Microsoft Edge for Business has recently introduced a robust feature that enables organizations to securely deploy passwords. This new functionality, now generally available, aims to eliminate the insecure practice of sharing passwords through sticky notes or email. Instead, administrators can securely distribute encrypted passwords to specific users within their organization.
Once a password is shared, it is conveniently stored in the Edge password manager, allowing users to log in effortlessly with autofill. Notably, organizations can access this enterprise-grade solution without incurring any additional fees, making it an attractive option for enhancing security protocols.
Understanding the Mechanism and User Experience
To manage this feature, administrators will utilize the Microsoft Edge management service through the Microsoft 365 admin center. This platform enables them to add, modify, and revoke credentials for distinct user groups using configurable policies.
After administrators have established the shared passwords, users will find these credentials in their Edge password manager, where they can use autofill to log into related websites. Importantly, these passwords are connected to work profiles on managed Windows devices, which helps mitigate potential misuse.
To enhance security further, the shared passwords cannot be viewed, edited, or deleted—unless the associated website permits it—nor can they be exported from the password manager. This feature significantly boosts security; if an unauthorized individual gains physical access to a user’s computer, they cannot uncover the password.
However, administrators should remain vigilant about a critical aspect concerning developer tools. A determined user could potentially extract passwords by accessing the developer tools. Therefore, it is advisable to limit access to these tools by adjusting the DeveloperToolsAvailability policy.
Security Foundations and Encryption Standards
The secure password deployment feature leverages the Information Protection SDK, ensuring that all passwords are encrypted. This encryption is closely tied to Entra identities, enabling organizations to enforce security without the complexities of manual key management. Password decryption occurs at runtime through the same SDK, which also checks the user’s identity.
Availability and Initial Setup
This secure password deployment function can be accessed through the Edge management service in the Microsoft 365 admin center. Administrators can either select an existing configuration policy or create a new one. Within the policy, navigation to the Customization Settings tab and then to the Secure Password Deployment page is required.
To utilize this feature, organizations must hold a Microsoft 365 Business Premium, E3, or E5 subscription, along with administrative roles of either Edge admin or Global admin.
For more information, you can visit the official announcement from Microsoft.
Related Articles:
City in France Replaces Windows and Office with Linux and FOSS Solutions
11:36
Edge 138 Release: Features AI-Powered History Search and More Enhancements
10:22
Microsoft Reveals Performance Benchmarks: Windows 11 vs Windows 10 for Faster PC
6:12
Leave a Reply ▼