Despite the security updates, using Edge Wallet is still very risky, says user

Microsoft Autofill is a good alternative.

Reading time icon 3 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

edge wallet security

Later in 2023, Microsoft allowed Edge users to easily set up their Edge Wallet, a tool where credit cards, passwords, and other financial devices can be stored. It’s also available as a PWA, and that makes it easier to set it up in the Edge browser.

As per Edge’s updates, its Wallet is also getting security updates, and Microsoft makes sure users won’t be at risk when storing their sensitive information there.

However, despite the regular updates, some users still believe Edge Wallet is quite risky, and while it is a comfortable solution, users might be at risk of losing their credentials to hackers.

This Reddit user, for instance, has an alternative to Edge Wallet: the Microsoft Autofill extension. Released 2 years ago, the extension has become one of the most popular of its kind, and it can be used on all Chromium-based browsers, including Google Chrome, and Microsoft Edge.

What’s the difference between them? Well, the user says the extension is more secure than Edge Wallet because it requires more steps when authenticating, and Microsoft Autofill also doesn’t store sensitive data in plain text, something that Edge Wallet does.

While this extension is not ideal, one has to manually sync the passwords, but it provides a lot more security features on the local device, for one the data is not stored in plain text on the local device from what I have seen and one can set it to ask for a password confirmation of the main Microsoft account each time or once per session before it (i.e before the password is decrypted) autofills in the password.

Reddit user

The Edge Wallet is more risky because it doesn’t store passwords this way:

In Edge, only the password is encrypted in the local database, the rest of the credentials like website url, username, etc are stored in plain text. What is worse is that this local database also holds a list of websites in plain text for which a user has requested it not to store passwords.

Reddit user

However, if you don’t prefer either of the native Microsoft password managers, there are always third-party password managers that you can try. For instance, you could choose one of these password managers that are also capable of emergency access.

If your device is used by the whole family, these password managers specifically developed for this situation can also be of use.

However, if you don’t agree with the security of the Edge Wallet, and you don’t mind the extra steps, you could stay with Microsoft Autofill, as well. You know what they say, better safe than sorry.

More about the topics: microsoft edge, security