Latest news with #passwordmanager
Fox News
5 days ago
- Fox News
Microsoft Authenticator is deleting your passwords
If you use Microsoft Authenticator to store your login information, it's time to take action. This month, Microsoft began deleting stored payment methods from the app, and as of Aug. 1, 2025, stored passwords are no longer accessible within Authenticator. While the app will still support two-factor authentication (2FA) and passkeys, its days as a password manager are officially over. But don't panic, your data can be saved, and your options are better than ever. Let's walk through what's changing, where your data went and how to keep your credentials safe. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Microsoft is moving toward a password-less future. As part of that shift, it no longer wants the Authenticator app to handle passwords or payment methods. In early July, Microsoft began moving stored passwords and addresses to your Microsoft account and the Edge browser. That data is safe, for now. However, any payment information stored in the app was permanently deleted on Aug. 1. This decision simplifies the app's focus: 2FA codes and passkeys only. Everything else is being rolled into other Microsoft tools. If you previously saved passwords in Microsoft Authenticator, they've now been migrated to your Microsoft account and the Microsoft Edge browser. You can still access and autofill them on your mobile device, but the setup varies depending on your phone. Here's how to enable Edge for password autofill: Note: Not all users will see Edge listed as an autofill provider. This depends on whether the version of Edge installed on your iPhone supports password autofill registration. If Edge isn't available, you can continue using Apple's new Passwords app, or switch to a dedicated password manager that fully supports iOS autofill. Settings may vary depending on your Android phone's manufacturer If Edge is installed and properly registered as an autofill service, it will show up as an option and support autofill for saved credentials. If Edge does not appear, it means either your version doesn't support autofill registration or your device manufacturer has customized settings in a nonstandard way. In such cases, use a dedicated password manager, which is well-supported on Android. Prefer something other than Edge? Don't worry if you missed the Aug. 1 deadline. You may still be able to export your credentials if they were migrated to your Microsoft account or Edge. Follow these steps: That's it. Your passwords are now securely stored in your new app. Important: Microsoft recommends that if you switch to another autofill provider, you explicitly disable Authenticator as the autofill provider in your device settings. Conversely, if you use Passkeys, ensure Authenticator remains enabled as your Passkey Provider to avoid accidentally disabling those credentials. No, don't delete it just yet. Microsoft Authenticator still plays a crucial role in your digital security. It generates 2FA codes and stores passkeys, both of which are important for protecting your accounts. However, if you're switching to another app, you'll need to manually unlink Microsoft Authenticator from each account and set up a new method. Unfortunately, Microsoft doesn't allow exporting 2FA tokens to another app, so you'll have to go one account at a time. Choosing the right password manager can make or break your online security. Here's what to prioritize: Want expert recommendations? See our top-rated password managers of 2025 based on security, features, and ease of use at If you've been using Microsoft Authenticator as an all-in-one security app, it's time to update your strategy. Now that the Aug. 1 cutoff has passed, you should: Taking 15 minutes now can save you hours and possibly avoid a security nightmare later. Microsoft's move may feel abrupt, but it's part of a broader trend toward password-less security. While it's sad to see the app's all-in-one functionality go, there are plenty of excellent alternatives ready to fill the gap. With just a few steps, you can protect your data and set yourself up with a more secure, future-proof system. So what's your next move? Let us know what you're switching to and why by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Android Authority
5 days ago
- Android Authority
If you use a password manager app, you probably aren't using it right
Andy Walker / Android Authority Password managers have their purpose set in their names: to manage passwords. Right? Wrong — they're meant to do so much more. I used to be in the same boat as many of you probably are, using password managers exclusively for generating and storing strong passwords. Then one day, my life took a wonderful turn: I started using my password manager for more than just passwords. It may sound silly at first, but it's made my life so much better and more convenient. Here's how. Do you use a password manager? 