the transition poses challenges. Users must be diligent in exporting their data, setting up passkeys, and adopting the Edge browser or another password manager to avoid losing access to their stored credentials. The coming days are crucial for Microsoft Authenticator users to adapt to these changes and secure their digital lives in this new authentication landscape.
Ultimately, this move could signal the beginning of the end for password-based security, ushering in a future where biometric and cryptographic methods become the norm. Microsoft’s push to centralize password management in Edge and promote passkeys is a bold step in that direction, emphasizing convenience without compromising security.
