Security researcher Tom Jøran Sønstebyseter Rønning has discovered that Microsoft Edge decrypts all saved credentials upon startup and stores them in plain text within the system RAM. This occurs regardless of whether a user is visiting the websites associated with those logins. Unlike Google Chrome, which only decrypts credentials on demand and clears them after use, Edge keeps this sensitive data accessible in the memory for the duration of the session.
Microsoft does not currently view this behavior as a security vulnerability. The company maintains that passwords are only at risk if a machine is already compromised by malware, as local memory access would be required to scrape the data. However, this architectural choice creates a larger window of exposure for users compared to the more restrictive memory management found in competing Chromium-based browsers.
