Microsoft's primary password management solution is integrated into the Edge browser, allowing users to store and manage credentials across devices. Microsoft also offers a built-in password manager for Windows, primarily used for managing credentials for apps and services such as Skype or OneDrive. While Microsoft doesn't provide a standalone password manager, it has another option for password management—its authentication app, Microsoft Authenticator. 

In this review, we'll explain what Microsoft Authenticator is and how you can use it as a Microsoft password manager. If you want to protect your financial information, you'll also learn about virtual cards and how they can boost security during online transactions.

Disclaimer: The information in this article is accurate as of August 2024. Microsoft Authenticator's features may change after the publication of this article.

What Is Microsoft Authenticator?

Microsoft Authenticator is an app that allows individuals to use a PIN code, fingerprint, or facial recognition as part of their account access security. The app can be implemented in three key ways^[1]:

1. As a backup if a user forgets their password, allowing identity verification
2. As part of two-factor or multi-factor authentication (MFA), where a one-time code is required for each sign-in to enhance account security
3. As a passwordless solution, where individuals can sign in by approving the login request on their phone 
   ‍

Besides being available to individual users, Microsoft Authenticator can also be deployed in organizations. The tool offers controls that allow administrators to manage features, enable or disable functionalities, and exclude specific groups from certain features. It also has protections against accidental login approvals and MFA attacks, and it allows users to leverage location and contextual data for increased security^[2]. 

Microsoft Authenticator is available as a free app for iOS and Android devices^[3]. 

Password Management Features in Microsoft Authenticator

Individuals who use Microsoft Authenticator as a password manager also benefit from several features, including:

How To Use Microsoft Authenticator as a Password Manager

To use Microsoft Authenticator as a password management tool, users should first enable the Autofill feature in the app. They can do so by logging into the Authenticator app with their Microsoft account. The next step is to set Microsoft Authenticator as the default autofill option, which they can do from the app's Settings menu^[5]. 

To add passwords from other password managers, users should^[7]:

1. Export passwords from the current password manager, browser, or service such as Apple iCloud
2. Import the passwords into Microsoft Authenticator by selecting the import option within the app and following the on-screen steps
   ‍

Microsoft Authenticator can also sync passwords with Edge and Chrome using Microsoft Autofill. If using Edge, the feature is already available to users who sign in to the browser using their Microsoft Account.

On Chrome, users should install the Microsoft Autofill extension from the Chrome Web Store, sign in with their Microsoft account, and sync passwords across devices.

Alternatives to Microsoft Authenticator Password Management

Microsoft Authenticator offers a practical password management solution for users who want to manage their passwords and 2FA in one app. Those who want a broader scope of features and support for more platforms or browsers can also try the following standalone password managers with built-in 2FA support: 

1. 1Password
2. LastPass
3. Bitwarden
4. Keeper
5. NordPass
6. RoboForm

1Password

1Password is compatible with multiple platforms, including Windows, macOS, iOS, Android, and Linux. It provides end-to-end encryption, secure password sharing, and a built-in password generator. The software also offers cross-device synchronization, making it suitable for managing credentials across various devices.

LastPass

LastPass is available on Windows, macOS, iOS, and Android, as well as through browser extensions for Chrome, Firefox, Edge, Opera, and Safari. It includes a password generator, secure file storage, and supports multi-factor authentication. It also provides dark web monitoring and seamless synchronization across devices.

Bitwarden

Bitwarden is compatible with Windows, macOS, Linux, iOS, and Android and offers browser extensions for all major browsers. This open-source password manager features a zero-knowledge encryption model, two-step authentication, password autofill, and a self-hosting option for advanced users.

Keeper

Keeper works on Windows, macOS, iOS, Android, and Linux, and offers browser extensions for Chrome, Firefox, Edge, Opera, Brave, and Safari. It includes features like password generation, secure file storage, and biometric login using Windows Hello. Keeper also provides breach monitoring and one-time sharing of sensitive documents

NordPass

NordPass is compatible with Windows, macOS, Linux, Android, and Chromebooks (standalone extension only). It also offers browser extensions for Chrome, Firefox, Opera, Edge, and Safari.

The service uses a newer encryption standard, XChaCha20, alongside a zero-knowledge model to secure user data. It offers a password health checker, data breach scanner, password import and export, and limited offline access. 

RoboForm

RoboForm supports Windows, macOS, Linux, Android, iOS, and Chrome OS. It offers extensions for Chrome, Safari, Edge, IE, Brave, Opera, and Firefox. The service employs AES-256 encryption and a zero-knowledge security model. Key features include autofill, a password generator, and secure sharing. 

Are Password Managers Secure Enough?

Password managers offer a seamless way to manage multiple login credentials, simplifying the process of maintaining unique passwords for each account. Even though these tools help secure your credentials, passwords are not the only sensitive information at risk when transacting online. Financial data, such as your bank account and payment card details, are common targets for cybercriminals.

