By Davey Winder, Senior Contributor
Publication Date: 2026-05-05 12:32:00
What if I told you that your web browser was saving all your passwords to memory, and doing so in plaintext? Buckle up, Microsoft Edge users, you are in for a wild ride.
A security researcher has gone public to disclose a vulnerability affecting all Edge browser users after Microsoft told him the security issue was by design. “Microsoft Edge loads all your saved passwords into memory in cleartext,” Tom Jøran Sønstebyseter Rønning said, “even when you’re not using them.” Yes, whenever you save passwords using Microsoft Edge, it decrypts them at startup and then keeps them sat right there in process memory, even, Rønning warned, “if you never visit a site that uses those credentials.” Here’s the thing, though, despite Edge being a Chromium-based browser, Chrome itself does not display this behavior. Which begs the question: Is it time to switch from Edge to Chrome, or another Chromium-based browser?
MORE FROM FORBESMicrosoft Update Warning—Windows 11 Security Fix…
