If you’ve ever used Microsoft Authenticator to manage your passwords, it’s time to export them or risk them being lost forever.
The app is most commonly used for two-factor authentication, using face ID to log into email or company systems, for example.
But the app, which has been downloaded over 100 million times on the Google Play store alone, was also used to store passwords with autofill until this month.
Microsoft now says ‘the password era is ending’, urging people to turn to alternative ways of logging in, and saying the app will no longer support passwords.
It’s partly our fault, given we keep reusing pet names, swear words, 12345, and ‘password’ as not-so-foolproof keys to our kingdom.
Before you panic that the company is removing support for passwords entirely across all its services, they’re not – or at least, not yet. But they won’t be letting you keep your list in the Authenticator app, and data will be deleted next month.
If you want to keep using Microsoft to store passwords, you can use their Edge browser which will keep them all logged and ready.
If you prefer a separate app so you can use passwords in Chrome, Safari, or another browser, it’s time to export them so you still have access.
When are the autofill changes happening?
- June 2025: people were no longer able to save new passwords in Authenticator, and were shown a message warning them of coming changes.
- July 2025: you will not be able to use autofill with Authenticator. Payment information will be deleted.
- August 2025: your saved passwords will no longer be accessible in Authenticator and will be deleted.
Why would Microsoft do such a thing?
In a blog post in December last year, Microsoft said they block 7,000 attacks on passwords per second, ‘almost double from a year ago’, as well as an increase in phishing attacks to steal credentials by 146%.
They said the reign of passwords is ending: ‘Bad actors know it, which is why they’re desperately accelerating password-related attacks while they still can.’
They said the solution is passkeys, which ‘offer an improved user experience by letting you sign in faster with your face, fingerprint, or PIN, but they also aren’t susceptible to the same kinds of attacks as passwords’.
How can I save my passwords from Authenticator?
If you prefer using Microsoft for your passwords, you can download the Edge app and then set it as your default password manager from Settings.
In a support post, the company also set out steps you can take to export passwords to another app manager.
They warned they will no longer be encrypted if you do this, so make sure to quickly delete the file after the passwords have been saved safely elsewhere.
But you will need to do this before August 2025, as after this they will no longer be accessible, and any generated passwords not saved will be deleted.
Get in touch with our news team by emailing us at webnews@metro.co.uk.
For more stories like this, check our news page.
