Windows - System Preferences - Delete Saved Passwords for Browsers

What the browser password deletion Worklet does

This Automox Worklet™ evaluates and removes stored passwords from the password managers in Google Chrome, Microsoft Edge, and Mozilla Firefox. The Worklet scans all user profiles on Windows endpoints and identifies password storage locations, including Chrome's Login Data file, Edge's Login Data file, and Firefox's logins.json and key4.db files.

During the evaluation phase, the Worklet determines if passwords are stored in any of these browsers. If stored credentials are found, the remediation phase deletes them completely. The Worklet also forcefully closes Microsoft Edge processes before attempting password removal to prevent file locks from prevent deletion.

Why clear saved browser passwords from endpoints

Stored passwords on endpoints represent a significant security risk. If an endpoint is lost, stolen, or compromised, attackers can extract cached credentials and use them to access corporate systems, email accounts, and cloud services. Clearing saved passwords removes this attack vector and reduces credential exposure.

Many compliance frameworks, including PCI-DSS and HIPAA, require organizations to prevent the local storage of passwords. This Worklet helps you maintain compliance by systematically removing password caches across your endpoint fleet. Organizations can schedule regular execution to maintain credentials do not accumulate over time.

Automating this task eliminates manual steps for IT operations teams and maintains consistent policy enforcement across all Windows endpoints, including workstations and servers.

How password deletion works

1. Evaluation phase: The Worklet scans all user profile directories under C:\Users for password storage files. It checks for Chrome's Login Data file in AppData\Local\Google\Chrome\User Data, Edge's Login Data file in AppData\Local\Microsoft\Edge\User Data, and Firefox's logins.json and key4.db files in AppData\Roaming\Mozilla\Firefox\Profiles. If any password files are found, the Worklet returns a non-zero exit code indicating remediation is needed.

2. Remediation phase: The Worklet forcefully closes all Microsoft Edge processes using Stop-Process with the -Force flag to release file locks. It then deletes Chrome password files from the Login Data location in all Chrome profiles, including Default and numbered profiles. For Edge, the Worklet implements a retry mechanism with up to five attempts over 25 seconds to overcome temporary file locks. For Firefox, the Worklet removes logins.json, logins-backup.json, and key4.db files from all Firefox profile directories.

Browser password deletion requirements

• Windows 10, Windows 11, or Windows Server 2016 and later

• PowerShell 3.0 and above

• Administrative privileges to access and delete files in user profile directories

• Chrome, Edge, or Firefox must be installed for password files to exist

• Users should close their browsers before remediation runs to avoid data loss when Edge processes are terminated

Expected endpoint state after remediation

After the Worklet completes successfully, all saved passwords are permanently deleted from Chrome, Edge, and Firefox on the endpoint. Users opening these browsers will no longer see autofill suggestions for previously saved credentials. The next time users log into websites, they must manually enter credentials or use password managers that are not browser-based storage.

To verify remediation success, you can check the Worklet execution status in the Automox console. The Worklet will show a successful run status and output indicating which password files were deleted or already absent. If Edge was open during remediation, users may see a brief interruption as Edge processes are restarted.

How to validate delete saved passwords for browsers changes

1. Run this Worklet on a pilot Windows endpoint and review evaluation output for delete saved passwords for browsers.

2. Confirm Automox activity logs show successful completion and exit code 0.

3. Verify endpoint state using checks aligned to evaluation script logic, such as Evaluate-ChromePasswords, Test-Path, Write-Output.

4. Validate remediation effects from script operations such as Clear-ChromePasswords, Test-Path, Write-Output, then rerun evaluation for compliance.