Microsoft Edge is changing how stored passwords are protected, and the browser is moving away from a custom master password. Instead, access is now tied to device-based authentication such as Windows Hello.
For users who relied on Custom Primary Password, the shift replaces a browser-only security layer with protection that lives closer to the operating system. Microsoft has already said that the old setup will be removed for users included in this transition.
Device-bound protection replaces the old master password
Since June 4, Edge has automatically used device authentication to secure saved passwords. That means users are no longer asked to enter a master password when opening the password manager.
When a saved password needs to be viewed or managed, Edge now asks for verification through Windows Hello or another available system authentication method. If Windows Hello is enabled, it becomes the main way to unlock access.
Windows Hello can use fingerprint scanning, facial recognition, or iris verification. If it is not available, Edge falls back to the device login password or another OS-level authentication option.
What changes for everyday Edge users
The new setup should feel simpler for many people because the browser no longer depends on a separate secret password. Instead, access is linked to the security features already built into the device.
This affects the moments when users try to reveal, fill, or manage stored credentials in Edge. Rather than typing a Custom Primary Password, they now confirm identity through the device’s authentication system.
Users who already unlock their computers with a fingerprint or face scan may find the process faster. Those without biometrics can still rely on their device password or another operating system authentication method.
Why Microsoft is making the switch
The older master password model had one major advantage: a single password could unlock all saved credentials. But that also meant a serious risk if that password was discovered by someone else.
Microsoft sees device-based authentication as a stronger option in this case. Windows Hello supports biometrics that are harder to phish and do not leak in the same way as a normal password.
The company also points to the tighter link with computer hardware when users authenticate through the device login. In addition, this process does not need to send data over the internet to verify access.
A broader move away from traditional passwords
The Edge change fits a larger direction from Microsoft, which has been reducing reliance on conventional passwords across its products. The company has also pushed new accounts away from password-first setup, with passkeys or biometrics offered earlier.
For users already in the transition, the change happens automatically. Once it is active, Edge uses the device authentication method available on the system and no longer returns to the old Custom Primary Password flow.
That makes the password manager depend less on a browser-specific secret and more on the security tools built into the device itself.
Source: www.xda-developers.com