Once you share your payment details with a merchant during an online purchase, the security of that information depends on the merchant's security practices. If the servers where the vendor stores data are compromised, hackers might gain access to your payment information. 

To protect your financial information from potential breaches, consider using virtual cards for online transactions. Virtual cards consist of random card numbers you can use when shopping online, protecting your actual payment details from those who would try to steal them. For robust security features and advanced customization options, opt for an independent virtual card provider like Privacy.

Privacy—Secure Online Transactions

As a PCI-DSS-compliant company, Privacy employs stringent security measures similar to those of your bank to ensure your financial information is safe. For instance, Privacy undergoes regular external audits to ensure it meets high standards for data protection. It also uses AES-256 encryption to secure your information, which means that even if a hacker manages to access the data, they can't read it.

To further safeguard your account, Privacy offers the following features:

• Transaction alerts—You receive real-time notifications every time your Privacy Virtual Card is used or declined, allowing you to monitor your transactions closely and respond quickly to any unusual activity.
• Two-factor authentication (2FA)—Privacy allows you to set up a second step for authentication when signing into your account, ensuring that only you can access your account.
• Fraud investigation—Privacy provides comprehensive fraud protection, including investigating disputed transactions and filing chargebacks against vendors if necessary, helping to keep your funds secure.

Privacy Card Types and Features

When you connect your bank account or debit card to Privacy, it will allow you to generate three types of virtual cards:

Privacy also offers spending control features to help you manage your virtual cards further:

• Pause or close cards—You can pause or close your virtual cards at any time, and Privacy will block future transactions on that card. This feature can protect you from accidental charges, such as those that might occur when unsubscribing from services like DropBox, People magazine, Hulu, and Shopify.
• Set spending limits—You can set spending limits on your virtual cards, and Privacy will automatically decline transactions that exceed the set amount. This feature protects against unauthorized charges, unexpected price increases, or hidden fees.

Additional Convenience Features

Privacy provides several convenience features designed to streamline your online shopping and card management experience. For 1Password users, Privacy offers integration that allows you to manage your virtual cards directly within the 1Password browser extension. This integration brings all your essential tools together, making it easier to access and use your virtual cards and other important information.

The Privacy Browser Extension, available for Chrome, Edge, Firefox, and Safari (including Safari for iOS), enhances your shopping experience by automatically filling in your virtual card details at checkout. With the Privacy App, available for iOS and Android, you can create new cards, adjust spending limits, and monitor transactions on the go.

Privacy's Shared Cards feature allows you to share your virtual cards with others without revealing your actual financial information. You can leverage this feature to gift family members while maintaining control over card usage. You can also combine this feature with Category Cards and give your children allowances within preset categories.

You can also create notes on your cards, improving organization and making it easier to manage multiple cards.

How To Get a Privacy Card

To start using Privacy, follow four steps:

1. Register
2. Verify your identity
3. Link your bank account or debit card to fund your Privacy Virtual Cards
4. Request and create your first Privacy Card
   ‍

Privacy offers four monthly plans:

References

^[1] Microsoft. https://support.microsoft.com/en-us/account-billing/about-microsoft-authenticator-9783c865-0308-42fb-a519-8cf666fe0acc, Sourced August 20, 2024.

^[2] Microsoft. https://techcommunity.microsoft.com/t5/microsoft-entra-blog/advanced-microsoft-authenticator-security-features-are-now/ba-p/2365673, Sourced August 20, 2024.

^[3] Microsoft. https://support.microsoft.com/en-us/account-billing/download-microsoft-authenticator-351498fc-850a-45da-b7b6-27e523b8702a, Sourced August 20, 2024.

^[4] Microsoft. https://techcommunity.microsoft.com/t5/microsoft-entra-blog/generate-strong-passwords-with-microsoft-authenticator/ba-p/3299050, Sourced August 20, 2024.

^[5] Microsoft. https://support.microsoft.com/en-us/account-billing/microsoft-authenticator-faqs-12d283d1-bcef-4875-9ae5-ac360e2945dd, Sourced August 20, 2024.

^[6] Microsoft. https://techcommunity.microsoft.com/t5/microsoft-entra-blog/autofill-your-addresses-and-payment-info-with-microsoft/ba-p/2464379, Sourced August 20, 2024

^[7] Microsoft. https://support.microsoft.com/en-us/account-billing/import-passwords-into-the-microsoft-authenticator-app-a167573a-fb3b-4248-91ea-ca9a814f4853, Sourced August 20, 2024.

^[8] Microsoft. https://support.microsoft.com/en-us/account-billing/back-up-account-credentials-in-microsoft-authenticator-bb939936-7a8d-4e88-bc43-49bc1a700a40, Sourced August 20, 2024.

^[9] Microsoft. https://support.microsoft.com/en-us/account-billing/restore-account-credentials-from-microsoft-authenticator-ce53096e-1e1c-4840-9e32-1618bc33cd43, Sourced August 20, 2024.