To help make your overall user experience better and more productive, web browsers collect and store personal information about you and your internet activity. Microsoft Edge is no exception. However, many users do not realize just how much private, personal and sensitive information is being collected and stored.
SEE: Follow these best practices from TechRepublic Premium to minimize security risks.
Assuming all of that personal data is safe or otherwise protected is problematic and could be dangerous on many levels. In Microsoft Edge, users can view and assess the personal data collected through configuration screens located deep within the settings menu. And, if you regularly log onto your personal computer using a Microsoft account with syncing enabled, you may be surprised by the type and amount of stored data you will find.
Determine exactly what personal information Microsoft Edge knows about you
To view the personal data stored by Microsoft Edge, we must navigate to the web browser’s settings menu. Open Edge to any website, and click the ellipsis icon in the upper right corner (Figure A). From the context menu, select the Settings item.
The resulting Settings tab should default to the Profiles page (Figure B), which is where we want to be.
From the list of configuration items available on the Profiles page, we will first select Personal info (Figure C). Depending on how long you have been using Microsoft Edge, especially if you are using the syncing feature that shares data across all your Microsoft account-related computers, the list of stored personal information on this page could be extensive.
For our example computer, there are dozens of names, addresses, email addresses, phone numbers and account numbers stored by Microsoft Edge. Some of this data is outdated, some is wrong and some is probably too sensitive to be stored so visibly. Pruning this data down to just the essentials would be the best thing to do.
To maintain the minimum amount of personal data and prevent additional data from being collected and stored, turn off the two settings at the top of the page.
SEE: Here’s how to remove specific cookies from Microsoft Edge.
Also, if you scroll down the page, you will see a section labeled Custom info. That section should also be pruned for any unwanted personal data. In our example, Edge has saved someone’s bank account information (Figure D). It is not mine; regardless, it should not have been saved, and I don’t know why or when it was.
When you are finished with your pruning process, navigate back to the Profiles page, and click the Passwords item in the list. The top section of the Passwords configuration screen displays your settings (Figure E). The most secure thing to do would be to turn off the first three settings, so no passwords are ever saved by Edge.
Scroll down the page to reveal which passwords Edge has saved for you (Figure F). Again, depending on how long you have been using Edge and the syncing feature for Microsoft account-related computers, the list of stored passwords on this page could be extensive.
For our example computer, you can see that many of the saved passwords are outdated and useless. Some of those old passwords are now being reused for current systems, which increases the likelihood that they will be stolen and used inappropriately with malicious intent.
If you want to use Edge to store passwords, you should periodically remove old and unnecessary passwords from the list. This is an important maintenance task that should not be ignored. On the other hand, if that maintenance is not something you wish to regularly implement, you should not allow Edge to save your passwords.
SEE: Learn more about password managers with this cheat sheet from TechRepublic.
Scrolling further down the Passwords settings page, you will see a list, possibly quite long, of websites designated to be off-limits for saved passwords. If you have granted Edge permission to offer a chance to save a password for a website and said no or never when asked, it will be listed here.
When you have completed your pruning maintenance of the collected and stored personal data in Microsoft Edge, you can close the Settings tab and return to normal web browsing.
Secure your personal data
Depending on the settings you chose for personal info collection, you should always be aware of what sensitive personal data is being collected and stored by Microsoft Edge and perform periodic maintenance on that data to keep it secure and under control.
Combining the maintenance of saved passwords with the maintenance of websites you have designated as never safe for password saving is the only way collecting and storing this sensitive personal data in Microsoft Edge should be allowed. If you will not commit to that level of engagement, it would be best to turn off all password saving in Edge.
Subscribe to the Cybersecurity Insider Newsletter
Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered Tuesdays and Thursdays