Microsoft Starts Deleting Your Passwords In 6 Weeks—Act Now
Password deletion is just around the corner.
“The password era is ending,” Microsoft warns, as it moves quickly to push a billion-plus users to make changes before it’s too late. It’s not alone. Google is also telling its users to move away from passwords, with most accounts now at risk.
This should come as no surprise. CNET has just warned that half of all U.S. users “have risky password habits.” That includes reusing and sharing passwords, as well as choosing passwords that are easy to crack or guess; but the real issue with passwords is that they’re inherently vulnerable to breaches and phishing.
The answer is passkeys — which is what both Microsoft and Google suggest as the “phishing resistant” alternative users should now move to. Google warns that more than half of users don’t even use two-factor authentication (2FA) yet, never mind passkeys, so there’s some serious ground to cover. But cover it we must.
In just six weeks, Microsoft warns that passwords saved in its Authenticator app “will no longer be accessible and any generated passwords not saved will be deleted.” You can move these to Edge, but instead you should take this as a prompt to replace passwords with passkeys on all accounts where they’re available.
These are Microsoft’s upcoming deadlines:
- “Starting June 2025, you will no longer be able to save new passwords in Authenticator.
- During July 2025, you will not be able to use autofill with Authenticator.
- From August 2025, your saved passwords will no longer be accessible in Authenticator.”
Pushing users to the Edge.
Microsoft has added a “Turn on Edge” button in Authenticator, and says “your saved passwords (but not your generated password history) and addresses are securely synced to your Microsoft account, and you can continue to access them and enjoy seamless autofill functionality with Microsoft Edge.”
Authenticator “will continue to support passkeys,” and Microsoft says “if you have set up Passkeys for your Microsoft Account, ensure that Authenticator remains enabled as your Passkey Provider. Disabling Authenticator will disable your passkeys.”
With Google warning most users “still rely on older sign-in methods like passwords and two-factor authentication (2FA),” despite the push to upgrade accounts to passkeys, the number of users affected by these changes is huge. Now it’s time to act.
Microsoft says bad actors know users are slowly moving away from passwords, “which is why they’re desperately accelerating password-related attacks while they still can.” Their advice is simple: “Passkeys not only offer an improved user experience by letting you sign in faster, [and] aren’t susceptible to the same kinds of attacks as passwords.”
It’s time to make that change before it’s too late.