Microsoft is ushering in a new era of digital security by discontinuing the password management feature in its popular Microsoft Authenticator app, effective August 1, 2025. This shift marks a decisive move towards a "password-less" future, where traditional passwords give way to more secure and user-friendly passkeys. Users of the app are now facing a crucial deadline: unless they take action, all stored passwords in the Authenticator app will be deleted this Friday.
The decision to retire passwords from the Authenticator app is part of Microsoft's broader strategy to enhance online security amid a rising tide of cyberattacks. According to a Microsoft blog post, in 2024 alone, the company observed an alarming 7,000 password attacks per second — more than double the rate from the previous year. This relentless assault on password security has pushed Microsoft to embrace passkeys, which experts hail as a safer and simpler alternative to traditional passwords.
Passkeys leverage biometric data such as facial recognition, fingerprints, or device PINs to authenticate users. Unlike passwords, which can be weak, reused, or vulnerable to phishing and brute-force attacks, passkeys operate through a sophisticated two-part encrypted system. One half of this digital key is stored securely on the user's device or in the cloud via compatible apps like Microsoft Authenticator, while the other half resides with the service or application being accessed. This dual-key system significantly reduces the risk of unauthorized access.
Setting up passkeys is designed to be straightforward. Users who have recently opened the Authenticator app may have already encountered a prompt guiding them through the process. For those who haven’t, the app offers a "set up a passkey" option accessible by tapping on their account within the app. Microsoft’s system automatically detects the best authentication method for each user, whether that’s facial recognition, fingerprint scanning, or a PIN, and walks them through the necessary steps.
However, this transition does come with some challenges. Each passkey must be set up individually for every compatible service or application, which can be cumbersome for users managing multiple accounts. Additionally, while passkeys are gaining traction, not all websites and apps have adopted this technology yet, meaning traditional passwords will still be required in many places for the foreseeable future.
For users who prefer to stick with passwords, Microsoft has ensured their existing passwords remain accessible — but only through the Microsoft Edge browser. After August 1, passwords saved in the Authenticator app will no longer be available there, but they will be synced to the user’s Microsoft account. To access them, users need to install Microsoft Edge on their device of choice and log in. The process varies slightly by platform: iOS users can enable Edge under Settings > General > Autofill & Passwords; Android users can find it under Settings > General management > Passwords and autofill > Autofill service; desktop and laptop users can navigate to Settings > Profiles > Passwords within Edge. Here, users can also toggle autofill and save new passwords.
For those who want to switch to a different password manager, Microsoft has provided an export tool within the Authenticator app. By going to Settings > Export Passwords, users can generate a file containing their stored passwords. This file can then be imported into most popular password managers, including browser-based options and native keyring apps on Apple and Android devices. Experts recommend consulting customer support for the chosen password manager if any issues arise during import.
Security specialists like Attila Tomaschek, a senior software writer at CNET, underscore the benefits of passkeys. He points out that nearly half of U.S. adults engage in poor password habits, such as reusing passwords or choosing easily guessable ones, which heightens their risk of data breaches. Passkeys, by contrast, eliminate the need to remember complex passwords altogether, using cryptographic keys and biometrics to provide a seamless and secure login experience.
While Microsoft Authenticator will cease to handle password management, it will continue to play a vital role in multi-factor authentication, one-time passwords, and biometric logins for services that support passkeys. This consolidation of password management into the Edge browser reflects a strategic effort to streamline security tools and encourage users to adopt more robust authentication methods.
As the August 1 deadline looms, users are urged to act promptly. Whether by setting up passkeys, migrating passwords to Edge, or exporting them to another manager, securing digital credentials is more important than ever given the escalating cyber threats. Microsoft's bold move signals a turning point in how we protect our online identities — moving away from the fragile password towards a future where biometrics and cryptography keep our data safe.
For those exploring alternatives, password managers like Bitwarden and 1Password come highly recommended. Bitwarden stands out due to its open-source transparency, annual security audits, and a generous free plan that supports unlimited password storage across devices. 1Password is praised for its user-friendly interface and family plan options, making it a solid choice for many users transitioning away from Microsoft Authenticator’s password features.
In the evolving landscape of digital security, Microsoft's transition away from passwords in its Authenticator app is a significant milestone. It challenges users to adapt quickly but promises a safer, more convenient way to navigate the increasingly complex world of online authentication.
