Purpose
This article explains how to disable 3rd party password managers via Microsoft Endpoint Manager (Intune).
Prerequisites
- Office 365 Global Administrator
- Endpoint Manager Licensed and Deployed
Instructions – Create Policy
- Login to Office 365 Admin Center. https://admin.microsoft.com/Adminportal
- Go to Endpoint Manager.
- Click on Devices.
- Go to Configuration Profiles.
- Click on Create Profile.
- Continue below for the browsers required. You will need to create a Profile for each browser you want to block password managers on.
Microsoft Edge
- Configure the following and click Create. Platform “Windows 10 and Later”, Profile Type “Templates”, Template name “Administrative Templates”.
- Name the Profile “Microsoft Edge Block Unwanted Extensions” and click Next.
- In the search box type Control which extensions cannot be installed, select the setting then click Next.
- Chose Enabled, list the extension IDs you want to block then select Ok. List of common Edge Password Manager IDs below.Bitwarden: jbkfoedolllekgbhcbcoahefnbanhhlh
1Password: dppgmdbiimibapkepcbdbmkaabgiofem
Dashlane: gehmmocbbkpblljhkekmfhjpfbkclbph
OneLogin: mpnjdddkcbccdhgahjdcjppglaecajdj
Okta: ncoafaeidnkeafiehpkfoeklhajkpgij
Keeper: lfochlioelphaglamdcakfjemolpichk
Keeper: mpfckamfocjknfipmpjdkkebpnieooca
LastPass: bbcinlkgjjkejfdpemiealijmmooekmpKeeper has published 2 extensions in the Edge Store, requiring both of the above IDs to be used when blocking the extension.
- Click Next.
- Leave scope as Default and click Next.
- Select All Users and All Devices (You may use custom groups as well). Click Next.
- Confirm the configuration and click Next.
- The policy will now deploy out to devices when they next check-in.
Google Chrome
- Configure the following and click Create. Platform “Windows 10 and Later“, Profile Type “Settings catalog“
- Name and Description Google Chrome Block Unwanted Extensions and click Next
- In the search box type Configure extension installation blocklist, select the setting then click Next.
- Chose Enabled, list the extension IDs you want to block then select Ok. List of common Chrome Password Manager IDs below.
Bitwarden: nngceckbapebfimnlniiiahkandclblb
1Password: aeblfdkhhhdcdjpifhhbdiojplfjncoa
Dashlane: fdjamakpfbbddfjaooikfcpapjohcfmg
OneLogin: ioalpmibngobedobkmbhgmadaphocjdn
Okta: glnpjglilkicbckjpbgcfkogebgllemb
Keeper: bfogiafebfohielmmehodmfbbebbbpei
LastPass: hdokiejnpimakedhajhdlcegeplioahd - Click Next.
- Leave scope as Default and click Next.
- Select All Users and All Devices (You may use custom groups as well). Click Next.
- Confirm the configuration and click Next.
- The policy will now deploy out to devices when they next check-in.