Due to some compliance requirements, I am now required to disable the "save usernames & passwords" option for IE on all my systems. That part I have figured out via creating a GPO.
However, part of the compliance also states that I must remove any existing passwords that have previously been saved. The GPO does not have that capability. Any passwords that a user has already saved will still be available to use, they just won't be able to save new ones.
I'm trying to find exactly where these usernames and/or passwords are saved so that I can write a script to permanently delete them. I've found conflicting information (or maybe just different information for different browser versions, but that's not really clarified in the articles I've found).
Some may be saved in the registry, some may be saved via vaultcli.dll , or perhaps somewhere in the users' %AppData% profile. In doing some testing with my own account, I have not been able to definitively locate exactly WHERE these credentials are written. I need to avoid relying on users to delete their own stuff (because we all know how that will end :) )
Any thoughts / references / links would be greatly appreciated. Thanks.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 93%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
