A security researcher has discovered that Microsoft Edge will load all your stored passwords into memory in plaintext at startup, making it easy for malware to scrape those passwords.
Files containing login credentials should be encrypted, yes. You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack. That’s not the controversial action you think it is.
Besides, I find it interesting how Microsoft disabling a protection mechanism Chromium ships with has turned into a debate about the applicability of layered defense to cybersecurity in general.
Files containing login credentials should be encrypted, yes. You will also find that password managers tend to relock their database after a period of time in order to limit the opportunity for an attack. That’s not the controversial action you think it is.
Besides, I find it interesting how Microsoft disabling a protection mechanism Chromium ships with has turned into a debate about the applicability of layered defense to cybersecurity in general.
They have the option to, yes. They also have the option to basically never ask for reauthentication.
Windows has encryption on by default. They are encrypted. They’re decrypted when you log in.