Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Enable deleting undecryptable passwords
Supported versions
- On Windows and macOS since 132 or later
Description
This policy controls whether the built-in password manager can delete undecryptable passwords from its database. This is required to restore the full functionality of the built-in password manager, but it may include a permanent data loss. Undecryptable password values will not become decryptable on their own.
If fixing them is possible, it usually requires complex user actions.
Enabling this policy or leaving it unset means that users with undecryptable passwords saved to the built-in password manager will lose them. Passwords that are still in a working state will remain untouched.
Disabling this policy means users will have their password manager data untouched, but will experience a broken password manager functionality.
If the policy is set, users can't override it in Microsoft Edge.
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: No - Requires browser restart
- Per Profile: Yes
- Applies to a profile that is signed in with a Microsoft account: No
Data type
- Boolean
Windows information and settings
Group Policy (ADMX) info
- GP unique name: DeletingUndecryptablePasswordsEnabled
- GP name: Enable deleting undecryptable passwords
- GP path (Mandatory): Administrative Templates/Microsoft Edge/Password manager and protection
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
Enabled
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge
- Path (Recommended): N/A
- Value name: DeletingUndecryptablePasswordsEnabled
- Value type: REG_DWORD
Example registry value
0x00000001
Mac information and settings
- Preference Key name: DeletingUndecryptablePasswordsEnabled
- Example value:
<true/>