Microsoft announced that starting August 1, 2025, it will no longer support password storage in its Authenticator app.
This change is no coincidence. It's part of the company's broader plan to move away from traditional passwords and adopt more secure and modern sign-in methods. With this decision, Microsoft also aims to simplify autofill within the two-step authentication (2FA) app, making everything easier and safer for users.
If you use Microsoft Authenticator to store your passwords, there are key dates you should keep in mind.
Since June 2025, you can no longer add or import new passwords into the app. During July, you'll still be able to use the passwords you had already saved, but the autofill feature within the app will stop working.
And most importantly: starting in August 2025, all saved passwords will be removed from Authenticator. That means you will no longer be able to access them from the app, and if you haven't exported them beforehand, they will be lost forever.
"Starting in July 2025, the autofill feature in Authenticator will stop working, and beginning in August 2025, passwords will no longer be accessible in Authenticator," Microsoft said in a support document for Authenticator.
Additionally, if you had payment information saved, that too will be deleted by the end of July. This change affects more than just passwords. Microsoft is gradually phasing out the entire autofill and data storage functionality as part of its plan to move away from passwords and shift toward more secure authentication methods, such as two-step verification or passwordless options.
The main reason behind this change is quite simple: passwords are no longer secure or practical. We’ve all been there… we forget them, reuse the same one on multiple sites, or write them down in unsafe places. And that, of course, makes them an easy target for hackers and cybercriminals.
Microsoft is clear on this: continuing to use traditional passwords poses too high a risk, especially with the constant rise in cyberattacks.
Instead, the company is betting on a much more modern and secure system: Passkeys. How do they work? Essentially, they replace the password with something you have (like your device) and something you are (like your fingerprint or face).
This system uses two encrypted keys:
A public key that is stored on the service or website.
A private key that is stored only on your phone or computer.
The great thing about this is that even if someone manages to access the servers, they won’t be able to do anything with the public key unless they also have your device. And since the private key never leaves your device, the risk of theft is drastically reduced.
Microsoft says that Passkeys are not only more secure, but also more convenient: you no longer have to remember or type in passwords all the time. Just use your fingerprint or facial recognition… and you're in. In short: fewer hassles, more security. And that’s exactly what they’re aiming for with this change.
Read more: Password vs Access Key: Which One Is More Secure for Logging In?
Microsoft has been very clear about this: if you have passwords or other information saved in Authenticator and want to keep them, it’s time to back them up or export them.
You need to move your data before the deadline. You can transfer it to Microsoft Edge or another password manager you trust. If you don’t do it in time, everything will be deleted and there will be no way to recover it afterward.
And one important detail: if you're already using Passkeys with your Microsoft account, make sure Authenticator is still your primary app for that type of sign-in. If you disable it by mistake, you could lose access to that authentication method.
In short: back up everything important, export your passwords, and check your settings before everything is permanently erased.