By LinkedInEditors
Publication Date: 2026-05-16 14:37:00
Microsoft has reversed its position on a controversial security behavior in its Edge browser after mounting criticism from cybersecurity researchers revealed that saved user passwords were being loaded into system memory in unencrypted form at startup — even when those credentials were not actively being used.
The move marks a significant retreat for the company after it initially defended the behavior as an “expected feature” and “by design,” triggering backlash from security experts who argued the practice unnecessarily increased the risk of credential theft on compromised systems.
The issue was first publicly disclosed earlier this month by Norwegian security researcher Tom Jøran Sønstebyseter Rønning, who published technical findings showing that Microsoft Edge decrypted all passwords stored in its…
