Microsoft Ends Authenticator App’s Password Management Support From 2025

Microsoft has announced it will discontinue password management features in its widely used Authenticator app, marking a significant shift in its approach to digital security.

Starting July 2025, the app’s autofill capability will be disabled, and by August 2025, all saved passwords will be permanently removed from the app.

A Strategic Move Toward Passwordless Security

This change is part of Microsoft’s broader strategy to move away from traditional password-based authentication in favor of more secure, passwordless methods such as passkeys, Windows Hello, and FIDO2-based authentication.

These alternatives are designed to provide stronger protection against phishing and password reuse, which remain major security threats.

Microsoft has emphasized that the shift will streamline user experience and reduce risks associated with password management.

Timeline for Phase-Out

The transition will occur in several stages:

• June 2025: Users will no longer be able to add or import new passwords into the Authenticator app.
• July 2025: The autofill feature will stop working, and any payment information stored in the app will be deleted.
• August 2025: All previously saved passwords will become inaccessible and will be deleted from Authenticator.

Microsoft assures users that their saved passwords and addresses are securely synced to their Microsoft accounts.

After the changes, these credentials will only be accessible through the Microsoft Edge browser, provided users sign in with their Microsoft account and set Edge as the default autofill provider.

Payment data, however, will not transfer automatically and must be re-entered manually elsewhere.

Options for Users

Users have two primary choices before the August 2025 deadline:

• Switch to Microsoft Edge: Install Edge on your devices and sign in to access your synced passwords.
• Export Passwords: Export your saved passwords from Authenticator to another password manager. Microsoft warns that exported passwords are not encrypted in the export file, so users should promptly transfer and delete the file for security.

While password management is ending, Microsoft Authenticator will continue to serve its original purpose: providing multi-factor authentication codes and supporting passkeys for passwordless sign-ins.

The company encourages users to adopt passkeys, which leverage device-based authentication methods like PIN, fingerprint, or facial recognition for enhanced security.

With over 100 million downloads and millions relying on Authenticator daily, Microsoft’s decision signals a decisive move toward a passwordless future, urging users to adapt before the August 2025 cutoff.

Exclusive Webinar Alert: Harnessing Intel® Processor Innovations for Advanced API Security – Register for Free