Microsoft is poised to release several substantial security updates to version 88 of its Edge browser, including a long-awaited password generator and monitor.
Edge 88 is rolling out now, according to Microsoft, though the new Password Monitor feature may take a couple of weeks to demonstrate any real results, the company said in a blog post on Thursday morning.
From a user’s perspective, Microsoft’s automated complex password generator is one of the biggest competive weaknesses the browser faced. Google’s Chrome has offered this feature for over a year. When you're using Chrome and you sign up for a new web service and enter a user name, the browser offers to generate a new, complex password and store it for future use. Now Edge does the same, generating the password according to the site’s rules, storing it and syncing it across your browsers. (According to Kyle Pflug, an Edge program manager, the password generator works only on the desktop version of Edge.)
Microsoft has also added a Password Monitor service, which acts as the name suggests: Quietly, in the background, Microsoft’s security team keeps an eye on password breaches and other leaks, and will warn you if your password leaks. Ideally, of course, the password generator’s creation of a unique, complex password means that any leak will simply affect that one site. You’ll start seeing results in a couple of weeks, Microsoft said.
Edge 88 also contains a few more granular security enhancements. While you can already manage your device permissions via the Settings menu—such as turning your mic off, for example—Edge now allows you to perform the same adjustments via the Edge settings, on a site-by-site basis. Cookie management has been fine-tuned to allow you to store cookies placed by the site itself, but not a third-party ad tracker. Microsoft has also taken the Strict ad-blocking setting it uses in Edge and applied it to the InPrivate mode.
Finally, Microsoft has added support for SecureDNS, which uses a secured channel to communicate with the site itself. “Secure DNS performs this lookup using a service over a HTTPS connection to the DNS service provider, which protects the lookups from modification or eavesdropping by attackers on the network,” Microsoft said. “By default, Microsoft Edge will automatically upgrade you to DNS-over-HTTPS if your current service provider supports it.”
There’s one small catch, of course: You’ll need a Microsoft account to make this all work. Windows 7, 8, or 10 is also required, or MacOS. (Password Monitor isn’t supported on Macs yet, unfortunately.) Still, being signed into a Microsoft account isn’t much different than signing into a Google account to take advantage of its password features.
Updated at 1:18 PM with additional detail.