TL;DR
- Saved Passwords: Microsoft Edge now uses device authentication to protect saved passwords after retiring Custom Primary Password for opted-in users.
- Windows Hello: Windows Hello shifts the unlock check to a local PIN, fingerprint, face scan, or device password.
- Passwordless Push: Microsoft is also moving account recovery from SMS toward passkeys, verified email, and passwordless flows.
- User Impact: Users get fewer browser-level secrets to remember, but local hardware and fallback prompts become more important.
Microsoft planned June 4 as the end of Edge’s Custom Primary Password for opted-in users, replacing the browser-level unlock with device authentication such as a PIN, fingerprint, or face recognition. The Edge notice says the browser now uses device-based authentication, a device password, or another operating-system prompt to protect stored credentials.
For Edge users, the change removes one reusable secret that could guard many saved logins. It also moves the unlock decision closer to the Windows device, where a local prompt decides whether the browser should expose account details.
What Edge Users Now Use Instead
Windows Hello is Microsoft’s local sign-in system for Windows devices. It lets users sign in with biometric data or a PIN instead of typing a traditional password each time, making the same device-level check the practical replacement for Edge’s retired browser unlock.
Local authentication changes the risk model. If an attacker reaches the browser, a stolen or guessed master password can unlock a saved-password vault. Windows Hello instead relies on key-based authentication tied to the device, reducing dependence on a symmetric password secret that can be phished from a user or stolen from a server.
Device-bound checks make the PC itself more important. Windows Hello stores biometric data locally, but saved-password access still depends on a working machine, available hardware, and a successful prompt. Microsoft has used the same model in device-bound passkeys, where Windows Hello methods unlock phishing-resistant credentials.
Facial sign-in adds a hardware constraint. Windows Hello face recognition relies on special infrared cameras designed to distinguish a living person from a photo or scan. Some setups may require infrared sensors and a webcam that can see the user, so Edge’s fallback path depends on a PIN, fingerprint reader, device password, or another OS-level check when the camera path is unavailable.
Microsoft’s identity products already use the same device-bound idea. Microsoft now uses Entra passkey on Windows as a way to store device-bound passkeys in the local Windows Hello container on personal or unmanaged Windows devices. That matters because Edge’s password-manager change does not make passwords disappear; it changes where the saved-password store asks the user or device to prove local control.
How It Fits Microsoft’s Passwordless Push
Edge’s password-manager change fits the same passwordless pattern as Microsoft’s May personal-account SMS phaseout. That earlier shift began moving sign-in and recovery away from text-message codes, but Microsoft had not set a final cutoff date. For Edge, the comparable change is narrower: saved passwords remain in the browser, but Custom Primary Password stops being the reusable secret that unlocks them.
Edge already had adjacent passwordless work through passkey sync, but the Custom Primary Password cutoff changes the unlock model for saved browser passwords themselves. For Edge, the broader shift makes the password manager another place where Microsoft is asking the device to carry more of the trust decision.
Microsoft also says passkey adoption spans OneDrive, Xbox, Copilot, and other services, with hundreds of millions of users signing in with passkeys every day. In that model, a passkey replaces a reusable secret with a private key stored on the user’s device and unlocked locally, matching the Windows Hello logic behind Edge’s saved-password shift.
Edge has tightened saved-password handling in other ways as well. A Microsoft browser-security change means Edge no longer loads saved passwords into process memory at startup, after a researcher disclosed cleartext exposure in a scenario where an attacker already controlled the user’s device. That fix has a different threat model, but it points to the same goal: credentials should be harder to expose before a user or device check succeeds.
For everyday users, the replacement lowers browser-level secrets to remember but raises the importance of local reliability. Edge’s saved-password unlock now depends on a working Windows Hello, device-password, or OS-level authentication path when biometrics or camera hardware fail.
