{“lastseen”:”2026-05-08T14:05:08″,”description”:”Some time ago, we discussed whether you should allow your browser to remember your passwords.\\n\\nIn that article we mentioned the importance of encryption.\\n\\n\\u003e **\u201c** With a browser password manager, someone with access to your browser could see your passwords in clear text, although Windows can be set to ask for authentication (the same you use at startup of your device).\u201d\\n\\nThe typical behavior of browser password managers is to store passwords encrypted on disk, tied to your user account, and protected by the operating system.\\n\\nBut recently, a security researcher systematically tested every major Chromium-based browser for how they handle credentials in memory. The researcher found that Edge was the only one loading the **entire** password vault into plaintext process memory at startup, where it remains for the duration of the session. \\n\\nChrome and other Chromium browsers were observed to only decrypt a password when needed (autofill or \u201cshow password\u201d), not the whole vault, and to use mechanisms like app\u2011bound encryption for keys. Edge does not use those protections in this context.\\n\\nSo, the researcher decided to write a proof-of-concept (PoC) demonstrating that accessing that vault doesn\u2019t rely on zero-days or complex exploitation. It relies on the relatively simple ability to read process memory, which does require elevated privileges.\\n\\nBut when the researcher reported the issue to Microsoft, the response was underwhelming. The company\u2019s official response was that the behavior is \u201cby design.\u201d The reasoning most likely is that this behavior speeds up sign\u2011in and autofill, and attackers would already need a compromised machine or elevated access to read RAM, which Microsoft treats as out of scope for this design decision.\\n\\nWhich is basically true. An attacker already needs significant foothold: for example, code execution on the box and the ability to read Edge\u2019s process memory, often requiring elevated privileges. This is not a remote, unauthenticated bug in the browser, but the design makes post\u2011compromise credential harvesting easier. And it\u2019s a capability many infostealers already have.\\n\\nIt\u2019s just another thing an attacker can do once they’ve compromised your machine. Combined with this academic study from 2024, which found many password managers leak plaintext passwords into memory under some conditions, it leads us to repeat our advice.\\n\\n## Should you allow your browser to remember your passwords?\\n\\nYour browser password manager gives you ease of use, but that costs you some security. Of course, password managers aren\u2019t foolproof either, so it\u2019s important to decide for yourself where you store your passwords.\\n\\nIf you\u2019re confident the website is safe, and anyone that can access it under your account won’t learn anything new, feel free to store the password in your browser, but disable autofill so you stay in control.\\n\\nUse MFA where possible. It enormously reduces the risk should someone get hold of your password. And refrain from using the browser password manager to store your credit card details or other sensitive personally identifiable information, such as medical information.\\n\\nBut we\u2019d add that, among the major browsers, Edge appears to be the weakest option if you still choose to use a built\u2011in password manager.\\n\\n* * *\\n\\n**Stop threats before they can do any harm.**\\n\\nMalwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser \u2192”,”published”:”2026-05-08T12:48:53″,”modified”:”2026-05-08T12:48:53″,”type”:”malwarebytes”,”title”:”Microsoft says Edge\u2019s plaintext password behavior is \u201cby design\u201d”,”source”:””,”references”:””,”id”:”MALWAREBYTES:8B9A141837D7256A2EB491D145ABF7BC”,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/05\/microsoft-says-edges-plaintext-password-behavior-is-by-design”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-05-08T14:05:08″,”description”:”Some time ago, we discussed whether you should allow your browser to remember your passwords.\\n\\nIn that article we mentioned the importance of encryption.\\n\\n\\u003e **\u201c** With…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-52497","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n