Microsoft Edge stores all your saved passwords unencrypted in memory

2026-05-06 | original

read original get Password Manager Security Key → more articles

Why This Matters

This discovery highlights a significant security vulnerability in Microsoft Edge's password management system, exposing users to potential data breaches if malicious actors exploit this flaw. It underscores the importance of robust encryption practices in protecting sensitive user information in widely used browsers.

Key Takeaways

Microsoft Edge stores passwords unencrypted in memory during use.
The vulnerability could allow malicious actors to access saved passwords easily.
Users and developers should prioritize encryption to enhance security in browser password managers.

Security researcher Tom Jøran Sønstebyseter Rønning recently shared evidence that Microsoft's web browser-based password manager stores all of its saved passwords in memory without encryption while running. He released and demonstrated a simple proof of concept that displays the passwords and their associated accounts.Read Entire Article

Explore topics: microsoft edge password manager encryption security researcher tom jøran sønstebyseter rønning