A security researcher has discovered that Microsoft Edge will load all your stored passwords into memory in plaintext at startup, making it easy for malware to scrape those passwords.
Files containing login credentials should be encrypted, yes. You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack. That’s not the controversial action you think it is.
Besides, I find it interesting how Microsoft disabling a protection mechanism Chromium ships with has turned into a debate about the applicability of layered defense to cybersecurity in general.
Should every single file on every computer be encrypted and require a password and 2FA to open every time? Why not?
Because if you’re logged in it’s assumed you have the right to be there and open them. Same with passwords in a browser.
Files containing login credentials should be encrypted, yes. You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack. That’s not the controversial action you think it is.
Besides, I find it interesting how Microsoft disabling a protection mechanism Chromium ships with has turned into a debate about the applicability of layered defense to cybersecurity in general.