Microsoft's new Password Monitor feature coming in Edge browser update
Microsoft is rolling out the stable build (version 88) of its Chromium based Edge browser. The new features in this update include a Password Generator and Password Monitor. Both features have existed on rival Google Chrome and Mozilla Firefox browsers for a while, and Edge is essentially playing catch up. However, Microsoft has the advantage of using the new and improved homomorphic encryption service.
A password manager collects your saved passwords at a single place, while a password monitor alerts you if your passwords have been compromised due to data leaks and security breaches. This is a useful feature to have if you reuse passwords on different platforms. Data leaks are commonplace as weak and stolen credentials are the leading cause of security breaches these days.
Microsoft's use of the relatively new homomorphic encryption ensures no one at Microsoft, or anyone else, can access your credentials. The technology allows Microsoft's systems to identify your data and query it in a frequently updated database of leaks, without needing to decrypt it first. Microsoft also uses an Oblivious Pseudo-Random Function (OPRF) safeguarding the password database from dictionary and brute force attacks.
The encryption was developed in a collaborative effort between the Cryptography and Privacy Research Group and Edge product team. Microsoft's SEAL library was modified to allow support for low-end devices as well, so nearly every user can take advantage of the new Password Monitor. The feature is also accessible by Edge users across ARM as well as x86 systems.
With version 88 of the Edge browser, users can also use the Password Generator tool to generate a random yet secure character sequence. The generated password will meet the requirements for a strong password. Users will be prompted to use this feature whenever they sign up to a new website or change an existing password.