Introducing Edge Master Password | New feature
it's this feature: it's controlled feature rollout available in Edge canary, was added few versions ago. this helps your passwords stay safe, by requiring you to enter your Windows Pin/Password when you want to autofill your credentials on a web page. using the same strong authentication method Windows uses to secure your login screen, secure your disks pre-logon etc. next in line is this I'm already seeing some bits of it in Edge canary, but not fully implemented just yet.How to view and manage your Microsoft passwords on Linux/Chrome/ChromeOS (Without Edge or mobile)
1. install Google Chrome (or other Chromium based browsers, including Edge itself) 2. install Microsoft Autofill extension 3. Sign into your Microsoft account in the extension 4. Access your Passwords safely and hassle-free * you do Not need to sign in to Google account for this. ** this works on Mac and Windows too, basically any environment where you can install this extension in. The extension also has Import feature, so you can import your passwords at once from a file and save them to your Microsoft account. Questions & answers about Microsoft Authenticator app - Azure AD | Microsoft Docs Q: How are my passwords protected by the Authenticator app? A: Authenticator app already provides a high level of security for multi-factor authentication and account management, and the same high security bar is also extended to managing your passwords. Strong authentication is needed by Authenticator app: Signing into Authenticator requires a second factor. This means that your passwords inside Authenticator app can't be accessed even if someone has your Microsoft account password. Autofill data is protected with biometrics and passcode: Before you can autofill password on an app or site, Authenticator requires biometric or device passcode. This ensures that even if someone else has access to your device, they cannot fill or see your password, as they’d be unable to provide the biometric or device PIN. Furthermore, a user cannot open the Passwords page unless they provide biometric or PIN, even if they turn off App Lock in app settings. Encrypted Passwords on the device: Passwords on device are encrypted, and encryption/decryption keys are never stored and always generated on-the-fly. Passwords are only decrypted when user wants to, that is, during autofill or when user wants to see the password, both of which require biometric or PIN. Cloud and network security: Your passwords on the cloud are encrypted and decrypted only when they reach your device. Passwords are synced over an SSL-protected HTTPS connection, which ensures no attacker can eavesdrop on sensitive data when it is being synced. We also ensure we check the sanity of data being synced over network using cryptographic hashed functions (specifically, hash-based message authentication code).
