Workplace Tips

How to Turn Off Browser Password Managers Using GPO

Published:
Learn how admins can use Windows Group Policy to disable built-in password managers in Chrome, Edge, and Firefox and deploy Dashlane company-wide.

When employees use built-in browser password managers, company credentials can get saved to personal accounts, synced across unmanaged devices, and stored outside your security controls.

For IT admins managing Windows environments, Group Policy Objects (GPO) are the fastest way to enforce this at scale across every managed desktop, without touching each machine individually.

Note: Using Dashlane on your computer works best when you download the Dashlane extension. The extension helps you create strong and unique logins, keeps track of your information, and can also autofill it. To avoid problems with Autofill and other Dashlane features, we advise you to turn off your web browser’s built-in password managers.

If your organization uses Windows, you can use group policy (GPO) to turn off the browsers’ built-in password managers on your organization’s desktops. These steps will prevent business logins from being saved and synchronized to personal accounts. We advise mass deploying the Dashlane extension as part of the same policy.

This guide covers step-by-step GPO configuration for Google Chrome, Microsoft Edge, and Mozilla Firefox. At the end, you’ll find instructions for deploying the Dashlane extension alongside these policies so your team is set up from day one.

Why disable browser password managers for your organization?

Browser-based password managers were built for individual convenience, not enterprise security. Here’s why IT teams disable them:

  • Credentials sync to personal accounts: When an employee saves a work login in Chrome, it can sync to their personal Google account, outside your control entirely.
  • No visibility or auditability: Built-in managers don’t log access or generate reports. You have no way to know who has access to what.
  • Weak password enforcement: Browser managers don’t enforce password policies, rotation schedules, or MFA requirements.
  • Shadow IT risk: Employees may store credentials for systems you don’t even know they’re using.

Disabling browser password managers using GPO ensures credentials are funneled through Dashlane, where admins have full visibility, policy control, and audit logging.

Before you begin

Before configuring GPO settings, make sure you have the following:

  • Windows Server with Group Policy Management Console (GPMC) installed
  • Domain admin or Group Policy admin permissions
  • The appropriate browser ADMX templates installed on your Central Store (see browser-specific steps below)
  • A target Organizational Unit (OU) that includes the user or computer accounts you want to apply the policy to

Note: GPO browser password manager settings are User Configuration policies. They must be linked to a User OU, not a Computer OU.

Disable the Chrome Password Manager using GPO

  1. Open the Group Policy Management Editor on your Windows management server.

  1. Download the Google Chrome administrative templates from Google.

  1. In the ADMX folder, copy the “policy_templateswindowsadmxchrome.admx” and “policy_templateswindowsadmxgoogle.admx” files and paste them to C:WindowsPolicyDefinitions.

  1. In the ADML folder, copy the “policy_templateswindowsadmxen-uschrome.adml” and “policy_templateswindowsadmxen-usgoogle.adml” files and paste them to C:WindowsPolicyDefinitionsen-us. Note: If you’re outside the U.S., the files and folders may have slightly different names.

  1. In Group Policy Editor, create a new GPO for Chrome and enter a name for the policy. For example, “Disable browser password manager.” Choose your desired scope.

  1. Right-click the Group Policy Object and select Edit. Go to User Configuration, Policies, Administrative Templates, Google, Google Chrome.

  1. Under Password Manager, disable the Enable saving passwords to the password manager policy, Enable AutoFill for addresses policy, and Enable AutoFill for credit cards policy.

  1. Ensure the GPO link is enabled.

Disable the Edge Password Manager using GPO

  1. Open the Group Policy Management Editor on your Windows management server.

  1. Download the Microsoft Edge Policy Templates from Microsoft’s official download page and install the ADMX files into your Central Store.

  1. In Group Policy Editor, create a new GPO for Edge and enter a name for the policy. For example, “Disable browser password manager.” Choose your desired scope.

  1. Right-click the Group Policy Object and select Edit. Go to User Configuration, Policies, Administrative Templates, Microsoft Edge.

  1. Open Password Manager and protection, disable the Enable saving passwords to the password manager policy, the Enable AutoFill for payment instruments policy, and the Enable autoFill for payment instruments policy. Optionally, you can enable the policy Disable synchronization of data using Microsoft sync services.

  1. Ensure the GPO link is enabled.

Note: GPO does not remove passwords already saved in Edge. Instruct users to export any saved work credentials to Dashlane and delete them from the browser before the policy takes effect.

