Microsoft announced several new features for its Edge browser, including a new alerting service to warn users if the credentials they have saved to autofill have been compromised in a third-party data breach.
“Today, we’re announcing Password Monitor in Microsoft Edge to help keep your online accounts safe from hackers. When enabled, Password Monitor is a feature that notifies you if the credentials you’ve saved to autofill have been detected on the dark web.” reads the advisory published by Microsoft.
In recent months, credential stuffing attacks continues to be a growing threat.
Credential stuffing attacks involve botnets to try stolen login credentials usually obtained through phishing attacks and third-party data breaches. This kind of attack is very efficient due to the bad habit of users of reusing the same password over multiple services.
To prevent that threat actors could abuse credentials obtained from third-party data breaches, the Microsoft Password Monitor feature implemented in the Edge web browser will notify users if the password they are entering using autofill has been offered for sale on the dark web.
“If Microsoft Edge uncovers a match with any of your saved username + passwords, you will receive a notification from within the browser prompting you to take action,” continues the announcement. “Through a dashboard in Settings, you can view a list of all leaked credentials and get routed to their respective websites to change your password. Once the password has been changed, save the new credential to autofill and continue browsing with peace of mind knowing that Microsoft Edge and Password Monitor have your back.”
Edge users will be able to view a list of all leaked credentials in the dashboard in Settings, then they will be redirected to their respective websites to change your password. Once the password has been changed, users have to save it to autofill and let the Password Monitor to alert it in case a future security breach would expose users’ credentials.
The new feature in the Password Monitor will be rolled out to the Insider channels in the next few months.
Other web browsers such as Firefox and Chrome already warn users about compromised passwords since October 2019.
Microsoft also announced the enhancement of the InPrivate browsing mode and a feature to prevent users’ tracking online.
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Edge browser, credential stuffing)
[adrotate banner=”5″]
[adrotate banner=”13″]
BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large…
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.…
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since…
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly…
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of…
Ivanti addressed two critical vulnerabilities in its Avalanche mobile device management (MDM) solution, that can…
This website uses cookies.