Microsoft issues critical password warning to millions of Windows 10, Windows 11, and Microsoft 365 users

With over 100 million downloads on the Google Play Store alone, Microsoft Authenticator is hugely popular. It's tightly integrated with Microsoft's own services, including operating systems like Windows 10 or Windows 11, as well as subscription services like Microsoft 365, which offers access to apps like Word, Outlook, Excel and PowerPoint.

An estimated 75 million users worldwide rely on the app to store passwords daily.

• Warning to 40.8 million Brits putting themselves at risk with dangerous password habit

If you're one of the millions who depend on this service, act now to avoid losing access to your stored credentials.

The phase-out follows a strict three-stage timeline:

• June 2025 | You can no longer save new passwords in Microsoft Authenticator
• July 2025 | Autofill feature will stop working, preventing you from relying on Microsoft Authenticator to fill-in username / email address, passwords and login across websites and mobile apps. At the same time, save payment information including credit card details will be deleted from the app
• August 2025 | The final stage in the shake-up, Microsoft will permanentlyremote all saved passwords, with any generated passwords not previously saved also deleted

Microsoft has added a warning banner to the app stating: "Autofill via Authenticator ends in July 2025. You can export your saved info (passwords only) from Authenticator until Autofill ends."

The Redmond-based company emphasises that payment data will not automatically transfer to other services, requiring manual re-entry of card details.

Password managers like Authenticator work by encrypting and storing your login details, then automatically filling them in when you visit websites or apps. This eliminates the need to remember dozens of different passwords whilst maintaining security. This popular category of applications offer features like cross-platform synchronisation, apps for multiple web browsers and devices, encrypted storage for your login credentials, and automatic breach monitoring.

Some of these apps let you temporarily share login details with friends and family. Software licences and Wi-Fi network passwords can also be stored in some of these services.

Why is Microsoft ditching this popular functionality from Authenticator? The decision is part of a strategic shift that consolidates all password management within its Edge browser, which currently holds just 5.2% of the global market share compared to Google Chrome's commanding 66.19%. The company has added a "Turn on Edge" button to Authenticator as part of its ongoing campaign to drive browser adoption.

Karolis Arbaciauskas, head of business product at NordPass, said: "Microsoft's decision to phase out password management from Authenticator represents a significant shift in the company's approach to digital security. It seems like Microsoft is simplifying credential management across different devices and bringing password management logic closer to the market-dominant model, which is already familiar to many users.”

“In addition, the company has a chance to increase the popularity of its browser. In theory, it’s a win-win situation. But people have various personal likes and dislikes, are often used to a particular ecosystem or a browser and may not wish to move. In that case, a dedicated password management solution might be a good idea since it can provide cross-platform synchronization across multiple browsers and devices, secure storage for credentials, and features like breach monitoring and encrypted sharing,” Arbaciauskas added in a chat with Techradar Pro.

While Microsoft Edge will replicate all of the same password features previously found in Microsoft Authenticator, the US company wants to eventually move its users away from passwords altogether. Earlier this year, Microsoft confirmed that it was blocking 7,000 attacks on passwords every second — almost double from a year ago.

As a result, it has decided to making all new accounts passwordless by default. Instead of being asked to think of a secure password with a mixture of lowercase and capital letters, numbers, and symbols — you'll be guided to set up a passkey when you create a new Microsoft account.

LATEST DEVELOPMENTS

• Netflix will be blocked on some Fire TV Sticks tomorrow
• Sky unleashes 'lowest prices' on broadband and TV
• Blockbuster upgrade coming to Samsung Galaxy, but only if your phone is on THIS list
• Best VPN deals

Passkeys have long been hailed as the harbinger of doom for traditional passwords.

Developed by the FIDO Alliance — an industry body with the aim of helping to "reduce the world’s over-reliance on passwords" with the likes of Apple, Google and Microsoft amongst its members, passkeys rely on the biometrics built into your devices. Using the same facial recognition or fingerprint scan that can unlock your iPhone, iPad, Android phone or tablet, Windows PCs... the device already in your hands can now verify your identity for websites and apps.

This removes the need for a separate password for each account. Given the weak passwords still used by millions of Britons, this shift should reduce the number of hacks.

Your saved passwords are synced with your Microsoft account, meaning they'll remain accessible through Edge even if you forget to export them before the deadline. However, if you prefer using a different browser or password manager, you must export your data before August.

To export passwords from Authenticator, navigate to Settings > Export passwords > Export, then import the saved file to your chosen password manager. Microsoft warns that exported passwords will no longer be encrypted, so you should quickly delete the file after transferring the data elsewhere.

You face a critical choice: either download Edge onto your devices to maintain seamless password access, or switch to a dedicated password management solution that offers cross-platform compatibility with your preferred browsers.