MICROSOFT has warned that billions of passwords are to be deleted within weeks to protect users from the threat of cyberattacks.
With the change imminent, Microsoft has issued advice to users to ensure they are not blocked from logging into their accounts.
Microsoft logo outside of its head office in France[/caption]
Why are your passwords being deleted?
Microsoft has said that passwords saved in its Authenticator app will be deleted in just six weeks times.
Instead of using passwords, the company are hoping this decision will encourage more users to embrace passkeys.
But why is this happening?
The Bill Gates co-founded company explained: “The password era is ending.”
And while this may be a surprise to some, consumer technologies publication CNET revealed it is a necessary change as half of all US adults have “risky password habits”.
These habits include reusing and sharing passwords or choosing easily guessable passwords.
What’s more, passwords are inherently vulnerable to attacks and phishing.
Users and organisations are all at risk and should heed the advice, as earlier this year, consumers were affected by the cyberattacks on well-known brands against M&S, Harrods and Co-op.
Furthermore, six government agencies were hit by 15million cyber attacks in 2024, amounting to around 40,000 threats a day.
Cyber attacks have been on the rise in the UK[/caption]
According to Microsoft, cyber attackers are aware that users are moving away from relying on passwords for security, which is why they’re accelerating password-related attacks while they still can.
The organisation said: “Passkeys not only offer an improved user experience by letting you sign in faster, they aren’t susceptible to the same kinds of attacks as passwords.”
Passkeys are a passwordless sign-in method, tied to the user’s account to make accessing a website or application more secure and easier.
Users can use passkeys to authenticate themselves without having to enter a username or password, and there is no need for any additional authentication factor.
Passkeys are the safest way to secure data[/caption]
Microsoft is not alone in encouraging users to find new ways to protect their privacy.
Google has also issued similar warnings, but has yet to implement such a forcible method to aid customer data protection.
And yet, for some, this change to passkeys will be daunting, especially after Google shared that more than half of their users still do not use the now-outdated two-factor authentication (2FA).
When does it come into affect?
Some users may have already noticed a difference in their experience, as some changes have already come into effect.
- June 2025 – Users will no longer be able to save new passwords in Authenticator.
- During July 2025, users will not be able to use autofill with Authenticator.
- From August 2025, saved passwords will no longer be accessible in Authenticator.
Users need to act to avoid losing access to accounts and applications.
What should you do now?
Microsoft Edge is the new recommended way of saving passwords if necessary[/caption]
The tech giant has incorporated a “Turn on Edge” button in Authenticator, which, when pressed, will securely sync all saved passwords and addresses to a users Microsoft account which can be accessed via Edge.
By doing so, users can continue to access their accounts and use functions like autofill.
While Microsoft explained that users could move their passwords to Microsoft Edge, they suggested that this is the perfect prompt to convert all passwords to passkeys.
