Password Monitor is now available in Microsoft Edge preview builds

Microsoft

We’re delighted to announce that a preview of Password Monitor is now available in the Canary and Dev channels. Microsoft Edge Insiders can try it out on preview builds starting with version 84.0.506.0. Password Monitor is the latest feature we’re adding to the browser to help our customers protect their online privacy and security. Each year, hundreds of millions of personal credentials are exposed online in third-party data breaches and end up for sale on the online black market, often referred to as the Dark Web. Leaked usernames and passwords can be used to gain access to your online accounts via “credential stuffing” attacks. In these attacks, automated scripts are used to try different username and password combinations with the goal of hijacking accounts.

 

Though users are warned not to reuse the same pair of credentials for more than one account, it’s a common practice. This leaves them vulnerable on multiple sites when breaches occur.

While it’s impossible to prevent leaks from ever happening, you can now browse with more peace of mind, knowing Microsoft Edge has your back with Password Monitor, designed to help you keep your online accounts secure.

 

How Password Monitor works

After you save your credentials to the browser, Microsoft Edge will begin proactively monitoring them for matches against credentials leaked to the Dark Web. Microsoft has been monitoring for leaked credentials for enterprise customers and their Azure Active Directory (AAD) accounts for years. Password Monitor now brings this service to all customers and accounts.

 

It checks the credentials you’ve saved in Microsoft Edge against an ever-growing database of usernames and passwords that are known to have been breached, collected by a network of researchers, law enforcement agencies, security teams at Microsoft and other trusted sources. The check is done using enterprise-grade encryption and privacy-preserving techniques. When a match has been found, the unsafe passwords will be displayed on the Password Monitor page in your browser settings > Passwords.

 

Turn on Password Monitor

In this early preview, Password Monitor is turned off by default and a few steps are required to turn it on.

  1. Make sure you’re signed-in to Microsoft Edge using your Microsoft account or your work or school account.
  2. Go to Settings > Profiles> Passwords (or go to edge://settings/passwords) and turn on the toggle next to Show alerts when passwords are found in an online leak

Suhrid_Palsule_0-1593540590834.png

 

If you’re saving a new password to the browser, you’ll also have the opportunity to turn on the feature by selecting the check box in the Save password notification. Select the check box and then select 'Ok' to turn on Password Monitor for all credentials saved to Microsoft Edge.  

 

Suhrid_Palsule_1-1593540590840.png

 

If Password Monitor has detected a compromised password, a red badge will show up in the More menu during your browsing session. Selecting the icon in the More menu will show you the password leak notification. Selecting the notification will take you to the Password Monitor page under Settings > Profiles > Passwords. From there, Microsoft Edge will take you directly to the website of the compromised account so you can update your password. Be sure to save your new password to the browser so Password Monitor can continue to work on your behalf.

 

Suhrid_Palsule_3-1593540590853.png

 
 
 
 

passmon.jpg

 

This is just the beginning for Password Monitor, and we’re excited to continue enhancing the feature. The preview experience today doesn’t include automatic notifications, but we expect to bring you notifications soon. Until then, after you turn on Password Monitor, make sure to check Settings > Profiles > Passwords for alerts about your credentials.

Turn on Password Monitor today and let us know what you think! As we gather feedback and continue to fine-tune the feature, we’ll be rolling it out to a broader audience.

Thank you for being part of our Insider community and trying this early preview.

25 Replies
It has been a while since it started rolling out but I haven't seen it yet
This is not yet available on Linux. Any reason why?

Thank you for your patience, and apologies for the delay!

The feature rollout continues and is made available to an increasing number of users everyday. By mid-April, the latest Stable build (E90), this feature will become available to everyone. 

hello,

Sorry about the delay in replying here!

Please go to edge://settings/passwords/passwordmonitor to see which of your username-password pairs have been flagged as unsafe and change only those. No need to change all at once.

@Suhrid_Palsule 

 

I Love the new setup you have for the password page in settings. "edge://settings/passwords" 

1 Screenshot 2021-06-15 152515.jpg

I love that you can see the actual strength for each password you use.  Also the stats for how many times you have reused a password and how many are weak....  Cudo's to the team....

 

Dennis5mile