Why Microsoft Authenticator is Changing and How to Set Up a Passkey Before the Deadline

Microsoft Authenticator Users Face Major Changes

Microsoft Authenticator users are experiencing a significant shift as the app's password management features are being phased out. All stored passwords will be deleted on August 1st, marking a major transition for the tech giant. This decision reflects Microsoft's growing emphasis on passkeys, a digital authentication method that is gaining recognition for its simplicity and enhanced security.

Passkeys are designed to replace the need for complex passwords by using biometric data such as facial recognition or fingerprints, digital patterns, or PINs. These keys operate through an encrypted two-part system: one half is stored securely by the user, often in the cloud via a compatible verification app like Authenticator or on a physical security dongle, while the other resides with the service being accessed. This dual-key approach significantly improves security. However, a notable downside is the requirement to set up individual passkeys for each compatible service or application, which can be challenging for users managing multiple accounts.

Microsoft’s decision to pivot towards passkeys is driven by the increasing threat of cyberattacks. In a recent blog post, the company highlighted the alarming rise in password attacks, stating, "Last year (2024), we observed a staggering 7,000 password attacks per second (more than double the rate from 2023). Although passwords have been around for centuries, we hope their reign over our online world is ending."

For those who haven't transitioned yet, setting up a passkey within the Authenticator app is relatively straightforward. Many users may have already received prompts to do so in recent months. If not, simply open the Authenticator app on your device, tap on your account, and select the "set up a passkey" option, then follow the on-screen instructions.

It is important to note that all your old passwords remain synced to your Microsoft account. To access them after the August 1st deadline, you will need to install the Microsoft Edge browser on your chosen device and log in. For iOS users, navigate to Settings > General > Autofill & Passwords and enable Edge. Android users should go to Settings > General management > Passwords and autofill > Autofill service and select Edge. Desktop and laptop users can find their passwords by opening Edge and navigating to Settings > Profiles > Passwords. Here, you should also find an autofill toggle and an option to save new passwords.

If you prefer to use a different password manager, you can export your Authenticator passwords. Open the Authenticator app on your device, then navigate to Settings > Export Passwords. This will generate an export file containing your data. Most password managers, including those built into other browsers or Apple and Android's native keyring apps, offer an import option that should accept this file. Should you encounter difficulties during the import process, consulting the customer service lines of your chosen password manager is advisable.

While Authenticator will no longer manage passwords directly, it will continue to serve as a vital tool for multi-factor authentication, one-time passwords, and biometric logins for passkey-compatible services. Its password management and autofill functions are now being consolidated within the Edge browser. It is important to note that not all websites and applications have fully adopted passkeys yet, meaning traditional passwords will still be required in many online spaces. Users are encouraged to take action to secure their digital credentials ahead of these changes.

Microsoft continues to innovate and adapt to the evolving landscape of online security. The shift to passkeys represents a bold move toward a more secure and user-friendly future. As the digital world becomes increasingly interconnected, the importance of robust security measures cannot be overstated. By embracing new technologies like passkeys, Microsoft is paving the way for a safer online experience for all users.