Microsoft Authenticator Gains Password Management and Autofill Capabilities

Microsoft Authenticator can now provide password management and autofill capabilities on mobile, so you can protect synced passwords with multi-factor authentication (MFA), and using the Microsoft account you trust. This capability is now available in public preview.

“Microsoft Authenticator can now securely store and autofill passwords on apps and sites you visit on your mobile device,” Microsoft’s Rajat Luthra writes in the announcement post. “Once you make Authenticator an autofill provider, it will offer to save your passwords when you enter them on a site or app’s login page. Your passwords are protected on mobile with multi-factor authentication [and] are synced using your Microsoft account (outlook.com, hotmail.com, live.com, etc.), making them also available on your desktop with Microsoft Edge and [Google Chrome using a] new Chrome extension.”

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

To date, Microsoft Authenticator has provided MFA capabilities for your Microsoft, Azure Active Directory (AAD), and other compatible accounts. But this new capability dramatically expands the functionality of the app, letting you also sync all of your passwords more securely through your Microsoft account on mobile. That is, you can now replace the default password management and autofill capabilities on your phone with Microsoft Authenticator.

To get started, update Microsoft Authenticator to the latest version and then navigate to Settings > Beta > Autofill and enable this feature. A new Passwords tab will appear in the main app view alongside the previous tab, now called Authenticator.

Then, you need to configure Authenticator as your autofill provider. On iPhone, open Settings, search for “Autofill Passwords,” and then select “Autofill Passwords” and then “Authenticator.” On Android, open Settings, search for “Autofill,” and then select “Auto-fill service,” “Auto-fill service,” and then “Authenticator.”

These passwords will automatically sync with Microsoft Edge on desktop. If you’re using Google Chrome despite all common sense, then you can install the Microsoft Autofill extension to gain this ability.

A couple of more important points.

Microsoft Authenticator only supports password management and sync through a Microsoft account. You cannot use this feature with a commercial (AAD-type) account; admins interested in enabling autofill through the Microsoft Authenticator app for their organization can refer to the Microsoft Docs website.

Microsoft Authenticator password management and sync also requires iOS 12.0 or newer or Android 6.0 or newer.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 40 comments

  • j5

    Premium Member
    15 December, 2020 - 3:09 pm

    <p>I like MS Authenticator and the layout of it. I just wish you could install it on PC too. I like that feature of Authy. What if I don't have access to my phone for whatever reason. I can still log into my accounts with the PC version. </p>

    • hellcatm

      15 December, 2020 - 3:54 pm

      <blockquote><a href="#600137"><em>In reply to j5:</em></a><em> "</em>Your passwords are protected on mobile with multi-factor authentication [and] are synced using your Microsoft account (outlook.com, hotmail.com, live.com, etc.), making them also available on your desktop with Microsoft Edge and [Google Chrome using a] new Chrome extension.”</blockquote><blockquote><br></blockquote><p>You can with a chrome extension. Unless you mean logging into apps as well?</p>

  • colin79666

    Premium Member
    15 December, 2020 - 3:29 pm

    <p>Will be interesting to see exactly how this works, particularly with an eye on security and if it supports import from csv. Can’t use Apple keychain outside their walled garden. </p><p><br></p><p>Potentially a replacement for LastPass now that LogMeIn have ruined its simplicity and tripled the price. </p>

  • hillcountry

    Premium Member
    15 December, 2020 - 4:00 pm

    <p>Did Microsoft mention of this will eventually work with the Teams Safe on mobile or OneDrive Vault? I hope Microsoft has a plan to integrate/consolidate the password and secure files features of Edge, Authenticator, OneDrive Vault, and Teams Safe.</p>

  • martinusv2

    Premium Member
    15 December, 2020 - 4:56 pm

    <p>Oh nice! </p>

  • rmlounsbury

    Premium Member
    15 December, 2020 - 5:09 pm

    <p>Finally! With this update I could potentially get rid of 1Password and it's annual cost and drop Authy and just use Microsoft Authenticator for both functions. I've been wanting Microsoft to have even just a standalone password management app for ages now. </p><p><br></p><p>On the business side of things I don't have to leverage a third party for password management either. Now we can leverage Edge and Authenticator instead as part of the M365 suite. </p>

  • ponsaelius

    15 December, 2020 - 5:30 pm

    <p>I am thinking of moving from Lastpass with this. The question is how do I import my existing passwords into edge? Is it as secure or maybe more secure?</p><p><br></p><p>Certainly worth thinking about.</p>

    • rmlounsbury

      Premium Member
      15 December, 2020 - 11:23 pm

      <blockquote><em><a href="#600189">In reply to ponsaelius:</a></em></blockquote><p>I think in reference to security it is all up to how much you trust Edge when it comes to storing sensitive information. Since on the desktop Edge is where most of this will live. </p><p><br></p><p>I'm wondering the same thing on importing passwords from a service into Edge so it can sync to Authenticator. You can import passwords from another browser but I can't find a way to import from an file generated by a password manager app. </p>

