Hi, Let’s discussHow to Delete Undecryptable Passwords in MS Edge using Intune Policy. This policy gives IT administrators control over how the browser handles corrupted or unreadable saved passwords. Since Edge is most used in organizations, ensuring a smooth and reliable password management experience is very important.
When passwords in the built-in manager become undecryptable, the password manager cannot function properly. Users may see that saved passwords are not working, or that certain sites cannot be auto-filled. This is where the policy becomes useful, as it allows administrators to decide whether these broken entries should be removed automatically.
By enabling the policy, Edge will delete any undecryptable passwords from the database. This immediately restores the normal functionality of the password manager. While this does result in permanent loss of those unreadable entries, it ensures that the user experience remains smooth for all working passwords that are still intact.
If the policy is disabled, Edge behaves the same way as if it were enabled. This means that undecryptable passwords will still be deleted, and the manager will continue functioning normally with the remaining valid entries. This default setting helps reduce confusion and ensures a consistent experience.
Table of Contents
Why Organizations would Enable this Policy?
Enabling this policy or leaving it unset means that users with undecryptable passwords saved to the built-in password manager will lose them. Passwords that are still in a working state will remain untouched.
How to Delete Undecryptable Passwords in MS Edge using Intune Policy
Earlier, we discussed various aspects of the Deleting Undecryptable Passwords in MS Edge Policy. Now, let’s look at how to deploy this policy using the Microsoft Intune Admin Center. To begin, sign in to the Microsoft Intune Admin Center and navigate to the Devices section. Under Devices, go to Configuration, and click on the + Create option to set up a new profile.
- In the setup window, select Windows 10 and later as the platform and choose Settings catalog as the profile type.
- Once these options are selected, click on Create to continue with the policy configuration.
- How to Configure Microsoft Edge Favorites using Intune Configuration Profile Step-by-Step Guide
- Microsoft Edge Tabs Detailed Review
- Enable Fast First Sign In Policy under Authentication in Intune Settings Catalog
Example Scenario
You know when the organizations start enabling this policy,If the password manager has corrupted or undecryptable entries, it can stop working correctly. Enabling this policy ensures that all working passwords remain usable while broken ones are removed.
- For example when it enabled in organizations, an organization with 1000 of employees relies on Edge’s built-in password manager for internal and SaaS logins. Some users report login autofill not working. Investigation shows corrupted/undecryptable password entries. By enabling this policy through Intune, IT restores full functionality for all staff at once.
- Users lose only the broken entries but regain a fully working manager across devices.
How to Add Basic Details
This is very important step, because this section gives the policy to be identified through a name. Here you have to give an appropriate name and description. Also, the platform is set as Windows, and it is set by default.
How to Configure Settings Picker
The next step is configuration settings. in the configuration settings allowing the setting picker facility for policy creation to get the Settings picker you have to go to the Add Setting option in the configuration setting page and now yyou will get the settings picker Window.
Here, you have to select the category as Password manager and protection, here you have to select the Deleting Undecryptable Passwords in MS Edge policy. Then close the settings picker window.
Policy Disabled by Default
After selecting the Deleting Undecryptable Passwords in MS Edge policy option, you will be directed to the Configuration settings main page. Here, you will notice that the policy is disabled by default. If you wish to proceed without making changes, simply click Next.
Enable the Policy
If you want to enable the policy, you can easily do that for that. You have to toggle the Pan left to the right then, it turns to be blue color and its labelled. Now enabled, then click on the next to continue with the procedure.
What are Scope Tags in a Policy
The next step is Scope tags, which help you organize and manage access to the policy, such as for the department or location. This section is optional, so if you don’t want to apply the Scope tags, just click Next to continue.
Know Assignments
Assignment is another important step you need to complete, just like Configuration settings. In this step, you have to decide which group you want to deploy the policy to. First, click on Add groups under the Include groups section, and select the group to which you want to apply the policy. Then, click Next to continue.
What is Review + Create Tab
Review + Create is the final step in the Deleting Undecryptable Passwords in MS Edge policy creation process. You will reach this section after completing the Assignment step. This section acts like a summary page, showing all the steps, you have previously completed. If you notice any mistakes, this is your final chance to edit them. If everything looks correct, click on the Create button.
Device and user Check in Status
After creating the policy, the next step is to check if it was applied successfully. Always remember that it can take up to 8 hours for the policy to be fully deployed. If you’ve synced the policy through the Company Portal, you can check its status easily. Just go to Devices > Configuration, then search for the name of your policy in the list.
- Click on the policy to see the Device check-in status for both devices and users.
- In the screenshot below, you’ll see it says “Succeeded: 2” this means the policy was deployed successfully.
Monitoring Status
You can check the confirmation in the Event Viewer. To do this, open Event Viewer and look for Event ID 813 or 814. Go to: Applications and Services Logs > Microsoft > Windows > Device Management Enterprise Diagnostic Provider > Admin. This is the final confirmation that you can check.
How to Delete a Policy that You Created
If you want to delete Undecryptable Passwords in MS Edge Policy that you created, you can easily do that. First go to the Device Configuration then search the policy name and now you get the policy here click on the 3-dot menu of the policy then clicks on the Delete and the policy Deleted permanently.
How To Remove Assigned Groups
If you want to remove any group from your policy after the policy creation you can easily do that. First go to the Device Configuration then search the policy name and now you get the policy monitoring status page. Here you have to scroll down, and you will get the Assignment section there you will get an edit option.
- In the Assignment page you can see the Remove Option Click on that for removing the Policy.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc.