Microsoft Authenticator Drops Passwords for Passkeys
Microsoft Authenticator will no longer manage or autofill passwords starting August 1, marking a shift to passkeys—biometric or PIN-based credentials that use public-key cryptography. This change aims to curb weak, reused passwords and phishing attacks. Learn how to set up passkeys in Authenticator and explore top password manager alternatives.
Microsoft Authenticator’s Password-Free Countdown
Just days before August 1, Microsoft confirms that its Authenticator app will stop handling passwords. No more saving new credentials, auto-fill or two-factor routines through your password vault. Instead, users must switch to passkeys—PINs, Face ID, fingerprints or screen patterns—for all Microsoft account logins.
What’s Changing in Authenticator?
Over the past months Microsoft has phased out key password features in Authenticator. Here’s your timeline:
- June: Adding new passwords is disabled.
- July: Autofill password function is removed.
- August 1: Saved passwords are inaccessible.
Why Passkeys Outperform Passwords
Passkeys leverage public key cryptography and local biometric or PIN verification—no server-stored secrets, no brute-force or credential stuffing. With phishing on the rise and nearly half of U.S. adults reusing simple passwords, passkeys promise stronger, phishing-resistant authentication without the headache of password recall.
Setting Up Your First Passkey
Get started in minutes:
- Open Microsoft Authenticator on your smartphone.
- Select your Microsoft account and tap “Set up a passkey.”
- Authenticate with your existing credentials to confirm identity.
- Follow on-screen prompts to register your fingerprint, Face ID or PIN.
Choosing a New Password Manager
If you still rely on passwords for non-Microsoft services, consider:
- Bitwarden: Open-source, audited annually, unlimited device syncing even on the free plan.
- 1Password: Intuitive interface, robust family and team sharing, secure watchtower alerts.
Next Steps for Secure Access
Transitioning to passkeys represents a big leap in account security. Organizations need a clear rollout plan, training materials on biometric flows and fallback processes for legacy systems. QuarkyByte’s security team helps map your passkey adoption strategy, conduct real-world phishing drills and ensure a smooth migration from passwords to modern credentials.
Keep Reading
View AllLovense App Flaw Exposed Users’ Emails and Enabled Hijacks
A security flaw in Lovense’s sex toy app let hackers retrieve user emails via usernames and hijack accounts, with fixes delayed for months.
UK Online Safety Act Enforces Age Verification on Social Platforms
UK’s Online Safety Act mandates age checks for mature content and messages, reshaping global privacy and compliance across major platforms.
NordVPN Adds Scam Call Protection for Android
NordVPN now offers scam call protection for US Android users, analyzing metadata to flag malicious calls. Discover setup steps and security benefits.
AI Tools Built for Agencies That Move Fast.
Facing an authentication overhaul? QuarkyByte’s security analysts help financial services, enterprises, and government agencies design and implement passkey-based logins. We’ll map out integration roadmaps, run phishing-drill simulations, and benchmark biometric flows to fortify access controls.