A security researcher has discovered that Microsoft Edge stores all saved passwords in plain text in the browser's memory, even when they're not being used. This vulnerability could potentially allow malicious software or attackers with local access to extract sensitive login credentials. The finding raises significant security concerns for Edge users and highlights potential risks in browser password management systems.
Background
Web browsers typically store passwords in encrypted form and only decrypt them when needed for authentication. This security vulnerability in Microsoft Edge represents a significant departure from standard security practices.
- Source
- Hacker News (RSS)
- Published
- May 5, 2026 at 02:22 AM
- Score
- 8.0 / 10