  • tony_ansley

    Premium Member
    15 December, 2020 - 5:54 pm

    <p>Maybe I am missing it, but I don't see a way to store general information (such as Address, CC, SSN, etc) to use for filling out those god-awful shipping forms.</p><p><br></p><p>[edit]</p><p> Also, need a password generator.</p>

    • rmlounsbury

      Premium Member
      15 December, 2020 - 11:17 pm

      <blockquote><em><a href="#600192">In reply to tony_ansley:</a></em></blockquote><p><br></p><p>You can store address info in Edge and use that to auto-fill forms on websites. You can also save payment information in Edge and fill it that way as well. The only thing that is missing would be the secure notes for things like SSN for auto-fill. You can also use Edge to suggest strong passwords. </p><p><br></p><p>But, the system Microsoft is building does appear to generally rely on you using Microsoft applications (Authenticator + Edge). </p>

    • Paul Thurrott

      Premium Member
      16 December, 2020 - 8:44 am

      Yep. I’m surprised there isn’t a generator.

  • jlmerrill

    15 December, 2020 - 6:06 pm

    <p>I think I have the latest and and don't see he beta option in settings.</p>

    • jlmerrill

      15 December, 2020 - 7:38 pm

      <p>Authenticator finally upgraded but beta is grayed out apparently because I have a work account on it.</p>

  • bluvg

    15 December, 2020 - 6:12 pm

    <p>Saw this from Brad over at Petri also. <span style="background-color: rgb(255, 255, 255); color: rgb(0, 0, 0);">If they added a system credential provider for Windows using Authenticator, this would be a HUGE benefit for businesses. That is sorely lacking right now. It's astonishing given Microsoft's focus on security that this is not built in, especially for RDP scenarios where they curiously sidestep the issue whenever the question is raised.</span></p>

    • Paul Thurrott

      Premium Member
      16 December, 2020 - 8:44 am

      Yes. I’ve always wondered why Microsoft doesn’t have this kind of thing, if only for store apps. You have to manually sign-in to every service. On Android and iOS, it’s automated for you by password auto-fill.

  • mikefrommarkham

    15 December, 2020 - 8:24 pm

    <p><em>" … </em><em style="color: rgb(0, 0, 0);">and using the Microsoft account you trust."</em></p><p><br></p><p>And therein lies my problem: I don't trust Microsoft (nor Google, nor Amazon) enough to let them be the caretakers of my passwords, etc.</p><p><br></p><p>Pass.</p>

    • the escalation

      15 December, 2020 - 9:53 pm

      <blockquote><em><a href="#600215">In reply to MikeFromMarkham:</a></em></blockquote><p>So who do you trust?</p>

      • codymesh

        16 December, 2020 - 12:34 am

        <blockquote><em><a href="#600232">In reply to the escalation:</a></em></blockquote><p>I'd assume people who don't trust corporations would turn to more open-source(ish) solutions like Bitwarden.</p>

        • mikefrommarkham

          16 December, 2020 - 9:25 am

          <blockquote><em>In</em><a href="#600262"><em> reply to codymesh:</em></a></blockquote><p>I do use Bitwarden as my primary password manager these days. It's free, open source, cross-platform, under constant development, and has gotten significantly better over the last two years. Still not quite as polished as LastPass (my previous password keeper) but getting there fast.</p>

          • the escalation

            16 December, 2020 - 12:40 pm

            <blockquote><em><a href="#600339">In reply to MikeFromMarkham:</a></em></blockquote><p><br></p><p>Cool, I will check it out. Thanks.</p>

  • marcosbabu

    15 December, 2020 - 10:19 pm

    <p>Just should add that password management won't work with AAD accounts *even* if a Microsoft-account is present. You gotta remove the AAD account for the beta button to be enabled.</p>

  • codymesh

    16 December, 2020 - 12:31 am

    <p>this is pretty sweet but isn't it bad security practice to have both the password manager and 2fa as the same app/service? </p>

  • Bavo Bostoen

    16 December, 2020 - 5:24 am

    <p>Microsoft should provide detailed information on how these passwords are stored by Edge/Authenticator. How is it stored exactly, where, how is it encrypted, who/what can access =&gt; currently it is trivially easy to extract passwords from Edge (or any other browser for that matter). I suppose that is the main reason why most people do not use these built-in browser facilities and choose an external password manager.</p>

    • Paul Thurrott

      Premium Member
      16 December, 2020 - 8:37 am

      I am positive most people, and by a very large margin, use the built-in password managers in web browsers.