Disable the Firefox Password Manager using GPO

  1. Open the Group Policy Management Editor on your Windows management server.

  1. Download the Firefox policy templates.

  1. In the folder you downloaded, copy the AMDX file “policy_templates_v1.##windowsfirefox.admx & mozilla.admx” and paste them into C:WindowsPolicyDefinitions.

  1. Copy the ADML file “policy_templateswindowsen-usfirefox.adml & mozilla.adml and paste them into C:WindowsPolicyDefinitionsen-us. Note: If you’re outside the U.S., the files and folders may have slightly different names.

  1. In Group Policy Editor, create a new GPO for Firefox and enter a name for the policy. For example, "Disable browser password manager." Choose your desired scope.

  1. Right-click the Group Policy Object and select Edit. Go to User Configuration, Policies, Administrative Templates, Mozilla, Firefox.

  1. Locate and enable the Disable Firefox Accounts policy.

  1. Disable the Offer to save logins policy, Offer to save logins (default) policy, and Password Manager policy.

  1. Ensure the GPO link is enabled.

Deploy the Dashlane extension alongside these policies

Disabling browser password managers is only half the job. The other half is making sure your team has a secure, managed alternative ready to use from day one. We recommend deploying the Dashlane extension as part of the same GPO rollout.

You can force-install the Dashlane extension for Chrome or Edge using GPO with the ExtensionInstallForcelist policy:

  1. In Group Policy Editor, navigate to User Configuration > Policies > Administrative Templates > Google > Google Chrome > Extensions (or Microsoft Edge > Extensions).

  1. Enable the Configure extension installation force-list policy.

  1. Add the Dashlane extension ID: fdjamakpfbbddfjaooikfcpapjohcfmg (Chrome) or gehmmocbbkpblljhkekmfhjpfbkclbph (Edge).

This ensures Dashlane is installed automatically on every managed device in scope, without requiring action from end users.

Frequently asked questions

Does GPO remove passwords already saved in the browser?

No. GPO prevents new passwords from being saved and disables the autofill feature, but it doesn’t delete passwords already stored in the browser. You’ll need to instruct employees to manually clear their saved passwords or use a separate remediation script.

Do these GPO settings apply to personal devices?

No. GPO policies only apply to devices joined to your Active Directory domain. Employees using personal or unmanaged devices won’t be affected.

Can I apply these settings to a specific group of users instead of everyone?

Yes. You can use security filtering in Group Policy Management to apply the GPO only to specific security groups. Right-click the GPO, select “Scope,” and configure Security Filtering to target the desired group.

What if our organization uses Intune instead of GPO?

The same browser password manager settings are available in Microsoft Intune as Settings Catalog policies. The equivalent settings are named identically. Look for “Enable saving passwords to the password manager” under the Chrome or Edge policy namespaces.

Next steps

We advise mass deploying the Dashlane extension as part of the same policy.

Once you’ve applied these GPO settings, your team’s browser password managers will be turned off across all managed devices.

The next step is to make sure Dashlane is fully set up for your organization so employees have a secure place to store and access credentials from day one. Dashlane gives IT admins full control over credentials, policies, and access without adding complexity for employees.

The information above and so much more is also on the Dashlane Help Center, which has hundreds of helpful articles walking you through everything from key features to Dashlane's security architecture and beyond.

Take a look around.

Sign up to receive news and updates about Dashlane

Related articles

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Data & Culture

New Data Shows Over Half of Risky Password Use Is Invisible to IT

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Workplace Tips

How to Move Your Organization’s Data from LastPass to Dashlane

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Workplace Tips

How Dashlane’s Admin-Assisted Recovery Works for Members of Professional Plans

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Engineering

How Attackers Think: Understanding Your Attack Surface Before They Do

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Workplace Tips

MFA Methods Compared: SMS, Authenticator Apps, Hardware Keys, and Passkeys

A green and blue background with three blue slanted rectangles in the middle. A white Dashlane logo is overlaid on top.
Workplace Tips

SaaS Sprawl: How to Manage Shadow IT and Unsanctioned Apps

A picture of the author: Dashlane
Dashlane

Dashlane provides complete credential security, protecting businesses against the threat of human risk. Our intelligent Omnix™ platform unifies credential protection and password management, equipping security teams with proactive intelligence, real-time response, and protected access to secure every employee. Over 25,000 brands worldwide, including leading enterprises such as Michelin, Air France, and Forrester, trust Dashlane for industry-leading innovations, patented zero-knowledge security, and an unmatched user experience.