How can we prevent users from using the Remember password feature
for Web applications and shared folders?
You'll need to create a Group Policy Object (GPO)—or edit an existing
one—that gets applied to all workstations. When you open the GPO by using
the Microsoft Management Console (MMC) Group Policy Editor snap-in, navigate
to Computer Configuration, Windows Settings, Security Settings, Local Policies,
Security Options and double-click the Network access: Do not allow storage
of credentials or .NET Passports for network authentication to enable it.
(Note that this setting will work only on Windows XP and later machines.) The
policy doesn't take effect until the workstation applies the GPO and reboots.
After making this change, the Remember password check box on the Logon
To dialog boxes will no longer function, and if a user opens the Stored User
Names and Passwords Control Panel applet, the list of credentials will be empty
and all buttons disabled except for Close. However, be aware that Windows doesn't
actually delete any existing credentials. If you subsequently disable the Network
access: Do not allow storage of credentials or .NET Passports for network authentication
option and reboot again, when the user opens Stored User Names and Passwords
any credentials previously created will be present again.
-Randy Franklin Smith
End of Article
