A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses.
Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk.
In a post on X, Rønning explained that when users save passwords in Edge, the browser decrypts every credential at startup and keeps it resident in process memory, regardless of whether the user visits the site.
Rønning’s finding was replicated by German IT publication Heise.de, which created and saved a password and found that, even after the browser had b...