"When you save passwords in Edge, the browser decrypts every credential at startup and keeps them resident in process memory. This happens even if you never visit a site that uses those credentials."
"Access to browser data as described in the reported scenario would require the device to already be compromised. Design choices in this area involve balancing performance, usability, and security."
Microsoft Edge stores user passwords in plaintext in memory when managing them, raising security concerns. A researcher demonstrated this behavior, revealing that passwords are decrypted at startup and remain in memory. Microsoft acknowledged this as an expected feature, stating it poses a risk only if the device is already compromised. The company emphasized that design choices balance performance, usability, and security, and they continue to review these practices against evolving threats.
Read at ZDNET
Unable to calculate read time
Collection
[
|
...
]