Microsoft Authenticator to stop saving new passwords June 1.
Update, May 3, 2025: This story, originally published May 2, has been updated with details of dedicated password manager apps as password management features are removed from the Microsoft Authenticator app.
What the heck is happening with passwords at Microsoft? That’s the question many will be asking as a slew of password-related announcements land. Passwords are suddenly disappearing from Windows accounts. Long-since expired passwords can be used to unlock Windows accounts, and attackers are using password-spraying attacks to compromise Microsoft accounts. Now, to add to the credentials confusion, Microsoft has warned users of its authenticator app that, starting June 1, they will no longer be able to save new passwords. I guess I’d better try to answer that “what the heck” question then…
What’s Happening To The Microsoft Authenticator App?
The Microsoft Authenticator app has been more than just a 2FA code generator for quite some while now. Indeed, many would argue that it has been gradually positioned as the default password manager for Microsoft users. What with it able to save passwords and autofill them across both Android and iOS platforms. But that house of password cards, dear reader, is about to come crashing down as Microsoft announces a dramatic shift in security emphasis from app to browser.
Microsoft has confirmed, starting in June, massive changes to how the Authenticator app works.
These changes are all part of a move by Microsoft to apparently streamline the password autofill process across devices. In June, users of the Microsoft Authenticator app will no longer be able to save any new passwords. In July, Microsoft will phase out the use of autofill in the app, and from August, “your saved passwords will no longer be accessible in Authenticator,” Microsoft has said. The app will continue to support passkeys, however, and Microsoft has advised that “if you have set up Passkeys for your Microsoft Account, ensure that Authenticator remains enabled as your Passkey Provider.” If you disable Authenticator, you will also disable your passkeys.
So, what now? Microsoft really wants you to embrace the password management functionality of the Edge browser, stating that “your saved passwords (but not your generated password history) and addresses are securely synced to your Microsoft account, and you can continue to access them and enjoy seamless autofill functionality with Microsoft Edge.”
Microsoft Authenticator Was Never A Genuine Password Manager — Start Using An App That Is
Let’s be honest here folks, the Microsoft Authenticator app was never a password manager in the accepted sense of the word. Itv was a code-generating authentication app, that’s it. Sure, Microsoft added a few bells and whistles along the way, but you can’t turn a bush into a Christmas tree just by adding tinsel. I’m sure I will ruffle a few feathers here, but purely browser-based password vaults aren’t proper password managers either. I can understand why Microsoft wants people to use the Edge browser as if it were, of course, but the bush and tinsel argument still applies if you replace the bush with anything other than a genuine Christmas tree.
Here’s the thing: there’s no real reason for you to use your browser in this way when a dedicated password manager application can not only autofill your credentials when logging in to an account, but can also support passkeys and generate 2FA codes, thank you very much.
s someone who made the switch from a Microsoft Windows and Google Android ecosystem to the Apple one for my primary work usage a few years ago, I can heartily recommend Apple’s own Passwords app. This supercharges existing login management provided by the iCloud Keychain, syncs across devices, generates 2FA codes and supports passkeys. It is free to use and competes very nicely with other password managers, provided you are using Apple platforms and don’t want too many additional features outside of the basic essentials of credentials management. If you do want a bit more by way of additional feature sets and cross-platform usage, then I’d recommend 1Password, which I use with my Windows and Android devices. It’s not free, but it is feature-packed and has been a long-time player in the industry, which means you can trust your passwords and your data with it, no matter what operating system or machine you are on. Other password managers are available, of course, and I’d encourage you to do your own research to find which best meets your needs and price point.
