Microsoft has extended the Authenticator app to store passwords and other data for web-based forms, such as credit card numbers. In combination with the Edge browser or Chrome plus an extension and a Microsoft account, the Authenticator can be used as a password manager.

The actual function of the Authenticator app, which Microsoft offers for iOS and Android, is to generate one-time passwords (OTP) for multifactor authentication (MFA). Since not all web applications support MFA, it makes sense to support authentication using the username and password in the app.

Protected by the Microsoft account ^

Like password managers in general, the Authenticator app increases security by encouraging the use of long, complex passwords. The user no longer has to remember them by heart, as the tool automatically inserts them into the right context.

Common password managers secure stored passwords with a master password. The combination of the Authenticator app and the Edge browser, on the other hand, is tied to a Microsoft account; hence, access is protected by the logon options provided for it.

On mobile devices, access to the app requires authentication using biometrics, such as FaceID or fingerprints.

App for mobile devices, Edge for desktop ^

While popular password managers like KeePass have implementations for all major operating systems, Microsoft offers the Authenticator app only for Android and iOS. On Windows, the Edge browser, with its built-in password manager, fills this gap.

There, you have to activate the synchronization of passwords in the browser's settings under Profiles > Sync, which requires logging on with a Microsoft account.

Configure synchronization of passwords and other browser data in Edge

Configure synchronization of passwords and other browser data in Edge

Alternatively, you can use Google Chrome with Autofill-Extension installed for this purpose.

The Autofill extension synchronizes passwords with the Authenticator app among other things

The Autofill extension synchronizes passwords with the Authenticator app among other things

Other browsers, such as Firefox, can only be included in the synchronization by transferring passwords from there to Edge. Additionally, Microsoft supports import in CSV format.

The synchronization of passwords from Firefox requires an intermediate step for example importing them to Edge

The synchronization of passwords from Firefox requires an intermediate step for example importing them to Edge

On a mobile device, synchronization must also be activated in the Authenticator app on the Passwords tab. This will synchronize the data immediately. You can then view the transferred name/password pairs for the respective websites.

After starting the sync the app tells you that you have to allow it to fill in web forms

After starting the sync the app tells you that you have to allow it to fill in web forms

Additionally, you have to configure the device to accept the Authenticator app as an application for filling out web forms. On iOS, you can find this option in the settings under Passwords > AutoFill.

The Microsoft Authenticator must be given permission to autofill passwords

The Microsoft Authenticator must be given permission to autofill passwords

In the Android version, the app is able to insert other data, such as credit card information, into web forms, in addition to passwords. iOS restricts third-party apps for this feature to passwords only.

Advanced functions ^

Established password managers are not limited to storing passwords and other data and inserting them into forms as needed. They often offer features beyond that, such as generating secure passwords or integrating with non-web applications.

Like Edge, the Authenticator app also includes a password generator. In addition, the browser can check passwords against lists of compromised passwords to verify the security of the chosen passwords.

Edge offers a password generator and can check passwords for security

Edge offers a password generator and can check passwords for security

No corporate accounts ^

Currently, the Authenticator app only supports the use of a Microsoft account; corporate and school accounts are not allowed. If such accounts are linked to the app, companies can block password syncing across the board using this form. This is to prevent work-related passwords from being synced across users' private Microsoft accounts. In addition, you can use the Disable synchronization of data using Microsoft sync services group policy to disable the transfer of passwords in Edge.

Group policy to disable synchronization in Edge

Group policy to disable synchronization in Edge

Conclusion ^

The combination of Microsoft Edge and the Authenticator app offers the features of a simple password manager. Synchronization requires a Microsoft account, which can disqualify the solution in a corporate context.

Compared to more sophisticated password managers, this combo lacks some features. These include, above all, broad support for web browsers and other applications. Import options from other applications are also limited.

Subscribe to 4sysops newsletter!

If you do not mind this and use Edge as your default browser, you will get a very easy-to-use solution for password management. Chrome users will have to install an additional extension. For all those who use Firefox as their preferred browser, the Authenticator is unfortunately not currently an option as a password manager.

avatar
1 Comment
  1. Padraig 10 months ago

    I tend to be uncomfortable about storing passwords in the browser – is this not a somewhat risky strategy?

Leave a reply

Your email address will not be published.

*

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account