Microsoft is moving closer to a password-free future, and if you're still using the Authenticator app to manage logins, big changes are coming fast. Starting Aug. 1, the app will no longer support passwords at all. This shift has already been in motion-new password creation was disabled in June, and autofill support was cut off in July.
For years, Microsoft Authenticator was a go-to for managing both multi-factor authentication and saved passwords. But now, it's being refocused to support passkeys instead. That means your logins will soon rely more on things like PINs, fingerprint scans, or facial recognition-more secure, faster and harder to steal than a standard password. If you're still relying on Authenticator for password storage, it's time to move your data elsewhere before it disappears.
Attila Tomaschek, CNET's software senior writer and digital security expert, said that's not a bad thing, though.
"Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," Tomaschek said.
Passkeys get rid of the risky password habits practiced by 49% of US adults, like using the same password for multiple accounts or using personal hints, according to a CNET survey. However, those convenient hints can pose a bigger risk to scammers, identity theft and fraud.
If you're a fan of Authenticator and not sure where to start before the switch, here's what you need to do before Microsoft's Aug. 1 move.
When will Microsoft Authenticator stop supporting passwords?
Microsoft Authenticator houses your passwords and lets you sign into all your Microsoft accounts using a PIN, facial recognition like Windows Hello, or other biometric data like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your accounts. In June, the company stopped letting users add passwords to Authenticator.
Starting this month, you won't be able to use the autofill password function. And next month, you'll no longer be able to use saved passwords.
If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," Tomaschek said.
... continue reading