Disable Chromium Password Manager

An XCCDF Rule

Details
Profiles

Description

Chromium Password Manager allows the saving and using of passwords in Chromium. This should be disabled by setting PasswordManagerEnabled to false in the Chromium policy file.

Rationale

Enables saving passwords and using saved passwords in Google Chromium. Malicious sites may take advantage of this feature by using hidden fields gain access to the stored information.

ID: xccdf_org.ssgproject.content_rule_chromium_disable_password_manager
Severity: Unknown
References: DTBC0011
Updated: over 1 year ago

Remediation Templates

if ! grep -q PasswordManagerEnabled /etc/chromium/policies/managed/chrome_stig_policy.json; then
   sed -i -e '/{/a \  "'PasswordManagerEnabled'": 'false',' /etc/chromium/policies/managed/chrome_stig_policy.json
else
   sed -i -e 's/\"'PasswordManagerEnabled'.*/\"'PasswordManagerEnabled'\": 'false',/g' /etc/chromium/policies/managed/chrome_stig_policy.json
fi

Disable Chromium Password Manager

Description

Rationale

Remediation Templates

A Shell Script