The future of Microsoft will see us say goodbye to an all-too-familiar thing of the past — passwords.
After August, Microsoft Authenticator will no longer support passwords at all. If you’re still using the Authenticator app to manage logins, big changes are coming fast. This shift is already in motion: New password creation was disabled in June, and autofill support was cut off in July.
For years, Microsoft Authenticator has been a go-to for managing both multifactor authentication and saved passwords. However, starting next month, it will move to passkeys instead. That means your logins will soon rely more on things like PINs, fingerprint scans or facial recognition: They’re all more secure, faster and harder to steal than a standard password.
Passkeys get rid of the risky password habits practiced by 49% of US adults, like using the same password for multiple accounts or using personal hints, according to a CNET survey. However, those convenient hints can pose a bigger risk to scammers, identity theft and fraud.
If you’re a fan of Authenticator and not sure where to start before the switch, here are other password managers CNET recommends and steps you should take before August.
When will Microsoft Authenticator stop supporting passwords?
Microsoft Authenticator houses your passwords and lets you sign into all your Microsoft accounts using a PIN, facial recognition like Windows Hello, or other biometric data like a fingerprint. Authenticator can be used in other ways, such as verifying you’re logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your accounts. In June, the company stopped letting users add passwords to Authenticator.
Starting this month, you won’t be able to use the autofill password function. And next month, you’ll no longer be able to use saved passwords.
If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. “Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts,” Tomaschek said.
Why are passkeys a better alternative to passwords?
So what exactly is a passkey? It’s a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That’s generally safer than using a password that is easy to guess or susceptible to a phishing attack.
“Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks,” said Attila Tomaschek, CNET’s software senior writer and digital security expert.
Passkeys aren’t stored on servers like passwords. Instead, they’re stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager.
How to set up a passkey in Microsoft Authenticator
Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. “If you have a password and ‘one-time code’ set up on your account, we’ll prompt you to sign in with your one-time code instead of your password. After you’re signed in, you’ll be prompted to enroll a passkey. Then the next time you sign in, you’ll be prompted to sign in with your passkey,” according to the blog post.
To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select “Set up a passkey.” You’ll be prompted to log in with your existing credentials. After you’re logged in, you can set up the passkey.
Other password manager alternatives
Since Microsoft will get rid of all of your passwords in a few short weeks, you’ll need a new place to store your passwords safely. Tomaschek has a few of the best password manager recommendations after testing and reviewing several.
The top recommendation is Bitwarden for its transparency. It’s open-source and audited annually. From a price perspective, the free plan lets you store infinite passwords across unlimited devices. The free plan also includes features most password managers would charge for, including password sharing and a username and password generator.
Bitwarden’s upgraded plans have other upgraded features that could be worth the cost, too.
Personally, Tomaschek has been using 1Password for a while, and he likes the interface and family plan. Even though it’s second on the list, Tomaschek says it’s just as good as Bitwarden.