Latest news with #MicrosoftAuthenticator
Yahoo
3 hours ago
- Yahoo
Microsoft Will Delete Your Passwords in One Month: Do This ASAP
Passwords are a thing of the past for Microsoft Authenticator. Starting in August, Microsoft will require you to use passkeys instead of keeping all of your Microsoft passwords on its mobile app, and your old passwords will vanish. But that's not bad news. Passkeys can cut out risky password habits that 49% of US adults have, according to a recent survey by CNET. Making it a practice to use the same password for multiple accounts or to include personal hints, like your birthday, can be risky. It could be an easy giveaway for hackers to guess, which can lead to identity theft and fraud. Here's what you need to know about Microsoft's timeline for the switch and how to set up passkeys for your Microsoft accounts before it's too late. Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft June, Microsoft stopped letting users add passwords to Authenticator, but here's a timeline of other changes you can expect, according to Microsoft. July 2025: You won't be able to use the autofill password function. August 2025: You'll no longer be able to use saved passwords. If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," said Attila Tomaschek, CNET software senior writer and digital security expert. So what exactly is a passkey? It's a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That's generally safer than using a password that is easy to guess or susceptible to a phishing attack. "Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," Tomaschek added. Passkeys aren't stored on servers like passwords. Instead, they're stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager. Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. "If you have a password and 'one-time code' set up on your account, we'll prompt you to sign in with your one-time code instead of your password. After you're signed in, you'll be prompted to enroll a passkey. Then the next time you sign in, you'll be prompted to sign in with your passkey," according to the blog post. To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select "Set up a passkey." You'll be prompted to log in with your existing credentials. After you're logged in, you can set up the passkey.
CNET
2 days ago
- CNET
Microsoft Will Delete Your Passwords in One Month: Do This ASAP
Passwords are a thing of the past for Microsoft Authenticator. Starting in August, Microsoft will require you to use passkeys instead of keeping all of your Microsoft passwords on its mobile app, and your old passwords will vanish. But that's not bad news. Passkeys can cut out risky password habits that 49% of US adults have, according to a recent survey by CNET. Making it a practice to use the same password for multiple accounts or to include personal hints, like your birthday, can be risky. It could be an easy giveaway for hackers to guess, which can lead to identity theft and fraud. Here's what you need to know about Microsoft's timeline for the switch and how to set up passkeys for your Microsoft accounts before it's too late. Microsoft Authenticator will stop supporting passwords Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft accounts. In June, Microsoft stopped letting users add passwords to Authenticator, but here's a timeline of other changes you can expect, according to Microsoft. July 2025: You won't be able to use the autofill password function. You won't be able to use the autofill password function. August 2025: You'll no longer be able to use saved passwords. If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," said Attila Tomaschek, CNET software senior writer and digital security expert. Why passkeys are a better alternative to passwords So what exactly is a passkey? It's a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That's generally safer than using a password that is easy to guess or susceptible to a phishing attack. "Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," Tomaschek added. Passkeys aren't stored on servers like passwords. Instead, they're stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager. How to set up a passkey in Microsoft Authenticator Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. "If you have a password and 'one-time code' set up on your account, we'll prompt you to sign in with your one-time code instead of your password. After you're signed in, you'll be prompted to enroll a passkey. Then the next time you sign in, you'll be prompted to sign in with your passkey," according to the blog post. To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select "Set up a passkey." You'll be prompted to log in with your existing credentials. After you're logged in, you can set up the passkey.
Yahoo
2 days ago
- Yahoo
Microsoft Is Getting Rid of Passwords in One Month. Here's What You Need to Do ASAP
If you rely on Microsoft Authenticator to store your passwords, time is winding down. Starting in August, Microsoft will require you to use passkeys instead of keeping all of your Microsoft passwords on its mobile app and your old passwords will vanish. But that's not bad news. Passkeys can cut out risky password habits that 49% of US adults have, according to a recent CNET survey. Making it a practice to use the same password for multiple accounts or include personal hints, like your birthday, can be risky. It could be an easy giveaway for hackers to guess, which can lead to identity theft and fraud. Here's what you need to know about Microsoft's timeline for the switch and how to set up passkeys for your Microsoft accounts before it's too late. Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft June, Microsoft stopped letting users add passwords to Authenticator, but here's a timeline of other changes you can expect, according to Microsoft. July 2025: You won't be able to use the autofill password function. August 2025: You'll no longer be able to use saved passwords. If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," said Attila Tomaschek, CNET software senior writer and digital security expert. So what exactly is a passkey? It's a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That's generally safer than using a password that is easy to guess or susceptible to a phishing attack. "Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," Tomaschek added. Passkeys aren't stored on servers like passwords. Instead, they're stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager. Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. "If you have a password and 'one-time code' set up on your account, we'll prompt you to sign in with your one-time code instead of your password. After you're signed in, you'll be prompted to enroll a passkey. Then the next time you sign in, you'll be prompted to sign in with your passkey," according to the blog post. To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select "Set up a passkey." You'll be prompted to log in with your existing credentials. After you're logged in, you can set up the passkey.
