Important Update on Password Deletion
Anadolu via Getty Images
Republished on May 31 with new information regarding Microsoft account password management.
Microsoft’s Move to Eliminate Passwords
Microsoft is set to remove passwords for its vast user base, claiming that “the password era is ending.” This change comes amid reports of millions of email addresses and passwords being compromised. According to Microsoft, cyber threats are escalating as hackers recognize that passwords are becoming obsolete, intensifying their attacks before users adapt.
Upcoming Password Management Changes
In a significant development, Microsoft will start deleting passwords for millions of users in just eight weeks. Users of Microsoft Authenticator will be notified that starting in August 2025, saved passwords will be inaccessible, with any newly generated passwords not being retained. Immediate action is required to ensure continued access to password information.
Key Deadlines for Users
- New passwords cannot be saved in Authenticator beginning June 2025.
- Autofill functionality with Authenticator will be disabled in July 2025.
- Access to saved passwords in Authenticator will cease in August 2025.
Migration to Edge Browser
As part of this transition, Microsoft urges users to switch to its Edge browser for password management and autofill services. Saved passwords and addresses will sync securely with Microsoft accounts, enhancing user security and convenience. Users are encouraged to enable this feature as Microsoft actively pushes for a broader browser migration.
The Shift Towards Passkeys
While Microsoft’s Authenticator will still support passkeys, users should prioritize switching to this authentication method. Traditional passwords and two-factor authentication (2FA) are becoming less secure, so integrating passkeys into accounts, especially for Microsoft and Google accounts, is advised.
Current Security Threats
Recently, Microsoft accounts have been targeted by a new phishing attack exploiting Google’s App Scripts. This attack simulates a legitimate login page to deceive users into entering their credentials. To mitigate risks, users should follow Microsoft’s guidance to eliminate passwords and adopt passkeys to enhance account security.
