If you’ve been using Microsoft Authenticator to store and autofill your passwords, it’s time to start planning a move. Microsoft has announced that it will retire the password management features in the app, and by August 2025, stored passwords will either be hidden or deleted entirely.
Microsoft Authenticator is best known as a two-factor authentication (2FA) tool, helping users confirm their identity through fingerprint scans, face recognition, or device approval, in addition to typing a password. While it also included features like password generation and autofill, essentially working like a basic password manager, those functions are being phased out as Microsoft shifts its focus toward a passwordless future.
The company says that ironically, as the tech world moves away from passwords, hackers are doubling down on exploiting them while they’re still around. That has made passwords an increasingly attractive target, even as alternatives like passkeys and biometrics gain ground.
The phase-out is happening in three steps. First, users can no longer save new passwords in the app, a change that’s already in place. Then, in July 2025, the autofill feature for passwords and payment methods will stop working, and saved card details will be deleted. Finally, in August, all saved passwords will become inaccessible. Some may only be hidden, but those generated by Authenticator itself will be permanently removed.
To prepare, Microsoft recommends switching to its Edge browser for managing passwords. On mobile devices, this means installing the Edge app and setting it as the default for autofill through device settings. Passwords that were manually added to Authenticator should sync automatically to Edge through your Microsoft account, though any app-generated passwords will need to be added manually before migration.
If you’d rather use another password manager, Microsoft allows you to export your saved credentials. You can do this by opening Authenticator’s settings, selecting “Export Passwords,” and saving a CSV file. Since this file isn’t encrypted, it’s important to delete it immediately after transferring the data to your new tool.
This change is part of a broader trend across the tech industry to eliminate passwords in favor of more secure alternatives. But until those new systems are universally supported, making sure your credentials are safely stored elsewhere is essential. If you rely on Microsoft Authenticator for password storage, now is the time to act, before those credentials disappear for good.