For many of this 12 months, Microsoft has been warning customers that they are going to not be capable to use its Authenticator cell software for consumer ID and password administration. As reported by CNET on July 29, 2025, “In June, the corporate stopped letting customers add passwords to Authenticator…. And beginning Aug. 1, you will not be capable to use saved passwords.”
Additionally: How passkeys work: The complete guide to your inevitable passwordless future
To me, the dire warnings of this pending doomsday-like deadline are harking back to the run-up to January 1, 2000 — the so-called “Y2K drawback” — when it was anticipated that computer systems in every single place would expertise a meltdown as a result of their programmers by no means thought of the chance that their software program would nonetheless be in use within the twenty first century.
The nice passkey migration
However most of this reporting overlooks the larger shift that is underway throughout Microsoft’s id administration portfolio and, in lots of circumstances, is lacking key particulars in regards to the future roles of Microsoft Authenticator and the Microsoft Edge browser on the subject of one other colossal shift that is presently in progress: the world’s transition from passwords to passkey.
A passkey is unequivocally a safer credential than a password on the subject of logging into web sites and apps. Passkeys can’t be guessed, the identical passkey can’t be reused throughout completely different web sites and apps, and also you can’t be tricked into divulging your passkeys to malicious actors by way of strategies resembling phishing, smishing, squishing, and malvertising. Even should you’re strengthening consumer IDs and passwords with extra components of authentication, passkeys are a greater and safer different.
Additionally: I replaced my Microsoft account password with a passkey – and you should, too
In truth, of the key know-how distributors which are encouraging end-users to modify to passkeys, no vendor is pushing customers to transition as arduous as Microsoft is. However, on the similar time that Microsoft is aggressively campaigning for that transition, we’re nonetheless ready for Microsoft to supply the great credential administration capabilities which are essential to help that future.
Managing passwords after Authenticator
For customers who managed their consumer IDs and passwords with Authenticator and need to stick with Microsoft-based options to handle their consumer IDs and passwords, their solely choice is to export their passwords from Microsoft Authenticator to Microsoft’s Edge internet browser. As soon as customers do that, Edge won’t solely take over the function of managing these consumer IDs and passwords, it’ll additionally deal with the auto-provisioning of these credentials (a.okay.a. autofill) on the time of login and the synchronization of these credentials to the consumer’s different copies of Edge.
Along with Home windows, Edge is obtainable on MacOS, iOS, Android, and Linux. Given Edge’s cross-platform attain when in comparison with that of Microsoft Authenticator (iOS and Android), it makes extra sense for Edge to deal with credential administration and autofill.
This strategy, the place Microsoft is facilitating credential administration by way of the browser as an alternative of a cell software carefully resembles the way in which Google is dealing with credential administration and autofill by way of its Chrome browser. Each browsers are based mostly on Chromium and provide customers some fundamental password administration capabilities, and each depend on a central cloud to deal with credential synchronization to the identical browser on different units.
The issue with non-syncable passkeys
However, on the time this text was revealed, whereas Chrome’s password administration capabilities will auto-provision and synchronize credentials of each varieties (passwords and passkeys) to a consumer’s different installations of Chrome, Edge can solely synchronize passwords. In line with a Microsoft spokesperson who was interviewed for this story, “passkeys created for companies like PayPal and eBay are saved as device-bound credentials in Home windows and might be accessed through Home windows Settings > Accounts > Passkeys. These are usually not saved or synced in Edge.”
In different phrases, Edge for Home windows is able to dealing with and auto-provisioning passkeys throughout a login, however not the opposite variations of Edge. I confirmed this by attempting to make use of Edge for Android to register a passkey for eBay. So much occurs behind the scenes while you register a passkey for the primary time, and I clarify the method in How Passkeys Work: Let’s Start the Registration Process.
Additionally: 10 passkey survival tips: Prepare for your passwordless future now
Whereas an eBay passkey registration choice exists when utilizing Edge for Home windows, no such choice was out there to me on Edge for Android. Along with that limitation, the eBay passkey that I used to be capable of set up on Edge for Home windows couldn’t be synchronized to my copy of Edge for Android. This confirmed the spokesperson’s assertion about passkeys being “saved as device-bound credentials in Home windows.” System-bound passkeys are additionally known as “non-syncable passkeys.” They’re tied to the gadget that was used to create them and can’t be synchronized to a different gadget. Because it seems, the passkey that I established by way of Edge operating on my copy of Home windows 11 was certain through Home windows Hi there to the Trusted Platform Module (TPM) in my HP Pocket book.
