Security researcher Tom Joran Sonstebyseter Ronning he found that Microsoft Edge stores passwords in plain text in RAM. After creating a password and saving it using Edge's password manager, Ronning found that he could dump the RAM and recover his password, which was stored in plain text. 
Part of the problem is that Edge loads all passwords for all websites only after a single authentication check, even if the user doesn’t visit a specific website. This is very different from Chrome, which loads passwords for only specific websites when prompted for the website’s password. Also, Chrome clears the password from memory once the password is entered. Edge doesn’t clear passwords from memory once they’re used.
Microsoft downplayed the risk, stating that access would require a malware scan of a user's computer:
"Accessing browser data, as described in the reported scenario, would require the device to have already been compromised," Microsoft said.
Ronning countered that it was possible to delete passwords for multiple users by using administrator privileges for one user to view passwords from other logged in users.
"Behavior by design choices in this area include balancing performance, usability, and security, and we continue to review it against evolving threats," Microsoft said.
“Browsers access password data stored in memory to help users log in quickly and securely – this is an expected feature of the application. We recommend that users install the latest security updates and antivirus software to help protect against security threats.”
Although the press releases will range from very select to rare, I said I'd pass...because sometimes the editors hide.
