If you’re using Microsoft Edge’s built-in password manager, your saved credentials may not be as safe as you think. A researcher has confirmed that Edge decrypts all saved passwords at startup and stores them in plain text in your computer’s memory – for the entire browser session. Unlike other Chromium-based browsers like Brave and Chrome, Edge is the only one tested that decrypts and loads every credential into RAM at startup, whether you visit those sites or not.
In this episode, Charly covers:
How Edge handles saved passwords differently from other browsers
Why storing credentials in clear text in process memory is a serious risk
What an attacker with admin access or malware can do with a simple memory dump
Microsoft’s response – and why calling it a “design choice” is not reassuring
Why you should switch to a dedicated password manager like Zoho Vault
Your browser’s convenience should never come at the cost of your security.
Check out Zoho Vault: https://askcharlyleetham.com/likes/zohovault
Book a Free 30 minute Breakthrough Session: https://askcharlyleetham.com/book-me
(1 per person only)
0 comments