Advice Request What is your opinion about the "sign in with device password" feature in Edge and Firefox password managers?

Please provide comments and solutions that are helpful to the author of this topic.

oldschool

oldschool

Level 82
Thread author
Verified
Top Poster
Well-known
Mar 29, 2018
7,142
Edge browser recently got a new feature called "sign in with device password". Firefox has had a similar feature for some time. I realize many users don't store passwords in the browser, but how does this feature improve security in auto-filling passwords? Or does it?
M$ says this about the feature:
Additional privacy for your saved passwords
 
  • Like
Reactions: CyberTech, silversurfer, Andy Ful and 3 others
blackice

blackice

Level 39
Verified
Top Poster
Well-known
Apr 1, 2019
2,820
SpiderWeb said:
I think Firefox has an option to unlock autofilling credit cards with my touch ID/fingerprint. I like that. I never trust my browser with any other passwords and super critical passwords are not stored anywhere not even my password manager.
Click to expand...
There is one password I don’t store in my password manager. It’s the one to the account that would change the passwords to all the accounts in the manager. They all also have 2-factor, as does the master account. It’s a tangled web. Logging into anything is a bit of a hassle.

To the original question I would say it’s an intriguing option. I’d be interested to see how people like it. I prefer my current password manager personally.
 
  • Like
Reactions: Nevi and oldschool
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,177
oldschool said:
...
I realize many users don't store passwords in the browser, but how does this feature improve security in auto-filling passwords? Or does it?
Click to expand...

After applying this setting, the auto-fill feature will require a device password that is used to sign in when starting Windows. It is a kind of protection against other people when the user leaves the computer temporarily (without Windows sign-off) to drink a coffee, etc. It can also protect against malicious sites that might try to steal credentials. Anyway, forcing users to sign in with their own user accounts on the device is better protection.

Important: This setting can't guarantee protection against malicious hackers or protect you against a motivated attacker. Malware or keyloggers installed on your device will still be able to read your passwords and attackers who can access your device can also turn off this setting if they know the device password.
Click to expand...
 
  • Like
Reactions: oldschool, blackice, Gandalf_The_Grey and 1 other person

Similar threads

Gandalf_The_Grey
    • Like
Despite the security updates, using Edge Wallet is still very risky, says user
Replies
1
Views
251
Microsoft Edge
oldschool
oldschool
BigWrench
    • Like
    • Thanks
Unlimited Giveaway Sticky Password Premium is a free license for 1 year. For all devices
Replies
0
Views
828
Giveaways, Promotions and Contests
BigWrench
BigWrench
silversurfer
    • Like
New Update Master Password, the App that Never Stores Your Passwords
Replies
3
Views
735
Passwords and passkeys
I Walk MY Way
I Walk MY Way

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top