Microsoft gives users 72 hours to delete all their passwords.
Microsoft is urging users to remove passwords from the Authenticator app and replace them with Passkeys within 72 hours.
Ending the "Password Era": A Call from Microsoft
Microsoft has declared that "the era of passwords is ending" and recommended that billions of users remove their passwords due to the increasing number of account attacks. To make this change a reality, Microsoft is giving users a 72-hour deadline to take action.

Essentially, Microsoft's decision to require users to delete any passwords stored in the Authenticator app is a step to combat phishing. Users "can continue to access them" using Microsoft Edge, a secure and user-friendly web browser powered by AI.
Switch to Passkeys: The necessary action right now.
Passkey, a form of anti-phishing authentication, will be maintained within Authenticator, replacing traditional passwords. Users need to ensure Authenticator remains the Passkey provider to avoid disabling this feature.

Microsoft warns that even with a passkey, accounts are still at risk of being compromised if the password remains. The company's goal is to eliminate passwords entirely, relying only on phishing-resistant authentication methods like passkeys.
Some passwords that cannot be replaced with a passkey need to be moved to a different storage location, but for accounts that support passkeys, Microsoft recommends that users upgrade their security immediately.
Microsoft stated: "Registering passkeys is an important step, but it's just the beginning. Even if we convince over a billion users to register and use passkeys, if a user has both a passkey and a password, and both grant access to an account, that account is still at risk of phishing attacks. Our ultimate goal is to eliminate passwords entirely and have accounts that only support phishing-proof login credentials."