microsoft has removed the Custom Primary Password (Master Password) feature from Microsoft Edge starting June 4, 2026. Users who previously enabled the feature will now be required to use device-based authentication methods to access their saved passwords.
This includes options like Windows Hello with PIN, fingerprint or facial recognition, or the device’s standard OS sign-in. The change was first introduced with the release of Edge version 145 and aligns with Microsoft’s broader shift toward passwordless authentication.
This change also includes the announced removal of SMS two-factor authentication for personal Microsoft accounts last month.
What changed in Microsoft Edge and why the custom master password was removed
The Custom Master Password feature allowed users to set a master password to protect access to their saved passwords in Edge. Microsoft replaced this with device-based authentication, so access now depends on the sign-in method used to secure the device.
Microsoft announced: “On June 4, the custom master password will be removed completely for users who opted in. After this date, Microsoft Edge will automatically use device-based authentication, such as Windows Hello, device password, or operating system-level authentication, to protect saved passwords.”
Microsoft explains that Windows Hello offers a higher level of security compared to a custom master password. While a master password can be compromised if a third party discovers it, granting access to all saved credentials, device-based authentication relies on hardware-level biometrics or a device PIN that cannot be accessed remotely. Windows Hello also does not transmit authentication data to the cloud.
Windows Hello limitations and what Edge users should do now
The Windows Hello facial recognition feature has a known limitation introduced in 2025, requiring both an infrared sensor and a webcam that can see the user’s face to log in. In low light or dark conditions, this may prevent authentication from working.
Microsoft confirmed that this change was intentional and not a bug. Users who cannot use facial recognition can rely on fingerprint or device PIN authentication within Windows Hello.
Users who relied on the custom master password in Edge no longer need to manage a separate master password. Passwords saved in Edge are now protected by the same authentication used to secure the device.
Those who prefer a stronger separation between their browser’s password vault and their operating system’s login might consider a dedicated third-party password manager.
These administrators store credentials within an encrypted vault that is separate from device authentication. This change does not affect passwords already saved in Edge. Existing credentials remain accessible through the new device-based authentication method.
