Podcast Summary: Hands-On Windows 178 – Microsoft’s Password Manager

Host: Paul Thurrott
Guest Host/Segment: Leo Laporte
Date: February 26, 2026
Podcast: All TWiT.tv Shows (Audio)
Episode Title: Microsoft’s Password Manager

Overview

In this episode of Hands-On Windows, Paul Thurrott continues his deep-dive into password management on Windows 11, focusing specifically on Microsoft’s native solution—the Microsoft Password Manager. He examines its features, limitations, and how it compares to third-party tools, providing practical insights and guidance for users contemplating a move to Microsoft’s built-in ecosystem.

Key Discussion Points & Insights

Introduction & Recap (00:00–01:30)

• Context of the Episode: This is part two of a series on password managers in Windows 11.
  • Last week’s episode: Covered basics of password managers and moving between providers.
  • This week’s focus: Microsoft's builtin solution, especially as integrated into Microsoft Edge.
• Initial Clarification:
  • Windows 11 does not have a standalone password manager; instead, it manages "passkeys" natively and traditional passwords via Edge.
  • Quote:
    "Windows 11 itself, the actual operating system, does not have built in password management capabilities. You may remember that it does have built in passkey management capabilities..." — Paul Thurrott (00:31)

Microsoft Password Manager Deep Dive (01:31–06:06)

• It’s All in Edge:
  • Microsoft Password Manager is accessed via Microsoft Edge (like Chrome's manager).
  • Edge manages passwords, autofill, payment methods, and addresses.
  • Personal Note: Paul typically disables these features in Edge, preferring third-party solutions, but re-enabled them for demonstration purposes.
  • Saving Passwords:
    • Passwords are stored locally for passkeys—making them less portable versus some competitors.
• Security Recommendation:
  • If you opt out of Microsoft’s manager, fully disable autofill in Edge to avoid accidental use.

Feature Walkthrough & Limitations (06:06–12:31)

• Cross-Device Availability:

  • For a seamless experience, users need Edge installed on all devices, including phones/tablets, and must enable Edge as their autofill provider.
  • Microsoft Password Manager does not integrate with Chrome, Safari, etc. on mobile—locked to Edge.
  • Quote:
    "You could not, I should say, use Chrome on mobile or Safari on mobile with the Microsoft Password Manager. Right. You have to actually use Edge." — Paul Thurrott (06:29)

• Basic Autofill & Creation:

  • Autofill works for saved passwords but does not generate strong passwords during account creation—a significant feature gap compared to third-party managers.
  • Demo Example: Attempting to create a Spotify account shows how Edge autofills existing passwords but doesn’t offer to generate a new one.
  • Quote:
    "What it's not doing and what most third party password managers do is provide a complex password for you." — Paul Thurrott (07:57)
  • Users must create their own strong passwords to store in Edge.

• Password Checkup Features:

  • Can identify reused/weak passwords and offers a "change" link, taking you directly to the relevant site to update your password (a feature even some third-party managers lack).
  • Quote:
    "The thing I really like about this though is that it has this change link and that's actually something you don't see in Proton Pass." — Paul Thurrott (09:08)

• What’s Missing:

  • No dark web monitoring or alerts for password breaches (unlike top third-party tools).
  • No explicit 2FA or passkey status notifications for saved logins.

• Additional Autofill Features:

  • Manages payment methods and addresses, competitive with Chrome in this regard.

Comparisons & Recommendations (11:10–12:31)

• Comparison to Third-Party Managers:
  • Lacks advanced security features found in Bitwarden, Proton Pass, and other dedicated tools.
  • Usability and security trade-offs are notable.
  • Paul’s Advice:
    "It's not honestly horrible, but it's not as good as third party solutions like we see from Bitwarden and Proton Pass so strongly recommend going in that route." — Paul Thurrott (12:04)
• Final Thought:
  • For users embedded in Microsoft’s ecosystem, it’s “serviceable,” but better solutions are available if you want top security and convenience.

Notable Quotes & Memorable Moments

• On Edge’s Password Management:
  "Normally I disable all this. If you're going to not use this but still use Edge, you should go into all three of these and turn off all the options related to auto filling your information." — Paul Thurrott (01:58)
• On Lack of Password Generation:
  "This is where the Microsoft Password Manager falls short. ...most third party password managers do is provide a complex password for you. ...And that to me is, you know, one of those, one of those big problems." — Paul Thurrott (08:03)
• On Change-Password Convenience:
  "The thing I really like about this though is that it has this change link ... that's actually a pretty useful feature and so if you were using this and you wanted to move to a different password manager, it might be worth going through this first and just using it for that." — Paul Thurrott (09:08)
• On Overall Assessment:
  "It's, it's on the basics on the basic side, it's, it's not honestly horrible, but it's not as good as ...third party solutions like we see from Bitwarden and Proton Pass." — Paul Thurrott (12:06)

Timestamps for Important Segments

• Windows 11 and Password Management Overview: 00:00–01:30
• Edge Setup and Disabling Autofill: 01:31–02:40
• Break for Advertisement (Skipped)
• Cross-Device Password Management & Edge Feature Demo: 06:06–08:33
• Password Generation & Limitations: 08:34–09:20
• Reused/Weak Password Detection & “Change” Feature: 09:21–10:50
• Autofill for Payments and Addresses: 10:51–11:30
• Final Recommendation and Wrap-Up: 11:31–12:31

Summary

Paul Thurrott provides a clear-eyed critique of Microsoft’s Password Manager—praising some functional basics (autofill, payment/address management, reused password identification, and the “change” shortcut), but ultimately cautioning that it falls short of third-party options in terms of security depth and password generation. The episode is especially valuable for users exclusively within the Microsoft ecosystem, but Paul’s advice is clear: if you want robust, cross-platform password management, look elsewhere.