Skip to main content

Microsoft Edge will tell you when your password is compromised

Edge
Edge (Image credit: Windows Central)

What you need to know

  • Password Monitor is rolling out to Microsoft Edge Dev and Canary.
  • The feature helps you know when a password isn't safe to use anymore.
  • Password Monitor checks your passwords against a database of breached credentials.

Microsoft Edge Dev and Canary now have a Password Monitor that lets you know when a password isn't safe anymore (via Techdows). Password Monitor checks your password against a database of breached credentials, letting you know that your password needs to be changed. Microsoft updated its page that breaks down Password Monitor (opens in new tab) yesterday.

As Microsoft points out, many people use the same password across multiple sites. That means that when there's a data breach for a site, people can try your password across other sites with some success. Hackers can use this method to hijack accounts and perform illegal or dangerous activities with someone else's account.

Password Monitor proactively checks the passwords you've saved in Edge against a database of breached credentials. According to Microsoft, your information is encrypted during this process and only you know the password that is compromised.

Here are the steps to turn on Password Monitor, as outlined by Microsoft:

  1. Make sure you're signed in to Microsoft Edge using your Microsoft account or your work or school account.
  2. In your browser settings, go to Profiles > Passwords.
  3. Turn on the toggle next to "Show alerts when passwords are found in an online leak". After the toggle is turned on, any unsafe passwords will be displayed on the Password Monitor page in your browser settings > Passwords.

If a password is compromised, you should change it immediately. You should also consider using a password manager to make more secure passwords that aren't used across multiple websites.

Sean Endicott
Sean Endicott

Sean Endicott is the news writer for Windows Central. If it runs Windows, is made by Microsoft, or has anything to do with either, he's on it. Sean's been with Windows Central since 2017 and is also our resident app expert. If you have a news tip or an app to review, hit him up at sean.endicott@futurenet.com.

3 Comments
  • There should be no need to safely encrypt the transfer if the database itself was distributed to the clients and the clients would check for breach themselves (offline).
  • Does it make sense to save your passwords on Edge, or Firefox, or any browser that doesn't have an OS or an app to access these passwords? Even if you use it on your phone, you can't use the passwords in another app. They should make a password manager app, or just build an existing service inside Edge. Or just recommend one.
  • I think for a few people this will be nice. But I think you are right on the mark. No password manager app no significant usage. But we will see :)