1. Home
  2. Disable Browser Password Saving via Endpoint Manager (Intune)
Searching...

Disable Browser Password Saving via Endpoint Manager (Intune)

Contents

Purpose

This article explains how to prevent browser from remembering credentials via Microsoft Intune.

Prerequisites

  • Microsoft 365 Account with Global Administrator or Intune Administrator role

  • Microsoft Intune Plan 1 license or a comparable Microsoft 365 plan that includes Intune capabilities, such as Microsoft 365 E3, E5, or Business Premium, is required. Note that Microsoft Entra ID Plan 1 does not include Intune capabilities.

Instructions

  1. Sign in to the Microsoft Intune Admin Center
  2. In the left menu, click on Devices and then click on Configuration under Manage devices

  3. On the Policy tab, click Create and select New Policy
  4. Continue with the steps below for each required browser. You’ll need to create a separate policy or profile for every browser you intend to block.
Microsoft Edge

  1. Configure the following and click Create. Platform “Windows 10 and Later”, Profile Type “Templates”, Template name “Administrative Templates”.
  2. Name the Profile “Block Password Saving Microsoft Edge” and click Next.
  3. In the search box type “Enable saving passwords to the password manager” then select the one that does not include “users can override” the click Next.
  4. Chose Disabled and Click Ok.
  5.  In the search box type “Disable synchronization of data using Microsoft sync services” then select the one that does not include “users can override” the click Next.
  6. Chose Enabled and Click Ok.
  7. Click Next.
  8. Leave scope as Default and click Next.
  9. Select All Users and All Devices (You may use custom groups as well). Click Next.
  10. Confirm the configuration and click Next.
  11. The policy will now deploy out to devices when they next check-in.
  12. Continue below for Chrome and Firefox Polices.

Google Chrome

  1. Click Create Profile
  2. Configure the following and click Create. Platform “Windows 10 and Later“, Profile Type “Settings catalog
  3. Name and Description “Block Password Saving Google Chrome” and click Next
  4. Click “Add settings”
  5. Type “google” in “Search” and select “Administrative Templates\ Google\ Google Chrome\ Password manager“. Then tick the box “Enable saving passwords to the password manager”
  6. Make sure that the policy is set to “Disabled” as it showed in the screenshot below and click “Next“.
  7. Click “Add all users” under Included groups to deploy the policy to all users.
  8. Click “Next” and “Create” to finish
  9. Continue below for Firefox Polices.

Mozilla Firefox

  1. Download FireFox Polices from: https://github.com/mozilla/policy-templates/releases
  2. Under Assets, Click policy_templates.zip to Download.
  3. Unzip/Extract the downloaded Zip File.
  4. Open the extracted folder and Go to policy_templates_v3.0\windows and look for firefox.admx
  5. Right Click on FireFox.admx and click Open with.
  6. Chose Notepad and unselect Always Use and click Ok.
  7. Ctrl+A to select everything and Right-Click and Copy. This will be needed in step 11
  8. Back in End Point Manage. Click Create Profile.
  9. Configure the following and click Create. Platform “Windows 10 and Later”, Profile Type “Templates”, Template name “Custom”.
  10. Name and Description “Block Password Saving Mozilla FireFox” and click Next.
  11. Click Add.
  12. Configure the following and click Save. Name: “FireFox ADMX ” OMA-URI: “./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Firefox/Policy/FirefoxAdmx” Datatype: “String” Value: “Contents of Step 7” then click Save.
  13. Click Add again.
  14. Configure the following and click Save. Name: “PasswordManagerEnabled” OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PasswordManagerEnabled” Datatype: “String” Value: “<disabled/>” then click Save.
  15. Click Add again.
  16. Configure the following and click Save. Name: “DisbaleFireFoxAccounts” OMA-URI: “./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableFirefoxAccounts” Datatype: “String” Value: “<enabled/>” then click Save.
  17. Click Add again
  18. Configure the following and click Save. Name: “OfferToSaveLogins” OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OfferToSaveLogins Datatype: “String” Value: “<disabled/>” then click Save.
  19. Click Next.
  20. Select All Users and All Devices (You may use custom groups as well). Click Next
  21. Confirm the configuration and click Next.
  22. The policy will now deploy out to devices when they next check-in.
  23. Finished

Updated on June 16, 2025
Tagged:
Need Support?
Can't find the answer you're looking for?
Contact Support