0 votes Yes, for everything NaN % Yes, but only for passwords NaN % I want to NaN % Nope, just one password for everything NaN % What's more confidential than passwords? Calvin Wankhede / Android Authority Nothing, actually. Passwords are the key to literally all your accounts — and the data that sits inside them. Think of your Google account that has decades' worth of family photos and private moments. Or your work account; if it got compromised, it could affect your entire team or your client's project, not just you. All that trouble from just the leak of a 20-character phrase. If your passwords already have such tight security, why not use the same system to safeguard your personal files too? That's why password managers are designed to offer ironclad safety against breaches — if you set them up properly in the first place. That means you have a separate master password that is stored only in your mind, not on a Post-it note lying in your desk's first drawer. And ideally, it's locked behind a physical 2FA key for added security. But here's something to think about. If your passwords already have such tight security, why not use the same system to safeguard your personal files too? Why I started using my password manager for everything else Karandeep Singh / Android Authority I knew I needed a space to store my sensitive files back in the day. At the time, I used to subscribe to Microsoft 365, and one little perk of that subscription was a OneDrive feature called Personal Vault. It's essentially a space within your OneDrive storage with enhanced security using a fingerprint or an OTP — perfect for storing the kind of sensitive files. But it wasn't something I could justify keeping a Microsoft subscription for alone. When I decided to cancel the subscription, I went looking for a replacement for that vault. In search of a worthy alternative, I researched countless secure storage options to no avail. Then an epiphany struck. I noticed that Enpass (my password manager of choice) had many options beyond just storing passwords, and that was it. I had my calling. I was already using Enpass to store my credit cards and quickly punch them in without having to dig up my wallet each time I wanted to make a payment. So, I wasn't using the app only for passwords in the first place, which opened up doors to a lot more that I could do with just that single app, especially considering the way Enpass works. Enpass has a unique way of handling your data. Most mainstream password managers store your passwords on their own servers and limit the available space to about 1GB. Enpass, on the other hand, allows you to choose your preferred cloud storage to store your vault. That means you get virtually unlimited storage, capped only by your cloud plan. My Google One 100GB plan is sufficient for all my media in Google Photos and my document archive in Enpass. When you click the plus button to add a new item, a list of items that can be stored in it appears. The silly me had, for the longest time, ignored most of them. While credit cards were always there, I now use Enpass to store literally every single document I call important. For example, the Enpass entry for my driving license has its high-res front and back images, along with the license number saved in text, which I can quickly copy while filling out online forms. From my school and college degrees to all my identity cards, I have it all saved in Enpass. Each of them gets its own item, so the one for my driving license has a front and back image, properly scanned in the highest resolution and best lighting using Office Lens, along with the license number saved in text, which I can quickly copy while filling out online forms. The same applies to my tax and insurance documents; they are updated in Enpass each year as soon as I pay my bills. And the same goes for my Indian equivalent of social security numbers, other IDs, and my vehicle details. Everything in one place — and more importantly, securely saved. A safe haven for all your important files Karandeep Singh / Android Authority It may seem like I invested a lot of time and effort into putting this all together, and I actually did. It took me years of patience and sticking to the same workflow to make it work the way it does today. But I must admit that I am a lazy person. I will find ways to be lazy and won't let go of any chance I get to be one. So, if I'm filling out an online form, I don't have to get up from my chair, open my overflowing wardrobe, and find that one dusty file with all my documents from one of the drawers. The only real effort goes into clicking the mouse and tapping the keyboard a few times to open Enpass and search for a document in the archive. I just copy whatever I need or download an image to upload wherever required. If someone randomly asks me for a document while I'm not at my place, I can pull it from Enpass and take a print literally anywhere. And if someone randomly asks me for a document, which originally sits in such a safe place at my home that even I don't remember it, I can pull it from Enpass and take a print without hassle. Truly a rockstar kinda feel, I tell ya! The best part is that you can do all this with basically any password manager, not just Enpass. Just fire up your favorite manager and see for yourself what you've been missing. And if you already use your password manager for much more, I'm all ears to find more use cases out of my super secure app. Follow
CNET
01-08-2025
- CNET
Yes, You Can Bundle Other Cybersecurity Services With Some VPNs. But Is It a Good Idea?
