Microsoft Passwords Will Not Be Accessible After 6 Weeks

Microsoft is aggressively moving towards a “passwordless” future, and this involves the eventual deletion of traditional passwords for many users, and the same goes for Google. This change will particularly target those who have adopted passkeys or other passwordless methods. In simpler words, billions of people wouldn’t be able to access their accounts using traditional passwords.

They believe the “password era is ending” due to the constant threat of password-related attacks like phishing, brute-force, and credential stuffing. If the time of passwords and other traditional methods is over then what’s the solution?

The solution is “passkeys” and other phishing-resistant credentials. Passkeys link your account security directly to your device’s security (e.g., biometric authentication like face or fingerprint recognition, or a PIN). This means an attacker would need physical access to your device and your unlock method to compromise your account.

For new accounts, passwordless is becoming the default. New Microsoft accounts are increasingly set up with passkeys or other passwordless methods from the start, bypassing the need to create a traditional password.

Microsoft is strongly encouraging existing users to delete their passwords and adopt passkeys or other passwordless options.

Microsoft has given the deadline of 6 weeks to existing users. From August 2025, saved passwords within the Authenticator app will no longer be accessible, and any generated one-time passwords not saved elsewhere will be deleted.

Why is Microsoft doing this?

Passwords are inherently vulnerable. They can be stolen, phished, or guessed. Passkeys, being cryptographically generated and tied to a device, are significantly more resistant to these types of attacks.

Passkeys offer a faster and more convenient way to sign in, often requiring just a face scan, fingerprint, or PIN, eliminating the need to remember complex passwords or deal with two-factor authentication codes.

Microsoft is part of a broader industry movement (including Apple and Google) to promote and adopt passkeys as the standard for online authentication.

If you primarily use the Microsoft Authenticator app to save or generate passwords. You need to ensure any passwords currently saved or generated within the Authenticator app are backed up or migrated to a more permanent and secure solution.

While Microsoft’s ultimate goal is to remove passwords completely, the immediate “deletion” is primarily targeting passwords saved within the Authenticator app. However, it’s a strong signal that you should transition to a passkey for your Microsoft account as soon as possible.