Overview
- On August 1, Authenticator will automatically delete all passwords stored in the app, ending its autofill and password-management functions.
- Users can preserve credentials by setting up FIDO Alliance–standard passkeys in Authenticator or exporting their password vault to Microsoft Edge or another password manager.
- Microsoft cites a surge to 7,000 password attacks per second in 2024 as a key driver behind its shift to phishing-resistant passkeys.
- Security experts warn that many websites and applications still lack passkey support, creating a hybrid environment where passwords and passkeys coexist.
- Although Authenticator is dropping password storage, it will continue to support multi-factor authentication, one-time codes and biometric logins for passkey-compatible services.