How Does the Microsoft Edge Password Monitor Work?

Find out about potential breaches and change your passwords

The Microsoft Edge Password Monitor is a feature of the Edge browser that monitors your stored passwords for vulnerability from data breaches. If you opt-in, the Password Monitor will regularly check your stored passwords against data from known data breaches and let you know if you’re in danger.

Why Should You Opt-in to Edge Password Monitor?

Creating, maintaining, and regularly changing strong passwords are the most important keys to online security. Microsoft Edge helps in this area by providing a strong password generator, and using strong passwords helps protect you from attack vectors like brute force hacking. The problem is that even the most robust password is vulnerable if a third-party data breach compromises your data.

If any of your passwords are found in third-party data breaches, the Microsoft Edge Password Monitor alerts you immediately. You can then take the necessary precautionary measure of changing those passwords before anyone can use them to hijack the corresponding account.

How to Opt-in to Microsoft Edge Password Monitor

Edge includes the Password Monitor feature, but it isn’t on by default. To opt-in and start using this feature, make sure that Edge is up to date, and then follow these instructions:

  1. Open Edge, and click the menu button (three horizontal dots) in the upper right corner.

    The system menu of Microsoft Edge.
  2. Click Settings.

    Settings highlighted in the main menu of Microsoft Edge.
  3. Click Passwords.

    The Microsoft Edge main settings page with the Passwords button highlighted.
  4. Click the toggle to the right of Show alerts when passwords are found in an online leak.

    Enabling the password monitor in Microsoft Edge.

    When active, the toggle will be colored blue and switched to the right. If it's gray and switched to the left, that means it's off.

How to Use the Microsoft Edge Password Monitor

Once you have successfully enabled the Password Monitor, it will run in the background without any additional input. It will periodically scan for compromised passwords and alert you if any are detected. You can check for leaked passwords at any time by returning to the passwords settings page in Edge.

  1. Open Edge, and navigate to Settings > Passwords, or just enter edge://settings/passwords in the URL bar.

  2. Click the red or blue banner to access the Password Monitor.

    How to access the password monitor in Microsoft Edge.

    If Password Monitor has found any leaked passwords, this page will have a red banner with an alert. If the last scan didn’t find any leaked passwords, this page will have a blue banner. In either case, clicking the banner opens the password monitor.

  3. The Password Monitor will list leaked passwords if it has found any. If it hasn’t, you can click Scan now to search for leaked passwords.

    The password monitor's scan button in Microsoft Edge.
  4. Wait for the scan to finish.

    Running a password monitor scan in Microsoft Edge.
  5. If Password Monitor finds any leaked passwords, click Change.

    The change password buttons in the Microsoft Edge password monitor.
  6. Edge will redirect you to the website where your password has been compromised.

How Does Edge Password Monitor Work?

Password Monitor scans lists of compromised accounts and passwords and alerts you when it finds your information contained in any public leak. It doesn't, however, assist you in actually changing passwords.

When you click the change button next to a compromised account in Password Monitor, Edge loads the corresponding webpage for you. In some cases, Password Monitor can send you directly to the account or password change page on the website where your credentials have been compromised. In other cases, it simply loads the home page of the relevant website, and you have to find the account page yourself.

If you can’t figure out how to change your password on a site that Password Monitor has identified as compromised, your best option is to contact that website's administrator. They will be able to help you with the specific procedure to change your password.

When you change a compromised password, don't replace it with a password you've used elsewhere in the past. Consider using Microsoft Edge's password generator feature that works well with the built-in password manager.

Was this page helpful?