CNET
4 days ago
- CNET
Microsoft Is Getting Rid of Passwords in One Month. Here's What You Need to Do ASAP
If you rely on Microsoft Authenticator to store your passwords, time is winding down. Starting in August, Microsoft will require you to use passkeys instead of keeping all of your Microsoft passwords on its mobile app and your old passwords will vanish. But that's not bad news. Passkeys can cut out risky password habits that 49% of US adults have, according to a recent CNET survey. Making it a practice to use the same password for multiple accounts or include personal hints, like your birthday, can be risky. It could be an easy giveaway for hackers to guess, which can lead to identity theft and fraud. Here's what you need to know about Microsoft's timeline for the switch and how to set up passkeys for your Microsoft accounts before it's too late. Microsoft Authenticator will stop supporting passwords Microsoft Authenticator houses your passwords and lets you sign into all of your Microsoft accounts using a PIN, facial recognition such as Windows Hello, or other biometric data, like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your Microsoft accounts. In June, Microsoft stopped letting users add passwords to Authenticator, but here's a timeline of other changes you can expect, according to Microsoft. July 2025: You won't be able to use the autofill password function. You won't be able to use the autofill password function. August 2025: You'll no longer be able to use saved passwords. If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," said Attila Tomaschek, CNET software senior writer and digital security expert. Why passkeys are a better alternative to passwords So what exactly is a passkey? It's a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That's generally safer than using a password that is easy to guess or susceptible to a phishing attack. "Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," Tomaschek added. Passkeys aren't stored on servers like passwords. Instead, they're stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager. How to set up a passkey in Microsoft Authenticator Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. "If you have a password and 'one-time code' set up on your account, we'll prompt you to sign in with your one-time code instead of your password. After you're signed in, you'll be prompted to enroll a passkey. Then the next time you sign in, you'll be prompted to sign in with your passkey," according to the blog post. To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select "Set up a passkey." You'll be prompted to log in with your existing credentials. After you're logged in, you can set up the passkey.
Yahoo
6 days ago
- Yahoo
Microsoft Authenticator is Losing Password Autofill—Here's What To Use Instead
Microsoft Authenticator, a popular app for generating 2FA codes and storing passwords, has supported password autofill for years. However, that is all going by the wayside. Here's how to save your passwords, and what you can use instead. Microsoft isn't just removing autheticator's ability to autofill passwords, it is completely removing its ability to even store them. Starting in August, passwords previously saved to Authenticator will only be accessible via your Microsoft account. If you used Authenticator to generate passwords, that generation history will be completely erased. If those passwords aren't backed up somewhere, either in Authenticator, your Microsoft account, or elsewhere, they'll be lost permanently in August 2025. Microsoft Authenticator will also be deleting any saved payment methods you have. As inconvenient as that may be, it is probably a good thing—leaving a bunch of sensitive data sitting around in a deprecated service is never a good thing for your security. Authenticator provided four big services all in one convenient package: A password manager A 2FA code generator A way to save your payment methods A password generator In searching for a replacement, I wanted a solution (or combination of solutions) that neatly provides all of those too. I use BitWarden as a password manager, since it works so well on all of my devices (Android, Windows, and Linux), and luckily, BitWarden can also do 2FA. The regular BitWarden app also includes a password and passkey generator, and supports credit cards. There is really only one small downside: the free 2FA and password manager apps are separate. If you want them integrated, you'll need to pay 10 dollars annually. I'm all in on BitWarden these days, plus I like the company and the open-source approach, so that is what I went for. Google's password manager is integrated into every Android phone by default, which makes it an obvious choice for many. Because it is integrated into Android, it tends to have the fewest problems with autofill. On the other hand, it doesn't work on Windows or Linux unless you use Google Chrome. 1Password is an extremely popular password manager that ticks all of my boxes, and will probably meet the needs of almost any user. Like Microsoft Authenticator and BitWarden, it works on all major operating systems, can store and generate passwords and passkeys, can handle 2FA codes, and can save payment methods. The personal plan for 1Password costs $2.99 per month if you pay annually, or 3.99 per month if you pay on a month-by-month basis. I gave the trial of 1Password a try and actually quite liked it, but I stick to FOSS software whenever I can. Once you've decided which password manager app you want to use, you need to export your passwords from Authenticator. The process will be pretty similar regardless of which password manager you choose. Authenticator lets you export your saved passwords as a CSV file, but BitWarden on mobile can't directly import that. It is easier to use the desktop instead. First, open up Authenticator and make sure that your passwords are backed up to your Microsoft account. Tap the three-dot icon in the upper-right corner, then go to Settings. Scroll down until you see the toggle next to "Cloud Backup." Now, go to any PC and launch Microsoft Edge. Once Edge has been launched, log in to the same Microsoft account that you used for your Authenticator backup. Click the address bar, then paste or type edge://wallet/passwords in the address bar. Click the three-dot icon, then the "Export Password" button. Edge will take you through a few confirmation steps before giving you a CSV file that contains your passwords. Now, install the BitWarden desktop app on your device, and click File > Import Data. Select "Edge (CSV)" from the File Format drop-down menu, then click "Import" and select the file you exported from Microsoft Edge previously. All of your passwords that were previously saved in Authenticator will be moved over into BitWarden and synchronized between all of your devices. If none of those options are appealing, there are other password managers you could try out instead. Just remember: a piece of paper stuffed in your desk drawer is neither secure nor reliable enough to be trusted with your important passwords.
