TL;DR
Microsoft is removing password support from its Authenticator app this summer. As of June, you haven’t been able to add new passwords; in July autofill stops working; and by August all saved passwords will be deleted. The replacement?
FIDO-based passkeys that are stored encrypted on your device and use biometrics / PIN for phishing-proof sign-ins.
The Password Problem
Passwords have been the backbone of online security for decades and the way we into most our work and online services like shopping sites, email, Snapchat etc.. You name it.
But.. They are a huge weak link and the primary way people and companies get hacked and online identities stolen!
- Microsoft report they see password account attacks in the realm of 7,000 attempts per second against Microsoft consumer accounts alone.
- People reuse weak or memorable passwords across dozens of sites because they are hard to remember
- Password managers whilst helpful, provide a single attack space for hackers.
- Phishing, brute-force and database leaks make passwords a persistent liability and AI in increasing the number of attacks.
Microsoft’s stats show password success rates (getting a log in correct with your password) of 32%, compared with 98% for passkeys—proof that passwords aren’t just less secure, they’re also more error-prone and easier to use once set up.
What Are Passkeys?
Passkeys are an evolution of authentication built on FIDO (Fast Identity Online) standards. Here’s what makes them different:
- Stored only on your device protected by your Pin and Biometrics and never on a central server.
- Rely on biometrics (Face ID, fingerprint) or a local PIN.
- Immune to phishing and replay attacks because there’s no password to steal.
- Seamless: once set up, you tap or scan to log in anywhere passkeys are supported.
- Easier to use since you don’t have to remember complex passwords.
Microsoft Authenticator Timeline
To ease the transition away from storing passwords and moving to passkeys, Microsoft has shared the process which started last month.
- June 2025: Microsoft disabled ability to add new passwords to Authenticator.
- July 2025: Password autofill in Authenticator is disabled.
- August 2025: All passwords saved in Authenticator are permanently deleted (export before then).
Keeping/Exporting your passwords.
If you want to export your passwords stored in Authenticator you can. These can then be imported into other password managers. To do this:
- Open Authenticator
- Goto Passwords, then Export.
- Save the CSV file securely or import it into another password manager.
- If you still rely on passwords, migrate them to Microsoft Edge’s built-in vault or a third-party manager like 1Password.
Start creating Passkeys.
- Still in the Authenticator app or via your Microsoft account’s security settings, select Passkeys > Add new passkey.
- Follow the prompts to register with Face ID, fingerprint or PIN.
Update your accounts to use Passkeys
- This is unfortunately a bit laborious, since you will need to visit each website or service that offers passkey login and link your new passkey.
Why go Passwordless.
There’s a heap of reasons once you’ve got past the process of creating Passkeys.
- Stronger Security: No password to steal means it’s virtually impossible to phish or brute-force your credentials.
- Better Usability: Unlock with a quick biometric scan or PIN—no more juggling complex passwords.
- Future-Proof: Passkeys and the move to passwordless is backed by all major identity provider platforms (Microsoft, Cisco, Apple, Google, Amazon) and over 15 billion accounts already support them.
- The industry is moving to passwordless: all the tech giants are moving this was to finally try to rid the world of passwords. Apple, Google and Amazon have also committed to a passwordless future. Whether it’s signing into an app, online banking or shopping, passkeys are becoming the universal standard.
Today, the use of passkeys is growing but with the tech giants behind the Phasing out of passwords they will soon be the way we sign into all. Out online services.