The Password Manager must be disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-235756 | EDGE-00-000043 | SV-235756r961521_rule | CCI-002007 | medium |
| Description | ||||
| Enable Microsoft Edge to save user passwords. If this policy is enabled, users can save their passwords in Microsoft Edge. The next time the user visits the site, Microsoft Edge will enter the password automatically. | ||||
| STIG | Date | |||
| Microsoft Edge Security Technical Implementation Guide | 2025-05-15 | |||
Related Frameworks
2 paths across 2 frameworks
Related Frameworks
NIST 800-531 mapping
IA-5(13)
1.00
- DISA · 2 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
CCI1 mapping
CCI-002007
1.00
- DISA · 2 · disa_xccdf · related
Details
Check Text (C-235756r961521_chk)
The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Password manager and protection/Enable saving passwords to the password manager" must be set to "disabled".
Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge
If the value for "PasswordManagerEnabled" is not set to "REG_DWORD = 0", this is a finding.
Fix Text (F-38938r626465_fix)
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Password manager and protection/Enable saving passwords to the password manager" to "disabled".