A non-administrative user should not have access to browser memory dump path (Windows -- C:\Users\<windows user>\AppData\Local\Temp) on the server. This will prevent any malicious user or software from scanning the passwords from the browser memory dumps