Security Experts:

Connect with us

Hi, what are you looking for?


Application Security

Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.

With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password generator that allows them to easily set up new passwords when signing up for new accounts or when changing the old passwords.

A browser-suggested password drop down will be displayed in the password field to help users automatically save the credentials to the browser and have then synced across multiple devices.

Microsoft Edge also alerts users when any of the saved passwords has appeared in a list of leaked credentials, and allows users to edit their saved passwords directly in Microsoft Edge Settings.

“User passwords are checked against a repository of known-breached credentials and sends the user an alert if a match is found. To ensure security and privacy, user passwords are hashed and encrypted when they’re checked against the database of leaked credentials,” Microsoft explains.

The updated Edge browser also attempts to automatically upgrade any content that is served over an unencrypted connection when the page is loaded over HTTPS. Images that can’t be retrieved over HTTPS won’t be loaded.

Microsoft Edge 88 also makes management of site permissions easier than before, by allows users to view permissions by site, but also by recent activity. Furthermore, the new browser version allows users to delete third party cookies, with the operation having no impact on first party cookies.

With the new browser release, Microsoft makes Single Sign On (SSO) available on down-level Windows for Microsoft Account (MSA) and Azure Active Directory (Azure AD) accounts. Users will be automatically signed into websites that allow SSO with Work and Microsoft accounts.

Support for the FTP protocol has been removed from Microsoft Edge. Thus, should the user attempt to open a FTP link in the browser, they will be prompted to choose an external application than can handle the FTP link.

“Alternatively, IT administrators can configure Microsoft Edge to use IE Mode for sites that rely on the FTP protocol,” Microsoft explains.

Around for nearly five decades, FTP is using a client-server architecture to allow for file transfers between computers. Considered insecure, however, it has been replaced with SFTP (SSH File Transfer Protocol).

Support for Adobe Flash is also being removed from Microsoft Edge, a move that started in the beta version of Edge 88. The move is not surprising, not only because Adobe themselves have dropped support for the plugin, but also because Google removed it from Chrome, and Microsoft Edge is based on Chromium.

Related: Chrome 88 Drops Flash, Patches Critical Vulnerability

Related: Chrome, Edge and Firefox May Leak Information on Installed Apps

Related: Millions of Users Downloaded 28 Malicious Chrome and Edge Extensions

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...