      • dftf

        17 December, 2020 - 11:15 am

        <blockquote><em><a href="#600316">In reply to paul-thurrott:</a></em></blockquote><p>Unless you have it disabled via a Group Policy ;)</p><p><br></p><p>I do wonder how there's never been a big security news story around this… I mean, in both Google Chrome and the current Microsoft Edge, your passwords are stored in the "Login Data" file inside your "User Data &gt; Default" folder. So… what's to stop anyone copying-and-pasting this into a different Chrome install and then being able to log into all your websites?</p><p><br></p><p>(In Firefox, I think the files are "key4.db" and "logins.json")</p>

  • wright_is

    Premium Member
    16 December, 2020 - 5:36 am

    <p>I currently use LastPass, but without a Windows client, the MS Authenticator solution is useless, to me. I need my passwords in Windows about 98% of the time and 2% on mobile – mainly when setting up a new phone every 2 years or so.</p><p>Edit: Just checked my Authenticator app, feature not available currently. There is no "beta features" option in settings and I checked with Google Play, I am running the latest version (no updates available).</p>

    • rickeveleigh

      Premium Member
      16 December, 2020 - 8:19 am

      <blockquote><em><a href="#600286">In reply to wright_is:</a></em></blockquote><p>Go to Help in the App, follow link to Enroll in beta program. Then you'll be able to get the version from Google Play. (I got it but as I have lots of work accounts in Authenticator I can't enable the new feature anyway!)</p>

  • maktaba

    16 December, 2020 - 7:40 am

    <p>Can you manually add username and password in the app? Or do you have to log in the website with the Edge browser for it save the password?</p>

    • Paul Thurrott

      Premium Member
      16 December, 2020 - 8:36 am

      I’ve just started testing it. I will check on this.

      • maktaba

        16 December, 2020 - 4:50 pm

        <blockquote><em><a href="#600315">In reply to paul-thurrott:</a></em></blockquote><p>I tried it on iPhone and it seems there is no way of adding username/passwords manually. You can’t even edit your username or website of your saved accounts. Only password can be edited. The biggest software company on the planet must do something about this.</p>

  • jdawgnoonan

    16 December, 2020 - 7:55 am

    <p>I joined the beta for Microsoft Authenticator, but unfortunately policy for the application will not allow me to try the password manager due to my work-related Teams account that I have the application set up with. </p>

    • rickeveleigh

      Premium Member
      16 December, 2020 - 8:20 am

      <blockquote><em><a href="#600298">In reply to jdawgnoonan:</a></em></blockquote><p>Same!</p>

  • crunchyfrog

    16 December, 2020 - 9:19 am

    <p>This is an important step for authenticator but I still can't use it much over LastPass. I only have a few accounts that use Microsoft's tool.</p>

  • JerryH

    Premium Member
    16 December, 2020 - 9:51 am

    <p>I guess this is OK, but they need to bring it to PC / Mac as well if they want to get any traction against perennial favorites like LastPass. After that, they can look into Family settings where you can share some of the passwords, etc. Until then, it seems like just an also ran.</p>

    • behindmyscreen

      17 December, 2020 - 8:16 am

      <blockquote><em><a href="#600349">In reply to JerryH:</a></em></blockquote><p>Paul says in the article that it syncs to Edge on the desktop.</p>

  • simard57

    16 December, 2020 - 3:44 pm

    <p>"<span style="color: rgb(0, 0, 0);">To get started, update Microsoft Authenticator to the latest version and then navigate to Settings &gt; Beta &gt; Autofill and enable this feature."</span></p><p><span style="color: rgb(0, 0, 0);">my Autofill setting is all grayed out – am I missing something?</span></p>

    • simard57

      16 December, 2020 - 5:02 pm

      <blockquote><em><a href="#600398">In reply to Simard57:</a></em></blockquote><p>from Microsoft — however I am using a personal account, not work account</p><p>Q: What if&nbsp;Autofill&nbsp;switch is grayed out for me in Settings?</p><p>A: Autofill is currently in beta and has not yet been enabled for all organizations or account types. If the&nbsp;Autofill&nbsp;switch in&nbsp;Settings&nbsp;is grayed out for you, it is likely because you are using Authenticator app with your work account. You can use this feature on a device where your work account isn’t added. If your organization works with Microsoft, the&nbsp;Autofill&nbsp;switch will be enabled even when a work account is added to Authenticator.</p>

  • behindmyscreen

    17 December, 2020 - 8:16 am

    <p>Password generation…..Why do they not include this!</p>

  • dftf

    17 December, 2020 - 11:19 am

    <p>What 2FA app would people generally recommend, how often do they go wrong (such as not give you a code, or require you to somehow re-prove identity) and how easy is it to export the data from them, so that if you get a new phone you can get up-and-running straight-away?</p><p><br></p><p>I still use SMS based 2FA for many sites (yeah, yeah, they get sent plain-text and SIM hijacking, I know the risks) as when I've looked into 2FA apps you find loads of horror-stories online about how, especially when changing device, or if a factory reset were ever required on their current one, it's been difficult to get back into the 2FA app, or it's been difficult to get set back up with a lot of sites they use via their own account recovery processes.</p><p><br></p><p>At-least with SMS 2FA it's straightforward…</p>

    • Paul Thurrott

      Premium Member
      17 December, 2020 - 12:42 pm

      You should be using an authenticator app like Microsoft Authenticator.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC