Microsoft is ditching password-based authentication tomorrow – Edge browser will switch to Windows Hello access

Edge is Microsoft’s internet browser, based on Chromium. Among other things it has a built-in password manager that allows users to store not just passwords, but other secrets, too, such as usernames, payment info, or in some cases, addresses.

Until now, users who wanted to log into the tool and manage their secrets, could do so via a password, but Microsoft has been pushing to replace the old authentication method with passkeys. In a press release shared with TechRadar Pro, NordVPN said that as of June 4, the master password feature in Edge is finally retiring, to be replaced by device-based authentication methods such as Windows Hello (PIN, fingerprint, or facial recognition).

A step in the right direction

For Ignas Valancius, VP of engineering at NordPass, this is a logical step forward, since biometrics and passkeys are “considered more convenient and secure than passwords”.

“When people manage too many passwords, they tend to reuse them or create simple variations, such as changing a single letter or number,” Valancius stressed. “This practice creates significant vulnerabilities — if one of these accounts is breached, all other accounts sharing the same or a similar password become compromised.”

Still, he expects at least a little backlash, because humans are “creatures of habit”, and old habits die hard. Such people can find comfort in alternative, third-party password managers, which still allow users to log in using a master password. “But personally I think a push toward passwordless authentication is a positive development,” he stressed.

Passwords have long been considered one of the weakest links in the cybersecurity chain, mostly because people can’t be bothered to create, and safely store, strong ones. Instead, they end up using simple, easy-to-guess passwords across a wide range of services, risking losing access to numerous services in one fell swoop.