Prohibit Browser from storing passwords

Eskobar
Contributor
Hi folks,
 
Any idea how to prohibit users to store passwords on web browsers: chrome, fire fox, safari using Jamf?
This is critical as it's SOC request.
 
Thank you everyone
5 REPLIES 5

junjishimazaki
Valued Contributor

Hi Eskobar, I found this was discussed in Jamf Nation. See if this helps you out. https://community.jamf.com/t5/jamf-pro/restrict-browser-password-saving/m-p/169381

Eskobar
Contributor

Thanks @junjishimazaki  cheking

ejadadic
New Contributor III

You can use Windows GPO Keys as an explanation and test it out. 

We use a configuration profile that uploads a .plist on the device with com.google.Chrome as the preference domain. 

AJPinto
Valued Contributor II

An urgent request, that phrase has always sounded funny to me. The 1st question I would ask with any new management; "Why are we doing this?" Disabling syncing the passwords with an online account I totally understand. But disabling cashing passwords locally is a different story. Depending on how well SSO is setup in your environment it may cause more problems than good. Edge syncs passwords between devices with Azure by default, I would find out if that is enabled in your Windows environment (this also effects edge on macOS with a network account signed in). 

 

For Safari I believe this is done with a restrictions configuration payload. Disable the password stuff under functionality. 

For Chrome you would disable the password manager. 

Chrome Enterprise Policy List & Management | Documentation

Firefoxes documentation is not quite as good, but they provide you the json. I would assume this is in firefoxes password manager also.

policy-templates/org.mozilla.firefox.plist at master · mozilla/policy-templates · GitHub

 

Documentation for Edge. Microsoft provides a custom schema you upload in to JAMF and just select the correct drop down.

Configure Microsoft Edge on macOS with Jamf | Microsoft Docs

Eskobar
Contributor

Hi all, 

Thanks for the details input

I could block PasswordManger for chrome using jamf config profile.

The config profile couldn't be applied on firefox.

I was following https://github.com/mozilla/policy-templates/blob/master/README.md#offertosavelogins

Compatibility: Firefox 60, Firefox ESR 60 (current version 102.0)

Do you think that FireFox CCK2 extension can work better ? any tuto ? looks old as well https://amsys.co.uk/using-firefox-cck2-and-autopkg

 

Screen Shot 2022-07-05 at 5.15.29 PM.png

Regards,