Microsoft revealed that it would delete all stored passwords in its Authenticator app by August 2025. In the case of using Authenticator to store your login credentials, you need to take action immediately to secure your accounts. This move is part of a larger industry shift away from passwords and toward passkeys. Google has issued a similar warning to its users, and passkey adoption is growing rapidly.
Why passwords have become unsafe
Passwords can be stolen in data breaches. They can be phished or guessed with brute force attacks. Many people reuse passwords across multiple sites. A report by Cybernews found sixteen billion records exposed in unreported leaks so far in 2025. These weaknesses make passwords a high‑risk way to protect accounts.
What Microsoft is changing
Microsoft has set a timetable to phase out password storage in Microsoft Authenticator:
- June 2025: You will no longer be able to save new passwords in the Authenticator app
- July 2025: Autofill for passwords in the Authenticator app will be disabled
- August 2025: All saved passwords will be removed from the Authenticator app
After August, you will not see any of your logins stored in Authenticator. Any passwords you have generated but not saved elsewhere will be lost.
How to move your passwords to Edge
Microsoft recommends using its Edge browser to store and autofill passwords going forward. In Authenticator, tap the Turn on Edge button. Your saved passwords and address information will sync to your Microsoft account. They will then be available in Edge on all your devices.
Why passkeys are the future
Passkeys offer a more secure login method. They rely on public key cryptography. You verify with a device PIN, fingerprint, or facial recognition. Passkeys cannot be phished or leaked from a server. Even a simple four-digit PIN is harder for attackers to compromise than a reused password. Microsoft says that passkeys provide both better security and faster sign-in.
Steps to enable passkeys for your Microsoft account
- Open your security settings at the Microsoft account website
- Choose Add a new sign‑in method
- Select Passkey and follow the on‑screen instructions
- Verify with your device security, such as fingerprint or face scan
Once set up, you can use the Authenticator app or Edge to sign in without typing passwords.
What happens if you do nothing
If you fail to move your passwords out of Authenticator, they will disappear in August. You will lose access to any accounts for which you do not have a saved credential elsewhere. You may have to reset passwords on each service account by email or phone.
How to prepare right now
- Install the latest version of Microsoft Edge on all your devices
- Export any passwords you need from Authenticator before June
- Enable passkeys on your Microsoft account and any other services that support them
- Turn on two-factor authentication for added security, where passkeys are not yet available
Taking these steps now will prevent lost access and improve your online safety.