If all you're using to protect your digital privacy and security is a VPN and your own vigilance, you're still leaving yourself vulnerable to various online threats like phishing, malware, identity theft and ransomware. To fully protect yourself, you need to start putting together an arsenal of privacy and security tools. Using a trustworthy VPN is a great start because a VPN can boost your online privacy by encrypting your internet traffic and masking your true IP address. But a VPN is only one piece of the puzzle. A VPN can't stop you from entering your personal information into a phishing site, protect your device if you mistakenly download malware or keep track of your online login credentials. Similarly, antivirus won't save you from the perils of weak, easily cracked passwords. For thorough protection, you'll need several services, like a password manager, antivirus software, cloud storage, secure email and identity protection. In the past, you'd have to get each service individually from separate providers. Although that segmented approach is still valid, a handful of VPN companies have made things a bit easier by bundling various privacy and security services under one umbrella. The convenience of bundling is undeniable, but what about potential pitfalls? Is it really cheaper to bundle all of your privacy and security tools? Is it safer to take a diversified approach rather than sharing more of your data with a single entity? Do you trust your VPN provider to deliver a top-notch antivirus software, password manager, cloud storage or email client, or is it better to choose an established dedicated provider of these additional services? That's something you'll ultimately need to decide on your own, but I'm here to help you make an informed decision, based on more than a decade testing and reviewing services like VPNs and password managers. Here's everything you need to know about bundled VPN subscriptions and whether it's the right path for you to take. What services can you bundle with your VPN? Each VPN approaches bundling differently and not every VPN that offers bundled services offers the same suite of tools. With some VPN companies, you can only access the additional services when you bundle them with the VPN. Others offer a bit more flexibility, allowing you to get each service on its own. If you choose to bundle, the provider you go with will largely depend on the specific services you need. Generally, you can expect VPN bundles to include some combination of the services I've highlighted below. Password managers With a password manager, all you need to do is remember a single password, and the password manager takes care of the rest -- suggesting strong passwords and keeping track of all of your login credentials for each individual online account. This frees you up to create strong, unique passwords for all of your accounts, and helps minimize your risk of falling victim to brute force and credential-stuffing attacks. Antivirus If your computer is infected with malware, a malicious actor could potentially spy on your activity, gain control of your device or steal your sensitive personal data. A good antivirus program stays up to date with the latest threats, continuously scanning for malware, detecting it and blocking it from infecting your device. If malware is detected on your computer, the antivirus software can remove it. Encrypted cloud storage With cloud storage, you can access your files securely from anywhere, without needing to carry around a physical external hard drive. Some VPN providers offer encrypted cloud storage options that let you store your files securely with end-to-end encryption, ensuring that no one else (not even the cloud storage provider) can access your vault. Secure cloud storage services encrypt your files in traffic and at rest -- meaning that your files are protected while they're being transferred as well as when they're stored on servers located in physically secured data centers. Email Traditional email is notoriously one of the least secure methods of digital communication, in large part because it wasn't built with privacy in mind. Although your email messages are encrypted in transit, once they land in your recipient's inbox, they're not encrypted at rest, which means they could be scanned for targeted advertising purposes. Secure email providers like Proton Mail use end-to-end encryption to secure your email messages to ensure only you can view the content of your emails. You can even send password-protected email messages to a recipient who isn't using a secure email provider. Identity protection Identity protection services typically include features like data removal, dark web monitoring, identity theft insurance, SSN monitoring, credit monitoring and credit reports. Many of these services can be accessed individually (and some at no cost), but if you don't already have access to them through your bank or elsewhere, having a suite of identity protection tools in one place can be convenient in addition to offering you greater peace of mind. NordVPN offers several subscription options with access to various bundled privacy and security services. NordVPN/Screenshot by CNET Why you might want to bundle other services with your VPN If you're serious about staying private and secure online, then you'll need more than just a single tool. At the very least, you should have a VPN, password manager and antivirus, but the more tools you have working to keep you safe online the better the protection. Bundling multiple services offered by your VPN provider may make sense for you for a number of reasons. Convenience Perhaps the most compelling reason to bundle additional privacy and security services with your VPN is convenience. Having all the tools you need managed by a single provider means that you only need to keep track of a single login and a single subscription charge that