This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Browser Shield

This Article Applies to:

  • Avast Business Hub

 

Browser Shield (ex Password Protection) helps secure the passwords stored in web browsers. If left unprotected, passwords stored in web browsers may be vulnerable to malware and theft by unwanted applications. Browser Shield allows you to choose which apps have access to your saved passwords. It also blocks access to browser cookies to protect your personal and sensitive data.

The following browsers are supported:

  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge
  • Avast Secure Browser

Note that Browser Shield is available for Windows workstations only.

How Browser Shield Works

Browser Shield functions by monitoring the files on the disk where the browser passwords are stored.

Google Chrome

The stored passwords are in chrome://settings/passwords (Settings > Autofill and passwords > Google Password Manager).

Data is stored and protected in %LocalAppData%\Google\Chrome\User Data\Default\Login Data.

Mozilla Firefox

In Firefox, the logins are in about:logins (Menu > Passwords).

Data is stored and protected in %AppData%\Mozilla\Firefox\Profiles\*\key4.db / logins.json.

Microsoft Edge

In Edge, the passwords are in edge://settings/passwords (Settings > Profiles > Passwords).

Data is stored and protected in %LocalAppData%\Microsoft\Edge\User Data\Default\Login Data.

Avast Secure Browser

The stored passwords are in secure://settings/passwords (Settings > Autofill > Password Manager).

Data is stored and protected in %LocalAppData%\AVAST Software\Browser\User Data\Default\Login Data.

Configuring Browser Shield Settings

To access Browser Shield settings:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Click the Settings tab, then Antivirus
  4. Expand the Browser Shield section (under Identity Protection)

Here, you can:

  • choose whether protection is enabled for browser-stored passwords, and whether access to browser cookies is blocked (to protect personal and sensitive data).
    • At least one of these two settings needs to be enabled. If you disable one, disabling the other will not be possible (it will be grayed out) - the only way to disable them both is to disable Browser Shield itself.
  • define how Browser Shield responds to unknown apps trying to access browser-stored passwords (see Blocking/Allowing Unknown Applications below)
  • make a list of applications that will always be blocked or allowed, and decide whether that list will override the one made by the end user (see Blocking/Allowing Specific Applications below).

Blocking/Allowing Unknown Applications

In the Unknown Applications section, you can decide whether Browser Shield will:

  • Give user an option to block or allow the access
  • Silently block the access

If you choose to let the user decide, a detection dialog will pop up on the end device each time an unknown app attempts to access the passwords stored in any of the supported browsers. The user can then manually block or allow the app.

Blocking/Allowing Specific Applications

Under Applications, you can define specific applications to be blocked or allowed by Browser Shield. The rules set here will override the component's general configuration (and local configuration if the checkbox under Mode is ticked).

To add an app to the block/allow list:

  1. Click + Add application
  2. Enter the application path
    • You can add several paths at once.
  3. Choose whether the application should be allowed or blocked
  4. Click Add application

Allowed System Variables

Clicking Show system path variables in the dialog above will show all accepted system variables, and the tooltips will provide more information:

Use this if you need to specify an executable file located in a folder where shared program files for 32-bit applications are stored.

Example: %CommonProgramFiles(x86)%\app.exeC:\Program Files (x86)\Common Files\app.exe

Use this if you need to specify an executable file located in a folder where program files for 32-bit applications are stored.

Example: %ProgramFiles(x86)%\app.exeC:\Program Files (x86)\app.exe

Use this if you need to specify an executable file located in a folder where shared program files are stored.

Example: %CommonProgramFiles%\app.exeC:\Program Files\Common Files\app.exe

Use this if you need to specify an executable file located in a folder where program files are stored.

Example: %ProgramFiles%\app.exeC:\Program Files\app.exe

Use this if you need to specify an executable file located in a core folder of the operating system.

Example: %WINDIR%\SysNative\app.exeC:\Windows\System32\app.exe

Use this if you need to specify an executable file located inside an operating system folder.

Example: %WINDIR%\app.exeC:\Windows\app.exe

Use this if you need to specify an executable file located anywhere else on the system drive.

Example: %SYSTEMDRIVE%\folder_name\app.exeC:\folder_name\app.exe

Clicking any listed variable will automatically add it to the Application Path field.

FAQ

Avast Passwords is in EoL (end-of-life); therefore, it is recommended to use Browser Shield. That said, both can be used at once.

Not at this time.

?

Not at this time.

No, there are no plans to implement, as browsing is usually not performed on server OS.

 

Other Articles In This Section:

Ransomware Shield

Real Site

Remote Access Shield

Sandbox

Webcam Shield

Data Shredder

Exchange Protection

SharePoint Protection

Services and Components Without Customization Options in Business Hub

Related Articles:

Managing Policies

Configuring Antivirus Exclusions