Details
This policy setting controls whether users are able to import saved passwords from another browser into Microsoft Edge as well as whether passwords are imported on first use.
The recommended state for this setting is Disabled.
Rationale:
Having saved passwords automatically imported or allowing users to import password data from another browser into Microsoft Edge allows for sensitive data to be imported into Edge.
Impact:
If you set this setting to Disabled users will be unable to perform a saved passwords import from other browsers into Microsoft Edge.
Solution
To establish the recommended configuration via GP, set the following UI path to Disabled
Computer ConfigurationPoliciesAdministrative TemplatesMicrosoft EdgeAllow importing saved passwords
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.
Default Value:
Passwords are imported at first run, and users can choose whether to import them manually during later browsing sessions.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Windows.