Identity Microsoft Edge password saving practice raises security concerns May 8, 2026 Share By SC Staff (Adobe Stock) As reported by HackRead, security expert Tom Jøran Sønstebyseter Rønning has raised significant security concerns regarding Microsoft Edge's password management feature. The browser reportedly converts saved passwords into plaintext within the computer's memory as soon as the application launches, making them vulnerable to unauthorized access. Rønning demonstrated at the Big Bite of Tech 26 event that Edge is unique among tested browsers in this behavior. Unlike Google Chrome, which utilizes App-Bound Encryption (ABE) to secure passwords, Edge stores them in an easily readable format. This means any user with administrative or SYSTEM-level access can potentially view these plaintext passwords. Rønning developed a tool, EdgeSavedPasswordsDumper, available on GitHub, to prove how easily attackers or infostealers can scan browser process memory for these credentials. This poses a particular risk in shared environments like terminal servers, Citrix, or VDI, where an attacker with administrative rights could access the data of multiple logged-in users. Microsoft has stated this is by design, balancing speed and security, and believes a compromised system capable of memory scanning is already a severe security breach. However, experts like Craig Lurey of Keeper Security and Morey Haber of BeyondTrust criticize this approach, emphasizing that plaintext passwords in memory are a significant liability and easily compromised, recommending separate password managers as a safer alternative. Source: HackRead SC Staff Related Security Operations UIDAI and NFSU forge 5-year cybersecurity and digital forensics partnership SC Staff May 8, 2026 This strategic alliance, formalized on May 5 in Ahmedabad, establishes a framework to enhance cyber resilience within UIDAI's digital identity ecosystem. Security Operations Children easily bypass online age verification systems, report finds SC Staff May 8, 2026 The report highlights that children are aware of multiple methods to bypass these checks, either through personal experience or peer knowledge. Identity Most security pros say managing identity has become a major challenge Steve Zurier May 6, 2026 Nearly 9 in 10 security leaders struggle with identity sprawl as AI and NHIs expose governance gaps. Related Events Cybercast IAM for MSSPs: Real-World Deployments Mon May 18 Cybercast Privilege risk is in the lifecycle: A CISO discussion on modernizing identity control On-Demand Event Cybercast The industrialization of identity compromise On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Basic Authentication Biometrics Certificate-Based Authentication Challenge-Handshake Authentication Protocol (CHAP) Digest Authentication Digital Certificate Discretionary Access Control (DAC) You can skip this ad in 5 seconds