How are Microsoft Edge remembered passwords encrypted?

[Dirk Starr]

I like Edge and would like to use the 'remember passwords' feature but I can't find a resource that describes how remembered passwords are encrypted. I won't use the feature until I understand how safe they are. Does anyone know?

 

[kemical]

Hi Dirk,
I guess if it's kept online then one must accept the fact that there is a risk associated with that. The best security is to carry on what you are already doing.
I did have a look for information regarding Edge and found a little but not exactly what your after:
Security features in Microsoft Edge browser for Windows 10

 

[Forbin]

Sorry this is about 2 years later, but I thought I'd go ahead and answer this more completely, since the page showed up repeatedly during my research into the same question.

Edge stores passwords using the Windows Credential Locker Service. This service supports multiple types of encryption; some less secure than others. Access to the service is controlled by the local Windows user account management. It can also be tied to Active Directory account management, and/or to an online "Microsoft Account" (what they used to call a "Windows LiveID account"). There is now a lot written about this service that can be looked up online.

This ties Edge together deeply with the rest of Windows. IMHO, this increases the vulnerable "cross-section" of the system that is exposed to an attacker. So you might want to continue avoiding Edge's password manager... or, in fact, any browser's built-in password manager.

Here's the advise I wrote in another forum...

To stay safe, a key principle you should follow is defense in depth. An example might serve to clearly illustrate the concept. Imagine a VIP (perhaps a head of state) who is going to a private meeting. Not only will s/he travel in an armored limosine; s/he will also take multiple safety measures: traveling in a convoy of identical cars so an attacker has to guess which car (or else attack all of them), traveling with trusted bodyguards, sending out decoy convoys, altering the travel path, keeping the meeting place and time secret, et cetera ad infinitum. These multiple measures are the heart of defense in depth.

Now, how to apply this to Microsoft Edge, or to any other browser or application?

Store your passwords somewhere else. An attacker’s scripts can most certainly determine which browser they’re running on. If they can determine that, they can tailor their attack to that browser’s vulnerabilities. And Edge is intimately integrated into Windows — and only the more recent versions — which narrows down how much an attacker has to learn about the environment that Edge exists in.

To improve your security, use a separate password manager application that stores your passwords in an encrypted form. Note that this is a case where “free is better.” Don’t buy a password manager; use an Open Source one. Why? Open Source means anyone can look at the source code to the program. This actually improves security. Even if you cannot read programs or create them yourself, it improves your ability to trust the software if you know that many other people (who share your concerns for security) have looked through the code and deemed it safe enough for their own use: no “backdoors” and no fundamental cryptological mistakes.

Cryptography is difficult, and even more difficult to “get it right.” If you use a purchased program, you are taking the vendor’s word for it that they did the job correctly so that there are no vulnerabilities they missed. If you use an Open Source program, you have more confidence that people other than the authors have scrutinized the code.

Some Additional Advice

1. Don’t use a password manager that can automatically, without your intervention, log you into websites you visit. (Or if you decide on a manager that you really like, but it has this feature, turn it off and don’t use it.) Anything a program can do for you, can be used against you by a clever attacker.
2. Don’t leave the program running all the time. But don’t start it and shut it down so frequently that you’re tempted to weaken your master password. (Or also giving others more chances to see you type it in.)
3. Use the auto-locking feature, if it has one. Set it to an interval that is a happy medium (see #2).
4. Clear the clipboard right after using it to paste a password or other sensitive information. Your password manager should have such a feature. If it doesn’t, find a different one.

I personally use “Password Safe,” originally written by Dr. Bruce Schneier, a noted security and cryptography expert. He turned it over to an Open Source team that has maintained it for many years (as noted at Schneier on Security). You can download it at (Password Safe) (h t t p s : // p w s a f e . o r g /) Be careful not to download it from other sources: there are many poor substitutes (some commercial, some free) that have tried to capitalize on this program’s reputation by naming their software similarly or even identically.

As with anything security related, don’t take any one person’s word for it… including my own. Do some research on your own to determine whether something is good or not!
​

Hope this helps!

 

[Neemobeer]

Edge uses the Windows Credential Manager to store credentials. I don't know what algorithms are used, but the key material used to encrypt them is specific to the user and device so not even another local user can decrypt them.

 

[Forbin]

Neemobeer, you wrote:

I don't know what algorithms are used, but the key material used to encrypt them is specific to the user and device so not even another local user can decrypt them.

Keeping the key material specific (or even unique) to a particular user is no guarantee of safety if the algorithm is weak. And you state "I don't know what algorithms are used."

I do know what algorithms are used. I avoided this level of unnecessary detail in my post above. The algorithm used varies depending upon whether the computer is:

• Authenticating locally, for example, standalone computers running a "home" edition of Windows
  
• Authenticating against a domain running only Windows NT 4.0 or earlier
  
• Authenticating against an Active Directory domain
  
• Using LM Compatibility Level 1 as directed by Group Policy settings
• Using LM Compatibility Level 2 as directed by Group Policy settings
• Using LM Compatibility Level 3 or higher as directed by Group Policy settings

This is not the complete list. And most users don't even know which situation they're in.

Depending on the situation, some of the algorithms Windows may use include:

• A LAN Manager hash. This is based on DES, but it uses only the first 14 characters of the password, converted to a normalized form. This plus the lack of a salt means it is trivially easy to break, thus insecure.
• An NT hash. This is an unsalted MD4 hash of the entire UTF-16LE password. MD4 has been severely compromised; attacks were found in 1995, 2004, 2007, and 2008. It is now trivially easy to break, and Internet RFC6150 declares MD4 obsolete.
• A Kerberos ticket. This is far more secure than either the NT or LM hashes, but Microsoft still got parts of the implementation wrong. The Computer Security Incident Response Team (CSIRT) has stated, "Although, it is considered a secure protocol, it [Kerberos] has some flaws in Windows environments with devastating consequences."
  
  • (I don't mean to indict Microsoft; as I said in my post above, cryptography is very difficult to get right in every aspect. There are a million and one ways to inadvertently introduce a vulnerability into an implementation.)

There are things that a knowledgeable system administrator can do to improve the security of Windows Authentication, and of the Windows Credential Manager, but unless the individual has that knowledge, or access to an individual who does (for every PC they use), it is just safer to use "defense in depth" -- use a separate password manager, use a separate file encryptor instead of BitLocker, etc.

The original poster said:

I won't use the feature until I understand how safe they are.

I find your reply "not even another local user can decrypt them" to be misleading and therefore terribly irresponsible. Even if an attacker cannot decrypt the user's Windows password, they can (often trivially) find a hash collision and steal passwords from the Credential Manager just as if they did know the account password.

Relying solely on the security of Windows is unsafe. I cannot state this fact any more bluntly than that.

 

[Neemobeer]

True, probably not the best words to use, obviously passwords can be decrypted and also from things I've been working at my job credman passwords while loaded in memory are in clear text so in short storing any passwords in Windows is a pretty bad idea. It takes me about 2 minutes to dump and extract passwords.


LM Hashes should be disabled by default in Vista and newer and of course you can simply use a 15+ length password to be sure.

Kerberos isn't even really that safe since you can do silver and gold ticket attacks on it pretty easily with the right tools.