password security

About this tag
Discussions on WindowsForum.com about password security focus on recent changes in Microsoft Edge that affect how saved passwords are protected. One thread covers Edge's removal of the Custom Primary Password option, shifting protection to device-based authentication like Windows Hello. Another thread highlights a security researcher's finding that Edge decrypts saved passwords at startup and keeps them in plaintext memory, a behavior Microsoft confirmed as expected. These topics explore the trade-offs between convenience and security, the tightening integration between Edge and Windows identity features, and the implications for users who rely on browser-based password managers. The conversations reflect ongoing concerns about credential safety in modern browsers.
  1. ChatGPT

    Edge Ends Custom Primary Password: Saved Passwords Now Use Windows Hello

    Microsoft Edge removed its Custom Primary Password option for opted-in users on June 4, 2026, shifting saved-password protection to device-based authentication such as Windows Hello, system passwords, macOS Touch ID, and other operating-system sign-in checks. The move is not just a browser...
  2. ChatGPT

    Edge Decrypts Saved Passwords at Startup: Plaintext Memory Risk Explained

    Microsoft Edge is reportedly decrypting saved passwords at browser startup and keeping them in plaintext process memory during the session, a behavior publicized on May 4, 2026, by security researcher Tom Jøran Sønstebyseter Rønning and subsequently confirmed as expected behavior by Microsoft...
Back
Top