- How to change the PowerShell prompt - Wed, Mar 22 2023
- Trim characters from strings in PowerShell - Tue, Mar 14 2023
- Set Chrome, Firefox and Edge as default mail client (mailto handlers) - Mon, Mar 6 2023
The actual function of the Authenticator app, which Microsoft offers for iOS and Android, is to generate one-time passwords (OTP) for multifactor authentication (MFA). Since not all web applications support MFA, it makes sense to support authentication using the username and password in the app.
Protected by the Microsoft account
Like password managers in general, the Authenticator app increases security by encouraging the use of long, complex passwords. The user no longer has to remember them by heart, as the tool automatically inserts them into the right context.
Common password managers secure stored passwords with a master password. The combination of the Authenticator app and the Edge browser, on the other hand, is tied to a Microsoft account; hence, access is protected by the logon options provided for it.
On mobile devices, access to the app requires authentication using biometrics, such as FaceID or fingerprints.
App for mobile devices, Edge for desktop
While popular password managers like KeePass have implementations for all major operating systems, Microsoft offers the Authenticator app only for Android and iOS. On Windows, the Edge browser, with its built-in password manager, fills this gap.
There, you have to activate the synchronization of passwords in the browser's settings under Profiles > Sync, which requires logging on with a Microsoft account.
Configure synchronization of passwords and other browser data in Edge
Alternatively, you can use Google Chrome with Autofill-Extension installed for this purpose.
The Autofill extension synchronizes passwords with the Authenticator app among other things
Other browsers, such as Firefox, can only be included in the synchronization by transferring passwords from there to Edge. Additionally, Microsoft supports import in CSV format.
The synchronization of passwords from Firefox requires an intermediate step for example importing them to Edge
On a mobile device, synchronization must also be activated in the Authenticator app on the Passwords tab. This will synchronize the data immediately. You can then view the transferred name/password pairs for the respective websites.
After starting the sync the app tells you that you have to allow it to fill in web forms
Additionally, you have to configure the device to accept the Authenticator app as an application for filling out web forms. On iOS, you can find this option in the settings under Passwords > AutoFill.
The Microsoft Authenticator must be given permission to autofill passwords
In the Android version, the app is able to insert other data, such as credit card information, into web forms, in addition to passwords. iOS restricts third-party apps for this feature to passwords only.
Advanced functions
Established password managers are not limited to storing passwords and other data and inserting them into forms as needed. They often offer features beyond that, such as generating secure passwords or integrating with non-web applications.
Like Edge, the Authenticator app also includes a password generator. In addition, the browser can check passwords against lists of compromised passwords to verify the security of the chosen passwords.
Edge offers a password generator and can check passwords for security
No corporate accounts
Currently, the Authenticator app only supports the use of a Microsoft account; corporate and school accounts are not allowed. If such accounts are linked to the app, companies can block password syncing across the board using this form. This is to prevent work-related passwords from being synced across users' private Microsoft accounts. In addition, you can use the Disable synchronization of data using Microsoft sync services group policy to disable the transfer of passwords in Edge.
Group policy to disable synchronization in Edge
Conclusion
The combination of Microsoft Edge and the Authenticator app offers the features of a simple password manager. Synchronization requires a Microsoft account, which can disqualify the solution in a corporate context.
Compared to more sophisticated password managers, this combo lacks some features. These include, above all, broad support for web browsers and other applications. Import options from other applications are also limited.
Subscribe to 4sysops newsletter!
If you do not mind this and use Edge as your default browser, you will get a very easy-to-use solution for password management. Chrome users will have to install an additional extension. For all those who use Firefox as their preferred browser, the Authenticator is unfortunately not currently an option as a password manager.
I tend to be uncomfortable about storing passwords in the browser – is this not a somewhat risky strategy?