100
Microsoft Edge keeps passwords in memory as plaintext, a move Microsoft insists is safe (www.windowscentral.com)
submitted 2 weeks ago by sanitation@lemmy.radio to c/pcmasterrace@lemmy.world
18 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] Jesus_666@lemmy.world 0 points 2 weeks ago

That is one way an attacker can gain access to the browser's memory. It's not the only way.

Besides, administrative access does not necessarily mean that the attacker has complex attack code for every possible scenario included with whatever they're running. The more work they have to do to access your data, the less likely it is that they're doing that specific work.

Leaving stuff lying around in the open because an attacker potentially could have a specific countermeasure to more strict safety measures is equivalent to giving up. At that point you can just forego security at all because whatever you have might potentially have an exploit.

[-] FreedomAdvocate@lemmy.net.au 1 points 2 weeks ago

Should every single file on every computer be encrypted and require a password and 2FA to open every time? Why not?

Because if you’re logged in it’s assumed you have the right to be there and open them. Same with passwords in a browser.

[-] Jesus_666@lemmy.world 0 points 1 week ago

Files containing login credentials should be encrypted, yes. You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack. That's not the controversial action you think it is.

Besides, I find it interesting how Microsoft disabling a protection mechanism Chromium ships with has turned into a debate about the applicability of layered defense to cybersecurity in general.

[-] FreedomAdvocate@lemmy.net.au -1 points 1 week ago

You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack.

They have the option to, yes. They also have the option to basically never ask for reauthentication.

Files containing login credentials should be encrypted, yes.

Windows has encryption on by default. They are encrypted. They're decrypted when you log in.

this post was submitted on 07 May 2026
100 points (96.3% liked)

PC Master Race

21210 readers
679 users here now

A community for PC Master Race.

Rules:

  1. No bigotry: Including racism, sexism, homophobia, transphobia, or xenophobia. Code of Conduct.
  2. Be respectful. Everyone should feel welcome here.
  3. No NSFW content.
  4. No Ads / Spamming.
  5. Be thoughtful and helpful: especially when new beginners have questions.

founded 2 years ago
MODERATORS
Brunbrun6766@lemmy.world
_MoveSwiftly@lemmy.world
Xeon@lemmy.ml
IowaMan@lemmy.world
The_Vampire@lemmy.world
CatZoomies@lemmy.world
geosoco@kbin.social
Fudgeknuckles98@lemmy.world
BobaFett26@lemmy.world