MC1111780: Improved backup and restore experience for Microsoft Authenticator on iOS
Starting September 2025, Microsoft Authenticator on iOS will use iCloud and iCloud Keychain for backup and restore, eliminating the need for a Microsoft personal account. This update simplifies setup on new devices, with automatic backup of account names and third-party TOTP credentials. No admin...
Starting in September 2025, Microsoft Authenticator on iOS will offer a more seamless and secure backup and restore experience using iCloud and iCloud Keychain. This update eliminates the need for a Microsoft personal account to back up account names and third-party TOTP (Time-based One-Time Password) credentials, simplifying setup on new devices.
When this will happen:
General Availability (Worldwide): We will begin rolling out in September 2025 and expect to complete by early October 2025.
How this will affect your organization:
- Users with iCloud and iCloud Keychain enabled will automatically benefit from this enhanced backup experience.
- Account names for all accounts in the Authenticator app—including work or school accounts, Microsoft personal accounts, and non-Microsoft accounts (such as Amazon, Google)—will be securely backed up using iCloud and iCloud Keychain.
- The existing in-app backup feature that requires a Microsoft personal account will be removed.
- Only account names and third-party TOTP credentials will be backed up. No other credentials are included.
- Users can disable backup at any time via iCloud settings on their device.
- When setting up a new iOS device, users will see their account names automatically appear in the Authenticator app and can sign in to complete setup—without needing a Microsoft account. This experience requires iOS version 16.0 or later.
A new in-app banner notifies users about the upcoming changes to Microsoft Authenticator’s backup experience on iOS:
Settings message alerting users to upcoming backup changes:
Updated settings screen with backup option no longer shown:
What you need to do to prepare:
This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.
Learn more: Back up account credentials in Microsoft Authenticator
Compliance considerations:
- Does the change store new customer data? - No.
- Does the change alter how existing customer data is processed, stored, or accessed? - Yes. Backup is now handled via Only iCloud and iCloud Keychain instead of iCloud and Microsoft account.
- Does the change modify how users can access, export, delete, or correct their personal data? - Yes. Users now manage backup data through iCloud settings without needing a Microsoft account.