Microsoft Edge is introducing a significant update to how it handles saved passwords, changing its previous behavior in a move aimed at improving user security and reducing credential exposure.

The update comes after concerns were raised about how the browser previously loaded saved passwords into system memory in plain text when the application started. While Microsoft maintained that the behavior did not technically violate a security boundary, the company has now opted to revise the design following industry scrutiny.

With the new update, Microsoft will ensure that saved passwords are no longer fully loaded into memory in readable form at startup. This adjustment is expected to reduce the risk of sensitive credential exposure, particularly in scenarios where a device may already be compromised by malware or unauthorized access.

Password security remains a critical issue in modern web browsers, as they often serve as the primary storage location for user credentials across websites and services. Any weakness in how these credentials are handled can increase the risk of data leaks or cyberattacks.

The change reflects a broader industry trend toward minimizing in-memory exposure of sensitive data and adopting more secure handling practices. Even if stored credentials remain encrypted at rest, how they are managed during active use plays an important role in overall system security.

Security experts note that modern threats often target system memory to extract sensitive information while applications are running. By reducing the presence of plain text passwords in memory, browsers can make it more difficult for attackers to retrieve usable credentials through memory scraping techniques.

Microsoft’s decision also highlights the ongoing tension between performance, usability, and security in software design. While loading credentials into memory can improve speed and convenience, it may also introduce unnecessary risk if not carefully managed.

The update is expected to be rolled out in upcoming versions of the browser, with users benefiting from improved protection without requiring major changes to their usage habits.

Microsoft Edge continues to evolve as part of Microsoft’s broader effort to enhance cybersecurity features across its ecosystem, especially as online threats become more sophisticated and persistent.

The move signals a cautious shift toward stronger default protections for users, even in cases where previous implementations were considered acceptable under existing security models.