This raises the query of the place, throughout Microsoft’s portfolio, customers may be capable to discover help for syncable passkeys since they’re by far essentially the most handy type of passkey to make use of for the web sites and apps that help them. In spite of everything, the corporate is already supporting syncable consumer IDs and passwords by way of Edge. The very last thing most customers need to do is handle a number of device-bound passkeys for every web site and app they use. Higher to only have one, identical to a password.
Your passkey administration choices now
That is the place the confusion units in. Throughout a lot of the articles that reported on the elimination of consumer ID and password help in Microsoft Authenticator, the authors additionally famous that Authenticator would proceed to help passkeys and that the consumer might proceed to depend on Authenticator to authenticate (login) with these passkeys (see my rationalization of what really happens during your ‘passwordless’ passkey login). It is not shocking that a lot of the articles mentioned this. In spite of everything, Microsoft’s own post about the changes to Authenticator very clearly states, “Authenticator will proceed to help passkeys. When you have arrange Passkeys on your Microsoft Account, be sure that Authenticator stays enabled as your Passkey Supplier. Disabling Authenticator will disable your passkeys.”
This definitely piqued my curiosity. On the floor, it was unusually beginning to appear like Microsoft was shifting all consumer ID and password administration to Edge whereas on the similar time fracturing passkey administration throughout Microsoft Authenticator and Edge for Home windows as an alternative of shifting full help for each syncable passwords and syncable passkeys to Edge (which is strictly how Chrome does it). So I went again to Microsoft to guarantee that I understood issues appropriately. I apparently did not.
Additionally: Passkeys won’t be ready for primetime until Google and other companies fix this
“Authenticator will at all times proceed to help device-bound passkeys for Entra accounts,” a Microsoft spokesperson informed me. “You will at all times be capable to create a kind of at present and sooner or later.” There’s rather a lot to unpack there. Not solely are Authenticator-managed passkeys additionally device-bound passkeys (in different phrases, they can’t be synchronized), the passkey help present in Authenticator is for customers of Microsoft Entra ID, Microsoft’s cloud-based id administration answer (previously often known as Azure Lively Listing) for companies. In different phrases, the passkey help present in Microsoft Authenticator isn’t for these of us within the basic consumer inhabitants who simply need to handle their credentials. And it nonetheless lacks any synchronization capabilities.
In a nutshell, for these of us within the basic consumer inhabitants who need to handle and use passkeys along with consumer IDs and passwords, Microsoft affords one choice: Edge on Home windows. Moreover, neither Edge for Home windows nor Microsoft Authenticator (for Entra ID customers) affords passkey synchronization. The one kind of passkeys that Microsoft presently helps are device-bound (non-syncable) passkeys. That is clearly not very best, and understanding a number of the of us at Microsoft, I am positive they’d agree (particularly given how arduous the corporate is promoting the thought of passkeys proper now).
My conclusion as I attempt to take a 30,000-foot view of this example is that on the subject of all the completely different Microsoft applied sciences that play a job in credential administration — Home windows, Home windows Hi there, Authenticator, Edge, Microsoft Pockets, Entra ID, passkeys, and so on. — the corporate has a variety of completely different items on the chessboard. Shifting all of them into the best place to help the safe credential administration future it’s promoting is simpler mentioned than finished.
Additionally: What really happens during your ‘passwordless’ passkey login?
In the identical approach {that a} chess participant (and opponent) at all times assume and anticipate a number of strikes forward, it is arduous to not see that in some unspecified time in the future, ultimately (in all probability sooner), Microsoft will help syncable passkeys throughout all its variations of Edge identical to it does now with consumer IDs and passwords (and identical to Chrome does). That’s the solely logical end result given its strongly worded messages emigrate passwords from Authenticator to Edge.
However till that remaining chess transfer occurs, customers have choices within the different credential administration firms, together with Google and all of the third-party password managers (1Password, BitWarden, Dashlane, LastPass, NordPass, and so on.) that help syncable passkeys and passwords in a single answer.
Keep forward of safety information with Tech Today, delivered to your inbox each morning.