Forum Discussion
Autofill Blog #2: Password Security
The last blog post on Autofill in Microsoft Edge received several comments and inquiries from readers on Password Storage and Security. We understand this is a subject of great interest and concern t...
- Fill on Account Select (FoAS): This feature (available via edge://flags, see below) enables stored credentials from getting Autofill-ed into Username and Password fields. The way it works is that instead of injecting your stored username and password directly into a website, the browser now requires an additional confirmation from you before this data is passed onto the website. (How this differs from the Master Password feature described previously is that FoAS does not involve an additional re-authentication step.)
Please add re-authentication step here (at least ability to enable it in this case), just because all your arguments brokes when I press F12 and change input type from "password" to "text", what's the point to use window hello in "view saved passwords" when I can open the site and get the password with two clicks?
You need to implement master password (or use windows hello) when filling sensitive data, in other case it will be default non-secure non-usable browser autofill and everybody will use lastpass and other alternatives.