767
Microsoft Edge loads your passwords into memory in plaintext, but Microsoft says not to worry
(www.windowscentral.com)
this post was submitted on 06 May 2026
767 points (98.5% liked)
Technology
84569 readers
3904 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
This is sort of like saying "I leave my valuables in plain sight by my door because it has a lock on it and door locks are trustworthy." I'm not super into cyber security and stuff but it seems like one of the most common problems is programs managing to get access to memory they shouldn't have access to. It seems to happen all the time! Just like many locks for you door are trash.
Defense in depth is a concept they teach you in cybersecurity 101. But that's expensive and time consuming, so you end up with shit like this.
It’s ridiculous. It presupposes that cybersecurity doesn’t value or employ defense in depth. Completely untrue.
Look at the attack vector researchers were trying to solve when they created OAuth2.0 w/ PKCE.
Everytime I read a Microsoft headline these days
"Yeah totally secure! Just trust me!.." basically
This is LITERALLY isn't secure; they should atleast make it encrypted. This is just the same as using your notes app as password manager! But it's microsoft, and they're willingly giving your bitlocker encryption key to the FBIs for your drives. So I'm not surprised..
I feel it may be worse than using your notes app.
A malicious attack doesn't know which notes app, nor the filename.
This has every browser opening the exact same passwords.txt in root.
Safety and security are foundational to Microsoft Edge. Access to browser data as described in the reported scenario would require the device to already be compromised. Design choices in this area involve balancing performance, usability, and security, and we continue to review it against evolving threats.
"We value user safety and usability, but if you're already compromised you can go fuck yourself"
load more comments
(6 replies)
This is why gamers should reject kernel anti cheats. A single dev at a single company that requires one could read them as easily as any other file. I'm not exaggerating, unless I'm misinformed
load more comments
(3 replies)
You guys are using edge?
Edge is on my computer, and I can't delete it, at least not with my limited IT experience. It's buried deep in the operating system, and it opens up seemingly randomly, I use firefox.
Looking online about getting rid of it, others described it as cancer.
It's not that hard, all you need is usb drive and choosing a distro (the hard step)
The solution is to use Linux Mint.
I'm afraid as I am on my backup computer, and I worry that if I try to change over I will not do it correctly as has been the case every single time I've tried to download a program to accept zip files, or torrents I don't know what my deal is.
I really do want to switch over, I am working on fixing my better computer. More than anything I want a graphene OS phone.
Good that you want to switch, take your time, don't be afraid. There are many resources online for how to switch without accidentally deleting or losing access to things. I have been using Linux Mint for over a year now switching from Windows 10 and I haven't run into any limitations or issues. It's been a great learning experience and has overall lead to me being more technologically savvy. If you have any questions there are many places to discuss, feel free to ask.
Not sure how it works in Win11 but historically it has not been possible to remove Internet Explorer or Edge from Windows.
That is an anti-competitive practice and illegal in truth. Against the laws of the United states, the ones that aren't enforced anymore.
load more comments
(2 replies)
phew it’s an expected feature, thank goodness!!!
if they patch this, they should be dragged through the town square after that comment
It's an expected feature for me too, in that I expect Microsoft to be fucking useless at everything lol
Nothing in this timeline surprises me any more.
Lucky. I have surprise fatigue lol
I just can't be indifferent to reading news like "US To Start Firing Unspayed and Neutered Dogs Into The Ocean From Florida Coast"
load more comments
(1 replies)
How will the NSA spy on you if Microsoft doesn't hand them your passwords?
Fuck Microslop Fuck windows 11
Trust me bro
M365 chat also fetches a copy of whatever secured file links you send to each other. Goes without saying, but never use Microsoft products if you value security.
I haven't used a Microsoft browser or operating syatem in almost 25 years.
load more comments
(4 replies)
How can a company manage to be so bafflingly incompetent and why are there people out there still standing for it.
view more: next ›