Security researcher Tom Jøran Sønstebyseter Rønning has revealed that Microsoft Edge stores all saved passwords in plaintext in system memory while the browser is running. This means passwords may be accessible in readable form even if they have not been used during the current session. Most browsers decrypt saved passwords only when needed and remove them from RAM shortly after use, but Edge reportedly keeps every saved password in clear text for the full runtime. Rønning demonstrated the behavior in a video, showing that saved Edge credentials could be extracted directly from RAM. Microsoft confirmed the behavior as a deliberate design decision, not a software bug, but did not explain the intended user benefit. Rønning also found that other Chromium based browsers, including Google Chrome, don't appear to handle passwords this way. Since Edge keeps passwords in memory, an attacker with local or administrative access could extract them without opening the password manager. Edge’s auth...
Related
Notchkin
A notes app that lives in your MacBook's notch. Discussion | Link
Agent 37
Give every customer their own Hermes or OpenClaw agent Discussion | Link
Laguna by Poolside
Foundation models for agentic coding and long-horizon work Discussion | Link