Saving Passwords to the Password Manager Enabled (CIS LEVEL 1 MS Edge)

Created:2023/03/01 | Revised:2023/04/03


Severity:A level of a security risk associated with a vulnerability exploitation
CVSS:Indication of a severity level of each CVE
Countermeasure:Availability of measures to reduce a probability of an attack or an impact of a threat
Public Aware:Availability of a public announcement of a vulnerability
Weaponized:Vulnerability being abused by exploit or malware


'Enable saving passwords to the password manager' policy setting recommended state is 'Disabled'


Enable Microsoft Edge to save user passwords. The next time a user visits a site with a saved password, Microsoft Edge will enter the password automatically.

If you enable or don't configure this policy, users can save and add their passwords in Microsoft Edge.

If you disable this policy, users can't save and add new passwords, but they can still use previously saved passwords.


Saving passwords in Edge could lead to a user's web passwords being breached if an attacker were to gain access to their web browser especially in the case of an unattended and unlocked workstation.


To configure the policy as recommended, follow the steps below (choose one of the suggested ways):

Fix using Syxsense Console

This vulnerability can be automatically fixed within the Syxsense console.

Check the example of Syxsense Cortex Workflow implementation.

Using Local Group Policy Editor

  • Press Windows+R keys and type 'gpedit.msc' and press OK;

  • Navigate to: Computer Configuration > Administrative Templates > Microsoft Edge > Password manager and protection manager
  • On the right pane double click the 'Enable saving passwords to the password manager' policy setting

  • Set it to 'Disabled'
  • Click 'Ok'

Microsoft Edge folders do not exist by default, the Group Policy template MSEdge.admx/adml should be downloaded from Microsoft.

Use our tutorial on How to install Microsoft Edge Group Policy templates on Windows 10 (for individual computers).

For a domain environment adding the templates through Active Directory is required.

©2024 by Syxsense Inc. All Rights Reserved

Contact Us
Patch Management
Vulnerability Scanner