renews at the same interval. No need to juggle five different logins and five different subscriptions that renew at different times throughout the year. You'll also benefit from a consistent user experience across services in the same ecosystem. And limiting your contact to a single customer support unit is far more convenient than having your conversations scattered across various individual providers. NordVPN is one of the companies offering cybersecurity bundles, including combinations of VPN, anti-malware, ad blocker, password manager, cloud storage and identity protection at varying prices. NordVPN told me via email that bundling 'enhances overall protection, simplifies account and subscription management, and is often more cost-effective than purchasing each service separately. This all-in-one approach helps people to ensure they have the essential tools to stay safe online without the hassle of managing multiple providers.' Easy access to additional privacy and security tools Bundling offers a streamlined approach to managing your online privacy and security, especially if you're a beginner just starting to build your digital privacy toolbox. At the same time, it may make you more inclined to use additional tools that you wouldn't have otherwise used to protect yourself online. Bundled services may even introduce you to additional privacy and security tools you may not have been familiar with. UK-based privacy advocacy group, Privacy International, is optimistic about how bundled services can foster greater awareness in available privacy tools and bring them more into the mainstream. "We're excited by the increased interest in privacy and security tools and services. People want stronger protections for their data and these companies are helping to make tools accessible to more people,' Privacy International's Press team told me via email. 'A customer interested in VPNs will now be able to learn about the benefits of other tools like a password manager. Security is hard, however, and these firms have to prove to users that they're living up to their promises." Potential cost savings The overall cost of comprehensive online privacy and security is another important consideration. Although the combination of available services is vast -- giving you nearly limitless options to choose individual services from different companies and minimize your spending -- you still may be able to save money by bundling. Even if a bundled subscription is slightly more expensive than an á la carte combination you cobbled together, consider whether paying a little more for the convenience factor of staying in a single ecosystem makes sense for you. 'We firmly believe users want ecosystems, not products,' Proton VPN's general manager David Peterson told CNET. 'They want the ease of use that ecosystems provide and don't want to have to rely on multiple products and companies.' Why you may want to go á la carte On the other side of the coin, there are several reasons why bundling may not be the optimal solution for you. Sometimes going with individual providers could make more sense depending on your needs and specific situation. Potential cost savings While bundling may save you money, going á la carte with your privacy and security subscriptions isn't necessarily more expensive. It all comes down to your needs and how much looking around you're willing to do. With a little digging, you may be able to uncover quality individual services that add up to a cheaper price than a VPN bundle. However, going this route will take a bit more time and energy than just bundling with a single provider. CNET's coverage of VPNs, password managers, antivirus and identity theft protection software can get you a head start if you're the value-hunting type. Is it safe to put all of your privacy and security eggs in one basket? Another thing to consider is whether you're comfortable with trusting a single entity to manage your entire privacy and security service portfolio under one roof. Is it safe to store that much data with one company? The company might sell your data, suffer a data breach, go under or be sold to a new owner. At that point, the fate of your data could become uncertain. It's often safer to diversify rather than keep all of your eggs in one basket. Proton's Peterson acknowledges that this is an issue, but maintains that services that respect privacy can be a strong alternative for privacy-minded folks fed up with Big Tech. 'Google or Apple's offerings are so compelling because they provide ecosystems that allow users to operate online through one platform,' Peterson said. 'But this broad scope also allows these companies to collect data on every aspect of their private lives. We need alternatives that respect privacy and allow users to operate online without their data being harvested.' Thorin Klosowski, security and privacy activist at the Electronic Frontier Foundation, encourages consumers to be especially mindful of proper security hygiene when bundling multiple services under one roof. 'Having so many critical services -- specifically a password manager, email, and cloud backup -- behind one login is easier, but also means you should take the time to consider any potential risks to you personally if someone gained access to that login, and you should be comfortable with making a strong password and using two-factor authentication for that account,' Klosowski told me. Do you trust the quality of your VPN company's other services? Another thing to keep in mind is that there's no shortage of dedicated antivirus, password manager, secure email, ID protection and secure cloud storage companies that have long been firmly established in the industry. Do you trust the antivirus or password manager solution that your VPN provider just cooked up? Could these companies be spreading themselves too thin, potentially leaving themselves vulnerable to dangerous oversights that could weaken one or more of their services? Are they allocating sufficient resources to all of their products? Klosowski agrees that this could be an issue with certain companies. 