Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.

With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password generator that allows them to easily set up new passwords when signing up for new accounts or when changing the old passwords.

A browser-suggested password drop down will be displayed in the password field to help users automatically save the credentials to the browser and have then synced across multiple devices.

Microsoft Edge also alerts users when any of the saved passwords has appeared in a list of leaked credentials, and allows users to edit their saved passwords directly in Microsoft Edge Settings.

“User passwords are checked against a repository of known-breached credentials and sends the user an alert if a match is found. To ensure security and privacy, user passwords are hashed and encrypted when they’re checked against the database of leaked credentials,” Microsoft explains.

The updated Edge browser also attempts to automatically upgrade any content that is served over an unencrypted connection when the page is loaded over HTTPS. Images that can’t be retrieved over HTTPS won’t be loaded.

Microsoft Edge 88 also makes management of site permissions easier than before, by allows users to view permissions by site, but also by recent activity. Furthermore, the new browser version allows users to delete third party cookies, with the operation having no impact on first party cookies.

With the new browser release, Microsoft makes Single Sign On (SSO) available on down-level Windows for Microsoft Account (MSA) and Azure Active Directory (Azure AD) accounts. Users will be automatically signed into websites that allow SSO with Work and Microsoft accounts.

Advertisement. Scroll to continue reading.

Support for the FTP protocol has been removed from Microsoft Edge. Thus, should the user attempt to open a FTP link in the browser, they will be prompted to choose an external application than can handle the FTP link.

“Alternatively, IT administrators can configure Microsoft Edge to use IE Mode for sites that rely on the FTP protocol,” Microsoft explains.

Around for nearly five decades, FTP is using a client-server architecture to allow for file transfers between computers. Considered insecure, however, it has been replaced with SFTP (SSH File Transfer Protocol).

Support for Adobe Flash is also being removed from Microsoft Edge, a move that started in the beta version of Edge 88. The move is not surprising, not only because Adobe themselves have dropped support for the plugin, but also because Google removed it from Chrome, and Microsoft Edge is based on Chromium.

Related: Chrome 88 Drops Flash, Patches Critical Vulnerability

Related: Chrome, Edge and Firefox May Leak Information on Installed Apps

Related: Millions of Users Downloaded 28 Malicious Chrome and Edge Extensions

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Former Barclay’s CISO Oliver Newbury has joined ransomware protection firm Halcyon as a strategic advisor

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.