Using an Intune policy, let’s learn how to Enable or Disable Password Prompt for Autofill in MS Edge Broswer. The present article aims to elucidate the process of Enabling Password prompts for Autofill in Microsoft Edge and deploying the configuration profiles to the Security group.
The Microsoft Edge browser is preinstalled on all Windows 11 devices. Microsoft Intune offers numerous policies designed to facilitate its management and security. Using Intune for policy management is similar to using Active Directory Group Policy or configuring local Group Policy Object (GPO) settings on user devices.
The significance of robust passwords cannot be overstated, as they serve as a barrier against unauthorized entry into accounts and devices, thus safeguarding sensitive data. We have already shared Four (4) Methods Disable or Enable Edge Browser Autofill Inputs.
Password autofill is a fantastic feature provided by Microsoft Edge and other browsers. It helps you avoid remembering complex passwords when accessing any website. This feature can save you time by automatically filling in your login information, payment details, and addresses when you visit a website or app.
Table of Contents
Advantage of Enabling Password Prompt for Autofill
Should I enable Password Prompt for Autofill in Microsoft Edge using Intune? Well, let’s discuss why you should Configures a setting that asks users to enter their device password while using password autofill in Microsoft Edge using Intune.
As per Microsoft, Edge stores your password encrypted on your hard disk. However, if someone with access to your workstation or server can sign into your accounts or websites using your stored passwords with autofill, this creates a vulnerable and insecure situation. Hence, Microsoft allows you to enable a setting that requires you to authenticate yourself using your device credentials before using the saved password to autofill for a website.
Upon enabling the Intune configuration setting that prompts users to input their device password when utilizing password autofill in MS Edge browser, it becomes necessary to enter the device password or custom credentials prior to the autofill process for saved passwords. This additional layer of security mitigates the risk of unauthorized access to autofill passwords without the requisite device password or custom credentials.
- Enable Disable MS Edge Browser Saving Passwords to Password Manager option using Intune
- How to Configure Microsoft Edge Favorites using Intune Configuration Profile Step-by-Step Guide
Enable or Disable Password Prompt for Autofill in the MS Edge Browser using Intune Policy
Let’s learn how to Configures a setting that asks users to enter their device password while using password autofill in Microsoft Edge using Intune. Make you have enough access to create the policy.
- Sign in to the Microsoft Intune Admin Portal with your credentials.
- Select Devices > Windows > Configuration Profiles > Create > New Policy.
When you click Create and New Policy, a new window will open. In Platform, select Windows 10 and later, Select Profile Type as Settings Catalog, and Click on Create.
| Platform | Profile Type |
|---|---|
| Windows 10 and later | Settings Catalog |
I will add the policy’s Name and Description to that Basic tab. It’s always recommended that you provide meaningful Names and Descriptions for the profile.
In the Configuration Settings section, under Settings Catalog, click Add Settings.
In the next tab, type “Configures a setting that asks users to enter their device password while using password autofill” in the search box and click Search. Select Microsoft Edge\Password manager and protection.
You could see multiple Configures a setting that asks users to enter their device password while using password autofill settings. You must select the second one if you would like to configure a custom password to autofill for a website. However, I will select the first option in this example as I’m not configuring any custom password to autofill for a website.
- Microsoft Edge Tabs Detailed Review
- Download Microsoft Edge ADMX Group Policy Templates
- Enable Edge Mini Menu Feature on Text Selection
NOTE! This group policy configures the radio button selector that enables this feature for users. It also has a frequency control where users can specify how often they would like to be prompted for authentication. If you set this policy to 'Automatically, disable this policy, or don't configure this policy, autofill will not have any authentication flow.' If you set this policy to 'With device password', then users will need to enter their device password (or preferred mode of authentication under Windows Hello if on Windows - PIN, face recognition or fingerprint and equivalent options on mac) to prove their identity, and only then will their password get auto-filled. Also, The frequency for authentication prompt would be set to 'Always' by default, however users can change it to the other option as well which is 'Once every browsing session'. Policy options mapping: * Automatically (0) = Automatically * WithDevicePassword (1) = With device password Use the preceding information when configuring this policy.
I will enable Configures a setting that asks users to enter their device password while using password autofill settings and select With device password. Upon enabling this settings when utilizing password autofill in Microsoft Edge, it becomes necessary to enter the device password prior to the autofill process for saved password.
Click Next to display the Scope tags page. Add the Scope tags if you wish and click Next to assign the policy to computers. I will deploy it to the HTMD – Test Computers device Group.
On the Review + Create page, carefully review all the settings you’ve defined to Enable Password Prompt for Autofill in Microsoft Edge using Intune. Select Create to implement the changes once you’ve confirmed everything is correct.
- Microsoft Edge Collections Feature Detailed Review
- Configure Edge Chromium Favorites Using Intune | Endpoint Manager
- Restrict Users from Importing MS Edge Browsing History with Intune
Monitor Configuration Profile Deployment in Microsoft Intune
The Configuration Profile is deployed to Microsoft Entra groups. Let’s see how we can monitor the deployment and installation status from the Intune portal. To monitor the Intune policy assignment, follow these steps:
- Navigate to the list of Configuration Profiles and select the policy you targeted.
- Check the device and user check-in status from here.
- If you click “View Report,” you can see additional details.
- Monitor Intune App Protection Policy Status
- Monitor Device Enrollment Profile Deployment Report in Intune
Event Log to Verify Intune Policy Deployment Status
To verify the successful implementation of String or integer policies on Windows 10 or 11 devices through Intune, you can leverage event IDs 813 and 814. These event IDs provide valuable insights into the application status of the policy as well as the specific value assigned to the policy on those devices.
In the case of this particular policy, the value is String and is linked to the event ID 813. Analyzing these event IDs lets you understand the policy’s application status and corresponding value on the devices in question.
- How to Disable Microsoft Edge Workspaces using Intune
- How to Enable Disable Automatic Screenshots for Web Pages on Microsoft Edge
- Featured Themes in Microsoft Edge Browser
To confirm this, check the Event log path – Applications and Services Logs – Microsoft – Windows – Devicemanagement-Enterprise-Diagnostics-Provider – Admin.
Enduser Experience
The above report and event log says that the deployment was successful. So, the settings that you applied to the policy should have already been set up on the enduser device. Let’s learn the enduser experience as well.
- Select Profiles > Passwords > Settings in Microsoft Edge
- Under Passwords, Check View and autofill passwords and passkeys
- The Prompt for the device sign-in options before viewing or filling website password settings must be enabled
This article will be a valuable resource for you and your organization. Thank you for being so patient in reading this post. I look forward to seeing you in the next post. Keep supporting the HTMD Community.
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
About the Author – Sujin Nelladath Microsoft Graph MVP has over 10 years of experience in SCCM device management and Automation solutions. He writes and shares his experiences with Microsoft device management technologies, Azure, and PowerShell automation.