'Make sure you trust that company's privacy and security practices on all fronts -- not just one part, like its VPN offering or password manager -- before you sign up,' Klosowski said. 'If they drop the ball on any of those promises in the future, even to just one of the bundled services, it may subtly undermine the others, but at that point it might be tough to take your business elsewhere.' The VPN companies I spoke with all pointed to their established privacy and security track records to alleviate misgivings people may have. 'For users wary of choosing a bundled solution from a VPN company over long-established, specialized providers, NordVPN emphasizes the quality, transparency, and independence of each service within its ecosystem,' NordVPN said. 'Products like NordPass and NordLocker are built by dedicated teams under the Nord Security umbrella, with a strong focus on advanced security standards, usability, and independent audits, similar to leading standalone solutions.' 'Some bundled VPNs might compromise on quality and features just to tick a box,' Proton's Peterson said. 'However, each Proton product offers a viable standalone alternative, with its own roadmap, that can respond to a specific user need on its own.' Shay Peretz, ExpressVPN's chief information officer, told CNET via email, 'Our privacy-first approach is fundamental to everything we do at ExpressVPN. This philosophy doesn't change as we expand our services -- in fact, it becomes even more critical. Each new feature adheres to our rigorous security standards and commitment to user privacy that have defined our VPN service. Additionally, regular independent audits verify our privacy claims and ensure we maintain the trust our users place in us.' Your VPN's bundles might not check all the boxes you need But even if you fully trust your VPN company, it may not offer all of the services you want to use -- in which case, you'll need to purchase separate services anyway. Additionally, if you already have additional services you're happy with, then there might not be a compelling reason to switch to a VPN bundle. Luckily, most VPN companies that have bundled plans offer basic 'VPN-only' tiers that are available for much cheaper. Conversely, some VPN companies have pricing structures that offer far less flexibility than others, which might lead you to pay for services you don't even want or need. Final thoughts Bundling additional services with your VPN is a convenient and potentially budget-friendly way to go, especially if you're a beginner just starting to put together your online privacy and security toolbox. Bundling may be the right solution for you if you want the convenience and consistency that come with dealing with a single provider. On the other hand, you can also easily put together your own custom package based on your needs -- which can even be cheaper than bundling if price is a primary concern for you. Going á la carte may be the right solution for you if you want more granular control over your privacy and security toolbox or if you don't want to risk putting all of your eggs in one basket. Either way, it's imperative that you do your research to ensure the providers you choose are trustworthy, transparent about what they do and are properly equipped to maintain the services they offer -- because not all companies are. But if you're leveraging the right tools and taking steps to protect yourself online, you're already on the right path.
Forbes
01-08-2025
- Forbes
Google's Chrome Update—Do Not Use This On Your Smartphone
Sometimes better is still not good enough. And so it is with the latest Chrome update to be confirmed by Google. This fixes a glaring security vulnerability, but it's still not recommended. With the mobile threat landscape worsening, here's what you should do. The 'much-needed fix' spotted by Android Authority adds 'biometric authentication before autofilling passwords.' This is already available in apps but not websites. That now changes, 'finally preventing password autofill without user verification.' But the inherent problem with Google's Password Manager is that it's built into its Chrome browser. And whatever password manager you use — and you should use one, it shouldn't be built into any browser, whether Chrome, Edge or something else. If you are using Google's Chrome password manager, TechRadar says 'you should reconsider.' Despite its convenience, 'there are significant downsides you can't ignore.' Above all, it takes a convenience-first rather than a security-first approach. This also means less extensive protections against autofill attacks in general. As I reported last month, the Freedom of the Press Foundation, PC Mag and Android Police all advocate using something else. 'Google has made it easier to move away from its password manager with a new 'Delete all data' option in the settings.' You should do that and move to a password manager fire-gapped from your browser. Per TechRepublic, 'today's online landscape is fraught with many cyber threats, and only a dedicated password manager can offer advanced features like zero-knowledge encryption, cross-platform compatibility, travel mode, and secure password sharing.' Android Authority explains the new update 'prevents thieves who steal your phone from signing into accounts that aren't already logged in. Unfortunately, Google Chrome on Android currently autofills passwords without any form of authentication.' And so, if you are sticking with Google's Password Manager, you should enable this when it releases. But if you want to better protect your passwords and accounts, take this opportunity to select a blue-chip password manager and move to that instead.
