Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Enable Device authentication for password autofill
Supported versions
- On Android since 134 or later
- On iOS since 140 or later
Description
This policy controls whether users must authenticate with their device password, biometric authentication, or PIN before autofilling saved passwords in web forms. Enabling this setting adds an extra layer of privacy by ensuring only authorized users can use stored credentials.
The feature helps users add an additional layer of privacy to their online accounts by requiring device authentication (as a way of confirming the user's identity) before the saved password is auto filled into a web form. This ensures that non-authorized persons can't use saved passwords for autofill.
If you enable this policy, the 'Require biometric or PIN' will be enabled and users would be asked to enter their device biometric or PIN while using password autofill. Users can't change it in Microsoft Edge Android.
If you disable or don't configure this policy, the user can turn on/off device authentication when autofilling. By default, the 'Require biometric or PIN' will be disabled and autofill will not have any authentication flow.
True = "Require Biometric or PIN" is mandatory before autofill
False = "Require Biometric or PIN" is optional before autofill
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: Yes
- Per Profile: No
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- Boolean
Android information and settings
- Preference Key name: BiometricAuthenticationBeforeFilling
- Example value:
true
iOS information and settings
- Preference Key name: BiometricAuthenticationBeforeFilling
- Example value:
<true/>