Jun 30 2020 11:25 AM - edited Jun 30 2020 11:39 PM
We’re delighted to announce that a preview of Password Monitor is now available in the Canary and Dev channels. Microsoft Edge Insiders can try it out on preview builds starting with version 84.0.506.0. Password Monitor is the latest feature we’re adding to the browser to help our customers protect their online privacy and security. Each year, hundreds of millions of personal credentials are exposed online in third-party data breaches and end up for sale on the online black market, often referred to as the Dark Web. Leaked usernames and passwords can be used to gain access to your online accounts via “credential stuffing” attacks. In these attacks, automated scripts are used to try different username and password combinations with the goal of hijacking accounts.
Though users are warned not to reuse the same pair of credentials for more than one account, it’s a common practice. This leaves them vulnerable on multiple sites when breaches occur.
While it’s impossible to prevent leaks from ever happening, you can now browse with more peace of mind, knowing Microsoft Edge has your back with Password Monitor, designed to help you keep your online accounts secure.
After you save your credentials to the browser, Microsoft Edge will begin proactively monitoring them for matches against credentials leaked to the Dark Web. Microsoft has been monitoring for leaked credentials for enterprise customers and their Azure Active Directory (AAD) accounts for years. Password Monitor now brings this service to all customers and accounts.
It checks the credentials you’ve saved in Microsoft Edge against an ever-growing database of usernames and passwords that are known to have been breached, collected by a network of researchers, law enforcement agencies, security teams at Microsoft and other trusted sources. The check is done using enterprise-grade encryption and privacy-preserving techniques. When a match has been found, the unsafe passwords will be displayed on the Password Monitor page in your browser settings > Passwords.
In this early preview, Password Monitor is turned off by default and a few steps are required to turn it on.
If you’re saving a new password to the browser, you’ll also have the opportunity to turn on the feature by selecting the check box in the Save password notification. Select the check box and then select 'Ok' to turn on Password Monitor for all credentials saved to Microsoft Edge.
If Password Monitor has detected a compromised password, a red badge will show up in the More menu during your browsing session. Selecting the icon in the More menu will show you the password leak notification. Selecting the notification will take you to the Password Monitor page under Settings > Profiles > Passwords. From there, Microsoft Edge will take you directly to the website of the compromised account so you can update your password. Be sure to save your new password to the browser so Password Monitor can continue to work on your behalf.
This is just the beginning for Password Monitor, and we’re excited to continue enhancing the feature. The preview experience today doesn’t include automatic notifications, but we expect to bring you notifications soon. Until then, after you turn on Password Monitor, make sure to check Settings > Profiles > Passwords for alerts about your credentials.
Turn on Password Monitor today and let us know what you think! As we gather feedback and continue to fine-tune the feature, we’ll be rolling it out to a broader audience.
Thank you for being part of our Insider community and trying this early preview.
Feb 08 2021 01:46 PM
Apr 02 2021 08:44 AM
Apr 03 2021 09:19 PM
Thank you for your patience, and apologies for the delay!
The feature rollout continues and is made available to an increasing number of users everyday. By mid-April, the latest Stable build (E90), this feature will become available to everyone.
Apr 03 2021 10:11 PM
Apr 03 2021 10:11 PM
Jun 15 2021 12:39 PM
I Love the new setup you have for the password page in settings. "edge://settings/passwords"
I love that you can see the actual strength for each password you use. Also the stats for how many times you have reused a password and how many are weak.... Cudo's to the team....
Dennis5mile