CNET
31-07-2025
- CNET
Your Microsoft Passwords Will Vanish in a Few Hours. What to Do Right Now
It's time to say so long to the Microsoft Authenticator app as we know it. As of this Friday, Aug. 1, the app will no longer save or manage passwords, use two-factor authentication or auto-fill. And it won't be your go-to password manager anymore, either. Instead of passwords, Microsoft is moving to passkeys -- such as PINs, fingerprint scans, facial recognition or a pattern on your device's lock screen. Using passkeys is a safer alternative to the risky password habits 49% of US adults use, according to CNET's password survey. However, Attila Tomaschek, a CNET software senior writer and digital security expert, prefers Microsoft's new login over password habits that can risk your data being stolen. There's not much time to learn about passkeys or password manager, but we're here to help. Here's what you need to know to get started. Microsoft Authenticator will stop supporting passwords on Aug. 1 Microsoft Authenticator houses your passwords and lets you sign into all your Microsoft accounts using a PIN, facial recognition like Windows Hello or other biometric data like a fingerprint. Authenticator can be used in other ways, such as verifying you're logging in if you forgot your password, or using two-factor authentication as an extra layer of security for your accounts. In June, the company stopped letting users add passwords to Authenticator. As of this month, you won't be able to use the autofill password function. And starting Aug. 1, you'll no longer be able to use saved passwords. If you still want to use passwords instead of passkeys, you can store them in Microsoft Edge. However, CNET experts recommend adopting passkeys during this transition. "Passkeys use public key cryptography to authenticate users, rather than relying on users themselves creating their own (often weak or reused) passwords to access their online accounts," Tomaschek said. Why passkeys are a better alternative to passwords So what exactly is a passkey? It's a credential created by the Fast Identity Online Alliance that uses biometric data or a PIN to verify your identity and access your account. Think about using your fingerprint or Face ID to log into your account. That's generally safer than using a password that is easy to guess or susceptible to a phishing attack. "Passwords can be cracked, whereas passkeys need both the public and the locally stored private key to authenticate users, which can help mitigate risks like falling victim to phishing and brute-force or credential-stuffing attacks," said Tomaschek. Passkeys aren't stored on servers like passwords. Instead, they're stored only on your personal device. More conveniently, this takes the guesswork out of remembering your passwords and the need for a password manager. How to set up a passkey in Microsoft Authenticator Microsoft said in a May 1 blog post that it will automatically detect the best passkey to set up and make that your default sign-in option. "If you have a password and 'one-time code' set up on your account, we'll prompt you to sign in with your one-time code instead of your password. After you're signed in, you'll be prompted to enroll a passkey. Then the next time you sign in, you'll be prompted to sign in with your passkey," according to the blog post. To set up a new passkey, open your Authenticator app on your phone. Tap on your account and select "Set up a passkey." You'll be prompted to log in with your existing credentials. After you're logged in, you can set up the passkey. Other password manager alternatives Since Microsoft will get rid of all of your passwords in two weeks, you'll need a new place to store your passwords safely. Tomaschek has a few of the best password manager recommendations after testing and reviewing several. The top recommendation is Bitwarden for its transparency. It's open-source and audited annually. From a price perspective, the free plan lets you store infinite passwords across unlimited devices. The free plan also includes features most password managers would charge for, including password sharing and a username and password generator. Bitwarden's upgraded plans have other upgraded features that could be worth the cost, too. Personally, Tomaschek has been using 1Password for a while, and he likes the interface and family plan. Even though it's second on the list, Tomaschek says it's just as good as Bitwarden.
