This site is for Avast Business products only. For articles on AVG Business products, see AVG Business Help. If you are in the right place but cannot find what you are looking for, please contact Avast Business Support for further assistance.

Password Protection

This Article Applies to:

  • Avast Business Hub

 

Password Protection helps secure your browser-stored passwords against theft by preventing applications and malware from viewing, changing, or deleting them.

It is available for Windows workstations and supports the following browsers:

  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge
  • Avast Secure Browser

How Password Protection Works

Password Protection functions by monitoring the files on the disk where the browser passwords are stored.

Google Chrome

The stored passwords are in chrome://settings/passwords (Settings > Autofill and passwords > Google Password Manager).

Data is stored and protected in %LocalAppData%\Google\Chrome\User Data\Default\Login Data.

Mozilla Firefox

In Firefox, the logins are in about:logins (Menu > Passwords).

Data is stored and protected in %AppData%\Mozilla\Firefox\Profiles\*\key4.db / logins.json.

Microsoft Edge

In Edge, the passwords are in edge://settings/passwords (Settings > Profiles > Passwords).

Data is stored and protected in %LocalAppData%\Microsoft\Edge\User Data\Default\Login Data.

Avast Secure Browser

The stored passwords are in secure://settings/passwords (Settings > Autofill > Password Manager).

Data is stored and protected in %LocalAppData%\AVAST Software\Browser\User Data\Default\Login Data.

Configuring Password Protection Settings

To access Password Protection settings:

  1. Open the Policies page
  2. Click the desired policy to open its Detail drawer
  3. Click the Settings tab, then Antivirus
  4. Expand the Password Protection section (under Identity Protection)

Here, you can choose how Password Protection will react to possible threats, make a list of applications that will always be blocked or allowed, and decide whether that list will override the one made by the end user.

Blocking/Allowing Unknown Applications

In the Unknown Applications section, you can decide whether Password Protection will:

  • Give user an option to block or allow the access
  • Silently block the access

If you choose to let the user decide, a detection dialog will pop up on the end device each time an unknown app attempts to access the passwords stored in any of the supported browsers. The user can then manually block or allow the app.

Overriding Local Settings

Tick the checkbox in the Mode section of the settings if you want to override locally configured application rules with those you set here (see below).

Blocking/Allowing Specific Applications

Under Applications, you can define specific applications to be blocked or allowed by Password Protection. The rules set here will override the component's general configuration (and local configuration if the checkbox under Mode is ticked).

To add an app to the block/allow list:

  1. Click + Add application
  2. Enter the application path
    • You can add several paths at once.
  3. Choose whether the application should be allowed or blocked
  4. Click Add application

Allowed System Variables

Clicking Show system path variables in the dialog above will show all accepted system variables, and the tooltips will provide more information.

FAQ