The company’s transition to passkeys is underway, but users face uncertainly about the future of credential management

Microsoft has been actively promoting the adoption of passkeys, a safer alternative to passwords, but the company’s own identity management portfolio is still struggling to keep pace. As of August 1, 2025, users can no longer add passwords to the Microsoft Authenticator mobile application, and the browser will no longer be able to use saved passwords. However, the bigger shift underway is the transition from passwords to passkeys, which is expected to revolutionize the way we log into websites and apps.

Passkeys are a more secure credential than passwords, as they cannot be guessed, reused across different websites and apps, or compromised through phishing, smishing, or other malicious techniques. According to Microsoft, passkeys are generated by a device’s Trusted Platform Module (TPM) or a secure hardware token, and are stored on the device itself, making them more secure than passwords. Additionally, passkeys are not shared or synchronized across devices, which reduces the risk of unauthorized access.

Despite this, Microsoft’s approach to passkey management is fragmented, and users are left with limited options. For users who managed their user IDs and passwords with Authenticator, the only way to transition to a Microsoft-based solution is to export their passwords to Microsoft’s Edge web browser. Edge will then take over the role of managing those user IDs and passwords, handling auto-provisioning and synchronization. However, this solution has limitations, particularly for users of non-Windows devices.

According to a Microsoft spokesperson, passkeys created for services like PayPal and eBay are stored as device-bound credentials in Windows and can be accessed via Windows Settings, but they are not stored or synced in Edge. This means that users may need to manage multiple device-bound passkeys for each website and app, which can be inconvenient. Furthermore, this limitation applies to all versions of Edge except for Windows, which means that users of non-Windows devices, such as macOS, iOS, or Android, will not be able to use passkeys in Edge.

The situation becomes even more complicated when considering the role of Microsoft Authenticator, which will continue to support passkeys, but only for users of Microsoft Entra ID, a cloud-based identity management solution for businesses. This means that users in the general population will not have access to passkey synchronization capabilities. In other words, users who want to use passkeys with Microsoft Authenticator will need to be part of a business or organization that uses Entra ID, which is not a viable option for the general population.

In a nutshell, for those who want to manage and use passkeys in addition to user IDs and passwords, Microsoft offers only one option: Edge on Windows, which still lacks passkey synchronization. This is a far cry from Google’s approach, which synchronizes both passwords and passkeys across all installations of Chrome.

While Microsoft is aggressively promoting the adoption of passkeys, it is clear that the company still has a lot to do to support the secure credential management future it is selling. Until then, users may need to consider alternative options, such as third-party password managers that support syncable passkeys and passwords in a single solution. Some examples of third-party password managers that support passkeys include 1Password, BitWarden, Dashlane, LastPass, and NordPass.

In conclusion, Microsoft’s transition to a passwordless future is a complex and challenging process, and users will need to be patient and flexible as the company navigates the various pieces on the chessboard. While passkeys offer a more secure alternative to passwords, the lack of synchronization capabilities in Microsoft’s current offerings may leave users feeling uncertain about the future of credential management.