Share via

Restricting MS Edge browser password wallet synch to personal device

EnterpriseArchitect 6,366 Reputation points
2026-03-24T00:50:40.8733333+00:00

How can I stop the Microsoft Edge browser from syncing my password wallet across all my personal devices, including those that are not Intune-managed?

Therefore, only allow the password wallet sync to the corporate-managed device.

Because I cannot find it under the admin portal:

Microsoft Edge | Profile, sync, and sign in | Windows 11
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-03-24T00:51:01.26+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Password sync in Microsoft Edge is controlled by Edge sign-in and sync configuration, not specifically by an “admin-only password wallet” switch in the portals listed.

    Key points from the available information:

    • When a user signs into Microsoft Edge with a Microsoft account or work/school account, Edge can sync passwords (and other data types) across all signed-in instances where sync is enabled.
    • Sync is per profile and per device; each data type (including passwords) can be turned on or off individually in the Edge profile’s Sync settings.
    • For enterprise accounts, all synced data (including passwords) is encrypted and further protected with Microsoft Purview Information Protection, but this does not by itself restrict which devices can participate in sync.
    • To stop passwords from syncing to personal devices, the effective control is to prevent sign-in and sync with the enterprise account on unmanaged/non‑compliant devices.

    From the provided context, the supported enterprise control is:

    1. Use Conditional Access + MAM to block Edge sign-in/sync on unmanaged devices
      • Configure a Conditional Access policy targeting the Microsoft Edge app.
      • Apply Mobile Application Management (MAM) settings so that only compliant/managed devices can sign in and sync with the enterprise account.
      • This prevents users from signing in and syncing (including passwords) with an enterprise account on unmanaged or non‑compliant Windows, Android, and (with the noted limitation) iOS devices.
      • Result: Password wallet sync for the corporate account is effectively limited to devices that meet the management/compliance requirements.
    2. Restrict which profiles can sign in to Edge
      • Use the RestrictSigninToPattern policy to control which account patterns can sign in to Edge.
      • This does not directly distinguish managed vs. unmanaged devices, but it can prevent personal accounts from being used in corporate Edge instances, or vice versa, depending on how it is configured.
    3. Control password-related features where supported
      • On some platforms and scenarios, password manager behavior can be controlled via Edge policies (for example, PasswordManagerEnabled, PasswordManagerBlocklist, PasswordMonitorAllowed) or via Intune device restrictions (for Edge Legacy / Holographic scenarios) to reduce or disable password saving and syncing.
      • These do not themselves enforce “only corporate-managed devices,” but they can be combined with Conditional Access/MAM to tighten control.

    Given the context, there is no dedicated Edge admin portal switch that says “sync passwords only to Intune-managed devices.” The supported method is to:

    • Block Edge sign-in and sync for enterprise accounts on unmanaged/non‑compliant devices using Conditional Access + MAM, and
    • Optionally refine which accounts can sign in using RestrictSigninToPattern, and
    • Optionally configure password-related policies to control saving and monitoring behavior.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.