The password era is ending.
Quite the week for Microsoft. Just when its drastic u-turn on Windows 10’s end of life seemed to be the headline of the week, the Windows-maker suddenly killed its blue screen of death. And now your passwords face that same fate.
Microsoft warns “the password era is ending” and “bad actors know it, which is why they’re desperately accelerating password-related attacks while they still can.” The answer is passkeys, but it also means a huge change to passwords you have saved.
The biggest change to Authenticator is that from August “your saved passwords will no longer be accessible in Authenticator and any generated passwords not saved will be deleted.” You have until August to switch to move those passwords somewhere else.
But the most useful part of the Authenticator app is “securely storing and autofilling passwords on apps and websites you visit on your phone.” And that’s changing now. From July — just days away, “you will not be able to use autofill with Authenticator.”
You have the option to move the password problem somewhere else, exporting Authenticator passwords to Google Password Manager or iCloud Keychain or similar. That might be convenient for autofilling, but it doesn’t make you any more secure.
Instead, replace your passwords with passkeys on all your critical accounts — especially on Microsoft itself, Google, Facebook or similar. The recent 16 billion password “breach” may have been miseadling, but those stolen passwords are out there.
Half of Americans use risky passwords and less than half use two-factor authentication on accounts. You really don’t want to be in either of those stats. If you use Microsoft’s Authenticator app, don’t just roll the problem forwards — act now and fix it.
Your Authenticator app “will continue to support passkeys,” says Microsoft. “If you have set up Passkeys for your Microsoft Account, ensure that Authenticator remains enabled as your Passkey Provider. Disabling Authenticator will disable your passkeys.”
