ProtonBlog
Subscribe by RSS
is microsoft edge password manager safe

Is Microsoft Edge password manager safe?

Fergus O'Sullivan

Share this page

Like most browsers, Microsoft Edge has a built-in password manager. Can you trust it, though? Is Microsoft Edge password manager safe?

Overall, while Microsoft Edge password manager seems safe at first, there are some issues with the way it handles bugs, even serious ones. On top of that, it’s hard to say how the program works, as Microsoft is not transparent and does not use open-source code. As a result, we recommend you use another password manager instead.

What is Microsoft Edge password manager?

If you use the Microsoft Edge browser, you’re probably familiar with the little pop-up from Microsoft Edge to save your password whenever you create a new online account. 

Microsoft Edge password manager save prompt

Clicking “got it” means you won’t have to remember this password anymore. Edge will do it for you, which will likely be a big convenience. This is a huge benefit to using a password manager: The fact that a program will now remember your passwords for you so you don’t have to write them down or reuse passwords.

Using a password manager means you can use longer passwords integrating more random characters. This will increase your security significantly, as the longer and more random a password, the harder it is for an attacker to crack. However, while password managers are great for these reasons, not all password managers are equally secure.

Is Microsoft Edge’s password manager safe?

If you leave all your passwords in a password manager, you’re reducing the number of vulnerabilities you have: For example, if you have 100 online accounts with weak passwords, you have 100 vulnerabilities. Put the information from all those 100 accounts into a single password manager, you’ve reduced the vulnerability to just one, namely the manager itself.

Because of this, you want to make sure you’re using the best, most secure password manager out there. This is where Microsoft Edge password manager is lacking. 

The biggest strike against Microsoft Edge’s password manager — and any Microsoft product, really — is that it’s closed-source. In simple terms, this means that only Microsoft and its engineers have access to the code that makes up the program. While this is great for any company that wants to protect its code, it’s bad for transparency and thus for its users. 

Open-source programs will work the same way as closed-source ones. But with an open-source program, security experts can check the code for themselves and verify it has no security vulnerabilities and operates the way the developers say it does. This is great for any kind of program, but especially vital for programs that need to be extra secure, like password managers. 

With Edge’s password manager, you’re taking Microsoft at its word that everything is secure. When using Proton products, however, you don’t have to take our word for it. That said, Microsoft could have been partially transparent by authorizing a third-party security audit. Microsoft has declined to do so.

What makes it worse is that Microsoft has a habit of not fixing bugs very quickly. A good example is a recent announcement(new window) by the company that it will use advanced techniques to fight issues, coming months or even years after attacks that laid waste to users’ systems. Even when the company responds relatively quickly — relative for Microsoft, that is — there’s no guarantee the fix will not be worse than the bug(new window).

What to use instead of Edge password manager?

It stands to reason, then, that if you’re worried about security, you may want to look elsewhere. Thankfully, all you need to do is disable Microsoft Edge password manager and install a new, better password manager instead.

We developed Proton Pass as an alternative password manager for Microsoft Edge that you can install with just a few clicks. As a cloud-based password manager, we store data and the keys with end-to-end encryption on secure servers, meaning that nobody, not even Proton, can see your passwords. In fact, we can’t see your data or keys at all. 

Because our code is open source, you can check it whenever you’d like(new window). And we keep you up-to-date on issues and fixes, too.

Other reasons to use Proton Pass

Besides security, there are plenty of other reasons to use Proton Pass, most of them to do with ease of use. For one, Proton Pass has a richer interface than Microsoft Edge password manager, letting you organize passwords and manage them as you’d like. It’s also a lot more versatile, letting you store credit card details and secure notes, as well as passwords. 

Proton Pass also has a free plan, meaning you can switch to it from Microsoft Edge password manager without having to spend a penny. The free plan lets you save as many passwords as you want, plus offering hide-my-email aliases, special email addresses that you can use to hide your identity when creating online accounts. 

On top of that, Proton Pass is part of our suite of privacy tools that puts your privacy first. That starts with our business model. Instead of profiting off of your data, Proton is entirely community supported from subscriptions. Founded by scientists who met at CERN, our mission is to create a better internet where privacy is the default. If you’d like to join us and help make this goal a reality, sign up for a free Proton Pass account today.

Protect your passwords
Create a free account

Related articles

Google is one of the biggest obstacles to privacy. The Big Tech giant may offer quick access to information online, but it also controls vast amounts of your personal or business data. Recently, more people are becoming aware of the actual price you
What to do if someone steals your Social Security number
If you’re a United States citizen or permanent resident, you have a Social Security number (SSN). This number is the linchpin of much of your existence, linked to everything from your tax records to your credit cards. Theft is a massive problem, whic
compromised passwords
Compromised passwords are a common issue and probably one of the biggest cybersecurity threats for regular people. How do passwords get compromised, and is there anything you can do to prevent it? * What does compromised password mean? * How do pa
Is WeTransfer safe?
  • Privacy basics
Is WeTransfer safe?
WeTransfer is a popular service used by millions worldwide to send large files. You may have wondered if it’s safe or whether you should use it to share sensitive files. We answer these questions below and present a WeTransfer alternative that may su
what is a dictionary attack
Dictionary attacks are a common method hackers use to try to crack passwords and break into online accounts.  While these attacks may be effective against people with poor account security, it’s extremely easy to protect yourself against them by usi
Data breaches are increasingly common. Whenever you sign up for an online service, you provide it with personal information that’s valuable to hackers, such as email addresses, passwords, phone numbers, and more. Unfortunately, many online services f