Microsoft is changing Edge’s plaintext password behavior

Microsoft Edge previously decrypted the entire saved-password store on startup and kept credentials in clear text in process memory for the browser session; after researcher disclosure, Microsoft changed Edge (already in Canary) to decrypt passwords only when needed for autofill or management, reducing the risk of mass password harvesting from process memory and rolling the fix out across channels.