Starting this month, you’ll no longer be able to use Microsoft Authenticator’s autofill password function, a move the company is making to transition from passwords to passkeys. Last month, Microsoft stopped letting you save new passwords in the app.
Next month is the biggest change, all your saved passwords will no longer be in the Authenticator app. You’ll have to use passkeys instead — such as a PIN, fingerprint or facial recognition.
Attila Tomaschek, CNET’s software senior writer and digital security expert, believes passkeys are a safer alternative to the risky password habits that 49% of US adults have, according to a recent CNET survey.
«Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks,» said Tomaschek.
Using the same password for several accounts or adding personal hints can be a convenient way to remember your login. But it’s a big risk for scammers, identity theft and fraud. Here’s more on Microsoft’s plan for eliminating passwords and how to make the switch to passkeys before August.
Microsoft Authenticator will stop supporting passwords
Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you’re logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft accounts.
In June, Microsoft stopped letting users add passwords to Authenticator, but here’s a timeline of other changes you can expect, according to Microsoft.
- July 2025: You won’t be able to use the autofill password function.
- August 2025: You’ll no longer be able to use saved passwords.
If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition.
«Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts,» said Tomaschek.
Why passkeys are a better alternative to passwords
So what exactly is a passkey? It’s a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That’s generally safer than using a password that is easy to guess or susceptible to a phishing attack.
Passkeys aren’t stored on servers like passwords. Instead, they’re stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager.
How to set up a passkey in Microsoft Authenticator
Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. «If you have a password and ‘one-time code’ set up on your account, we’ll prompt you to sign in with your one-time code instead of your password. After you’re signed in, you’ll be prompted to enroll a passkey. Then the next time you sign in, you’ll be prompted to sign in with your passkey,» according to the blog post.
To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select «Set up a passkey.» You’ll be prompted to log in with your existing credentials. After you’re logged in, you can set up the passkey.
