Summary

Microsoft Edge provides additional privacy for saved passwords by requiring device authentication before password autofill. This security feature helps protect stored passwords, prevents unauthorized access, and improves password privacy when using Microsoft Edge autofill. Learn how to enable authentication for saved passwords, understand how password protection works, and strengthen browser security in Microsoft Edge. This article explains additional privacy settings for saved passwords and how they protect your credentials.

Microsoft Edge stores your passwords securely encrypted on your hard disk. However, someone else with access to your computer may be able to sign into your accounts using your stored passwords with autofill.

This new update for Microsoft Edge gives you the option to enable a setting that requires you to authenticate yourself using your device credentials before you can use the saved password to autofill for a website.

To enable the feature:

  1. Go to edge://settings/autofill/passwords.

  2. Select Passwords and autofill > Microsoft Password Manager.

  3. Select More settings.

  4. Ensure the toggle is turned on for Autofill passwords and passkeys.​​​​​​​

  5. Select Prompt for the device sign-in options before viewing or filling website password, and select the frequency from the drop-down:

    • Always ask permission

    • Ask permission once per browsing section​​​​​​​

How it works

After you turn on this setting, every time you visit a website for which you have your password saved, you’ll be asked to authenticate with your device credentials before the saved password is auto filled. So, someone else trying to use your saved passwords with autofill won't be able to, unless they have the device password.  

Enter device password

Understanding the capability and limitations

Requiring authentication before password autofill adds an additional layer of privacy. Now, no one who doesn’t know the device password can slip in with autofill. Any intentional or accidental sign-ins using your saved passwords is no longer possible. 

If you leave an unlocked computer in the presence of other people, you can be more confident that your passwords are safe. This feature also protects you against malicious sites that might try to steal your credentials. Other actions, such as revealing a password in plain text in the settings page, or exporting the whole list of passwords as an Excel file, will also require authentication using the device password, same as before.

However, this latest update isn't a fix-all. It's very important to understand what this feature can do and what it can't. This is only a basic level of deterrence that provides an additional safeguard for your stored passwords. To best protect the saved passwords in Microsoft Edge while others are using your device, Microsoft recommends that those users sign in with their own user account on your device.

Important: This setting can't guarantee protection against malicious hackers or protect you against a motivated attacker. Malware or keyloggers installed on your device will still be able to read your passwords and attackers who can access your device can also turn off this setting if they know the device password.

A peek into the future

With this helpful first step, you get additional privacy for your passwords stored in Microsoft Edge. However, in certain scenarios where a device is shared among multiple people, the device password is likely known to all of them as well. In such situations, there is greater peace of mind in having password autofill guarded with a dedicated custom password that isn't shared with others. This capability is in the works, and will be brought to Microsoft Edge in the near future.

Facebook LinkedIn Email

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center