this post was submitted on 06 May 2026
716 points (98.8% liked)

Technology

84410 readers
3140 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
716
Microsoft Edge loads your passwords into memory in plaintext, but Microsoft says not to worry (www.windowscentral.com)
submitted 1 day ago by Itwasntme223@discuss.online to c/technology@lemmy.world
102 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] jama211@lemmy.world 1 points 2 hours ago (2 children)

And yet you and most people use a door with a lock instead of something more secure because... in general they do work well for the purpose they're trying to serve. Most criminals aren't master criminals, and master criminals aren't coming after your house.

[–] JackbyDev@programming.dev 3 points 2 hours ago* (last edited 2 hours ago) (1 children)

Don't overthink the metaphor. These things are fragile and fall apart. The "door with a lock" is the "guarantee" (wink wink) that the operating system won't let programs see memory they shouldn't be allowed to. Putting your valuables in a safe instead of sitting in the floor would be encrypting the passwords in memory in the metaphor.

Also, cyber security and physical security are very different. With cyber security you need to understand that there are orders of magnitude more people looking for simple problems. Like a criminal checking every door in the world automatically, just looking for ones that are unlocked. Someone not being a "target for master criminals" isn't really applicable for this. Besides, that's a critique of what level of security an individual should have, but pointing out the flaw in Edge is a critique of something that claims to be secure that isn't.

[–] jama211@lemmy.world 2 points 48 minutes ago

fair

[–] mirshafie@europe.pub 2 points 2 hours ago (1 children)

I extracted IE6 passwords from hundreds of people when I was 13, for fun. If passwords are now being stored plaintext again, they are going to leak. Some of the people who steal those passwords won't be doing it just for fun.

[–] jama211@lemmy.world 1 points 48 minutes ago* (last edited 47 minutes ago)

to be honest passwords on their own are on their way out as a form of security entirely for this reason - they're inherently weak no matter how they're stored as they're a single point of failure. we're even moving on from 2 factor to passkeys.