Microsoft Edge is storing passwords as plain text? Heres what Microsoft says.

Blogs Technology
Postado 2026-05-05 16:00:31
0
687

Microsoft Edge storing passwords as plain text? Microsoft responds.

Password managers are supposed to make life easier for users by remembering their passwords and keeping them secure.

However, one cybersecurity researcher has discovered a quite concerning development regarding Microsoft Edge and how the web browser's password manager behaves.

According to researcher Tom Jøran Sønstebyseter Rønning, Microsoft Edge loads every saved password into memory at startup — in plaintext.

In a thread on X, Rønning detailed how the credentials are decrypted even if a user doesn't visit a site that uses the password manager during the user session.

This Tweet is currently unavailable. It might be loading or has been removed.

"If an attacker gains administrative access on a terminal server, they can access the memory of all logged‑on user processes," ​​Rønning writes.

Mashable Light Speed

Edge is Microsoft's proprietary web browser based on the Chromium open-source project, the code base developed and maintained by Google. However, as Rønning shared, this issue involving plain text credentials does not appear in other Chromium-based browsers like Google Chrome.

"Edge is the only Chromium‑based browser I’ve tested that behaves this way," says ​​Rønning. "By contrast, Chrome uses a design that makes it far harder for attackers to extract saved passwords by simply reading process memory."

​​Rønning says he first reached out to Microsoft regarding his findings before publicly disclosing the issue. According to the cybersecurity researcher, Microsoft responded by saying this behavior in Microsoft Edge was "by design."

The German tech website Heise Online replicated the password issue. The site also noted that, according to well-established cybersecurity best practices, "passwords should only be decrypted at the time of use and deleted from memory very shortly thereafter."

Given Microsoft's alleged response to Rønning, users concerned about the potential issue should consider alternative password managers.

Mashable has reached out to Microsoft for more information regarding the recent findings. We will update this piece if we hear back.

Faça Login para curtir, compartilhar e comentar!
Pesquisar
Categorias
Leia Mais
Technology
Generative AI was everywhere at Google I/O 2026, but who is it for?
Who Is Google’s Generative AI Really For The...
Por Test Blogger7 2026-05-20 20:00:18 0 419
Food
Someone Made Roald Dahl's Chair Bacteria Into A Beer — And Apparently It Tasted Like Burnt Lemons
Someone Made Roald Dahl's Chair Bacteria Into A Beer — And Apparently It Tasted Like Burnt...
Por Test Blogger1 2026-02-08 05:00:13 0 2K
Technology
Creosote Oil Market in Europe by 2034: Regional Analysis and Industry Insights
  Creosote oil is a hydrocarbon-rich solution derived from coal tar or wood tar, widely used...
Por Shital Wagh 2026-04-06 18:47:33 0 4K
Food
This Hole-In-The-Wall Seafood Spot Is One Of Pennsylvania's Best
This Hole-In-The-Wall Seafood Spot Is One Of Pennsylvania's Best...
Por Test Blogger1 2026-03-29 11:00:04 0 1K
Food
How Long Can You Expect A Keurig To Last?
How Long Can You Expect A Keurig To Last?...
Por Test Blogger1 2026-02-16 00:00:13 0 2K
© 2026 Sngine-YND Portuguese
English Arabic French Spanish Portuguese Deutsch Turkish Dutch Italiano Russian Romaian Portuguese (Brazil) Greek
Sobre Termos Privacidade Fale Conosco Diretório