none
How do I Disable Password Caching in IE 8 and IE 9?

Answers

  • Hi,

    It seems that in Windows 7 it works in different way. I have got the below in one of the web sites

    =================================================================================================

    The registry hack found at http://support.microsoft.com/kb/229940 works OK.

    However, in XP after application of the hack, the "Save my credential" box is removed.

    In WIN7, this box is still visible and one can click it and a V appears.

    The good news is that it does nothing, the password is not cached if the hack has been applied.

    =================================================================================================

    • Marked as answer by Chase Roth Wednesday, August 24, 2011 3:41 PM
    Wednesday, August 24, 2011 11:04 AM
  • Son of a ...

    This was working the whole time, but as you said doe NOT get rid of the CheckBox.  FIX IT MICROSOFT!  Geez.  I see help desk calls galore coming, "I am clicking remember, but it won't remember and I have to type it everytime."

    I ended up using the second method I mentioned above.  I'll say it again here:

    I used "Network access: Do not allow storage of credentials or .NET Passports for network authentication" and in Windows 7 RSAT GPMC "Network access: Do not allow storage of passwords and credentials for network authentication".

    Located:  Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies/Security Options

    As Sukhwin08 said, the box is still available but it does continue to prompt them everytime.

     


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.
    • Marked as answer by Chase Roth Wednesday, August 24, 2011 3:41 PM
    Wednesday, August 24, 2011 3:41 PM

All replies

  • Hi,

    How did you tried to apply the settings. I would suggest that you create a registry key manually in PC with IE8 as mentioned in http://support.microsoft.com/kb/229940 and check if this key works. IF it works then we can start with implementation through GPO.

     

    Tuesday, August 23, 2011 4:56 PM
  • I did just that after it did not work for me in GPO Preferences.  It did not work for me in my test VM thru GPO or manually configuring the Key.  Does it work for you?  What versions of OS and IE do you have?

     


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.
    Tuesday, August 23, 2011 4:59 PM
  • Hi,

    Can you please try the below mentioned reg values if those help

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

    "FormSuggest Passwords"="no"

    "FormSuggest PW Ask"="no"

     

    Both the keys are REG_SZ.

    • Proposed as answer by Woter324 Saturday, September 07, 2013 2:08 PM
    Tuesday, August 23, 2011 6:07 PM
  • No luck.  The checkbox still shows.  This is not a form.  It is a pop up prompt for user name, password, and a checkbox to remember.  The system we are trying to login to is a website that is active directory based, just not ours so SSO does not apply.  It is a "Windows Security" prompt, so I don't think Internet Explorer is a factor.  See the screenshot below.

    After further checking...

    1. My netbook is windows xp, with IE 8.0.6001.18702
    2. The DisablePasswordCaching worked on that
    3. MY test VM has Windows 7 32bit enterprise with IE 8.0.7600.16385
    4. The DisablePasswordCaching does NOT work
    5. The Group Policy changes aren't seeming to work either and they seem like what it should be

     

     


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.
    Wednesday, August 24, 2011 10:14 AM
  • Hi,

    It seems that in Windows 7 it works in different way. I have got the below in one of the web sites

    =================================================================================================

    The registry hack found at http://support.microsoft.com/kb/229940 works OK.

    However, in XP after application of the hack, the "Save my credential" box is removed.

    In WIN7, this box is still visible and one can click it and a V appears.

    The good news is that it does nothing, the password is not cached if the hack has been applied.

    =================================================================================================

    • Marked as answer by Chase Roth Wednesday, August 24, 2011 3:41 PM
    Wednesday, August 24, 2011 11:04 AM
  • Son of a ...

    This was working the whole time, but as you said doe NOT get rid of the CheckBox.  FIX IT MICROSOFT!  Geez.  I see help desk calls galore coming, "I am clicking remember, but it won't remember and I have to type it everytime."

    I ended up using the second method I mentioned above.  I'll say it again here:

    I used "Network access: Do not allow storage of credentials or .NET Passports for network authentication" and in Windows 7 RSAT GPMC "Network access: Do not allow storage of passwords and credentials for network authentication".

    Located:  Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies/Security Options

    As Sukhwin08 said, the box is still available but it does continue to prompt them everytime.

     


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.
    • Marked as answer by Chase Roth Wednesday, August 24, 2011 3:41 PM
    Wednesday, August 24, 2011 3:41 PM
  • Son of a ...

    This was working the whole time, but as you said doe NOT get rid of the CheckBox.  FIX IT MICROSOFT!  Geez.  I see help desk calls galore coming, "I am clicking remember, but it won't remember and I have to type it everytime."

    I ended up using the second method I mentioned above.  I'll say it again here:

    I used "Network access: Do not allow storage of credentials or .NET Passports for network authentication" and in Windows 7 RSAT GPMC "Network access: Do not allow storage of passwords and credentials for network authentication".

    Located:  Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Local Policies/Security Options

    As Sukhwin08 said, the box is still available but it does continue to prompt them everytime.


    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.

    Has anything changed on this?  I'm still looking for a suitable, clean resolution to disabling cached passwords in ie 9. This seems to be the newest information I can find on the subject a year a half later.

    dailytasker

    Tuesday, December 18, 2012 7:08 PM
  • Does not seem like anything has changed.  The box is still there, but users are still unable to save their passwords as is what we intended.  It is just ugly that the checkbox doesn't go away.  A silly little programming tidbit to not transfer over from Windows XP.

    Find this post helpful? Does this post answer your question? Be sure to mark it appropriately to help others find answers to their searches.

    Tuesday, December 18, 2012 9:53 PM
  • Agree.  I'm going to try using "Turn on the Autocomplete features..." in Disable mode to try and prevent password caching.  This has become an audit finding at our financial institution as a security hole to be plugged.  We are all Win7, 2008 R2 domain, and there is no reason why we cannot tighten this stuff up without jumping through hoops.  I should also use your method just to cover myself.  Thanks Chase.

    dailytasker

    Wednesday, December 19, 2012 2:03 PM
  • Hi Sukhwin08,

    I confirm this works Windows 7 32-bit, IE9. Here's a script to add the same:

    REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /V "FormSuggest Passwords" /t REG_SZ /d "no" /f
    REG ADD "HKCU\Software\Microsoft\Internet Explorer\Main" /V "FormSuggest PW Ask" /t REG_SZ /d "no" /f

    Why there isn't a GPO to disable such a catastrophic failure in security I do not know. It take two seconds to get all password out of IE's cache. This should be turned off by default.

    Thanks


    W.

    Saturday, September 07, 2013 2:07 PM