Authenticator’s autofill function is ending this month, but the most significant change is coming in just one month.
Beginning this month, Microsoft Authenticator’s autofill password feature will no longer be available, as the company shifts away from traditional passwords in favor of passkeys. In fact, Microsoft already blocked users from saving new passwords in the app last month.
The biggest change comes next month: all stored passwords will be removed from the Authenticator app. Going forward, you’ll need to use passkeys—like a PIN, fingerprint, or facial recognition—to log in.
Starting this month, Microsoft Authenticator’s autofill password feature will be discontinued as the company moves toward using passkeys instead of traditional passwords. In fact, users were already prevented from saving new passwords in the app as of last month.
The most significant change happens next month: all saved passwords will be deleted from the Authenticator app. Moving forward, you’ll need to log in using passkeys such as a PIN, fingerprint, or facial recognition.
Attila Tomaschek, CNET’s senior software writer and digital security expert, says passkeys offer a more secure alternative to the risky password practices used by 49% of U.S. adults, according to a recent CNET survey.
“Unlike passwords, which can be cracked, passkeys require both a public key and a private key stored locally to verify a user’s identity,” Tomaschek explained. “This helps reduce the risk of threats like phishing, brute-force attacks, or credential stuffing.”
Using the same password for several accounts or adding personal hints can be a convenient way to remember your login. But it’s a big risk for scammers, identity theft and fraud. Here’s more on Microsoft’s plan for eliminating passwords and how to make the switch to passkeys before August.
Reusing the same password across multiple accounts or relying on personal hints might make it easier to remember your logins, but it also opens the door to scammers, identity theft, and fraud. Here’s what you need to know about Microsoft’s plan to phase out passwords and how you can transition to passkeys before August.
Microsoft Authenticator is ending support for password-based logins.
Microsoft Authenticator stores your passwords and allows you to access your Microsoft accounts using a PIN, facial recognition like Windows Hello, or other biometrics such as a fingerprint. It also supports functions like verifying your identity if you forget your password or providing two-factor authentication for added security.
As of June, Microsoft no longer allows users to add new passwords to Authenticator. Here’s a breakdown of the upcoming changes you can expect, based on Microsoft’s timeline.
“Passkeys rely on public key cryptography to verify users, instead of requiring them to create their own passwords—which are often weak or reused,” explained Tomaschek.
Why passkeys are a safer choice than passwords
So, what is a passkey exactly? It’s a type of login credential developed by the Fast Identity Online (FIDO) Alliance that uses biometrics—like your fingerprint or Face ID—or a PIN to confirm your identity and give you access. This method is typically much more secure than using a traditional password that can be easily guessed or targeted by phishing attacks.
Unlike passwords, passkeys aren’t stored on remote servers—they’re kept only on your personal device. This makes them more secure and also eliminates the need to remember passwords or rely on a password manager.
How to Set Up a Passkey in Microsoft Authenticator
In a blog post from May 1, Microsoft explained that the app will automatically choose the most suitable passkey and set it as your default sign-in method. “If your account uses both a password and a one-time code, we’ll ask you to log in with the one-time code instead of your password. Once you’re signed in, you’ll be prompted to create a passkey. Going forward, you’ll use that passkey to sign in,” the post says.
To create a new passkey, open the Microsoft Authenticator app on your phone. Tap your account, then choose “Set up a passkey.” You’ll be asked to log in using your current credentials. Once signed in, you can complete the passkey setup.
