Hardening Tips

Passwords in Chrome

Written by Robbz Olson | Jul 15, 2026 2:12:01 PM

Passwords are really the keys to your business data. 

Email SaaS platforms, banking, internal systems etc. Once an attacker has a password the rest of the environment often isn't far behind. 

I hear some great advice repeated all the time: Use an approved enterprise password vault (shout out to my homies like Keeper Security, Inc. Bitwarden or 1Password etc) 

And honestly... you really should.

But hereโ€™s the reality: users donโ€™t like change. Even when organizations deploy proper password managers, people still fall back to whatโ€™s easy, ๐˜€๐—ฎ๐˜ƒ๐—ถ๐—ป๐—ด ๐—ฝ๐—ฎ๐˜€๐˜€๐˜„๐—ผ๐—ฟ๐—ฑ๐˜€ ๐—ถ๐—ป ๐˜๐—ต๐—ฒ ๐—ฏ๐—ฟ๐—ผ๐˜„๐˜€๐—ฒ๐—ฟ.

Browsers prioritize convenience, while attackers and infostealer malware know exactly where to look for stored credentials.

One way to reduce that risk is disabling Chromeโ€™s built-in password manager.

Hereโ€™s how: 
- Go to your start menu and open "Registry Editor" as admin
- Go to this path: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome
- Either create or open/edit a DWORD called "PasswordManagerEnabled" and set it to 0

IMPORTANT: This setting change only stops from saving new passwords but does not delete or modify already saved passwords in the Chrome user profile. 

More info from Google directly here: https://lnkd.in/gVC3fk_Z

 Let close those small gaps attacks love to exploit 

(if you want a free guide of other hardening tips like this or a better/automated method of hardening configuration settings emial me at hardeningtips@senteon.co ๐Ÿ˜‰ )