Password Protection (Browser Defense) (AVG Business Cloud Console)
Password Protection (soon to be renamed to Browser Defense to match the local client) helps secure browser-stored passwords against theft by preventing applications and detected malware from viewing, changing, or deleting them.
It is available for Windows workstations and supports the following browsers:
- Google Chrome
- Mozilla Firefox
- Microsoft Edge
- AVG Secure Browser
How Password Protection Works
Password Protection functions by monitoring the files on the disk where the browser passwords are stored.
Google Chrome
The stored passwords are in chrome://settings/passwords (Settings > Autofill and passwords > Google Password Manager).
Data is stored and protected in %LocalAppData%\Google\Chrome\User Data\Default\Login Data.
Mozilla Firefox
In Firefox, the logins are in about:logins (Menu > Passwords).
Data is stored and protected in %AppData%\Mozilla\Firefox\Profiles\*\key4.db / logins.json.
Microsoft Edge
In Edge, the passwords are in edge://settings/passwords (Settings > Profiles > Passwords).
Data is stored and protected in %LocalAppData%\Microsoft\Edge\User Data\Default\Login Data.
AVG Secure Browser
The stored passwords are in secure://settings/passwords (Settings > Autofill > Password Manager).
Data is stored and protected in %LocalAppData%\AVG\Browser\User Data\Default\Login Data.
Configuring Password Protection Settings
To access Password Protection settings:
- Open the Policies page
- Click the desired policy to open its Detail drawer
- Click the Settings tab, then Antivirus
- Expand the Password Protection section (under Identity Protection)
Here, you can choose how Password Protection will react to possible threats, make a list of applications that will always be blocked or allowed, and decide whether that list will override the one made by the end user.
Blocking/Allowing Unknown Applications
In the Unknown Applications section, you can decide whether Password Protection will:
- Give user an option to block or allow the access
- Silently block the access
If you choose to let the user decide, a detection dialog will pop up on the end device each time an unknown app attempts to access the passwords stored in any of the supported browsers. The user can then manually block or allow the app.
Overriding Local Settings
Tick the checkbox in the Mode section of the settings if you want to override locally configured application rules with those you set here (see below).
Blocking/Allowing Specific Applications
Under Applications, you can define specific applications to be blocked or allowed by Password Protection. The rules set here will override the component's general configuration (and local configuration if the checkbox under Mode is ticked).
To add an app to the block/allow list:
- Click + Add application
- Enter the application path
- You can add several paths at once.
- Choose whether the application should be allowed or blocked
- Click Add application
Allowed System Variables
Clicking Show system path variables in the dialog above will show all accepted system variables, and the tooltips will provide more information:
Use this if you need to specify an executable file located in a folder where shared program files for 32-bit applications are stored.
Example: %CommonProgramFiles(x86)%\app.exe → C:\Program Files (x86)\Common Files\app.exe
Use this if you need to specify an executable file located in a folder where program files for 32-bit applications are stored.
Example: %ProgramFiles(x86)%\app.exe → C:\Program Files (x86)\app.exe
Use this if you need to specify an executable file located in a folder where shared program files are stored.
Example: %CommonProgramFiles%\app.exe → C:\Program Files\Common Files\app.exe
Use this if you need to specify an executable file located in a folder where program files are stored.
Example: %ProgramFiles%\app.exe → C:\Program Files\app.exe
Use this if you need to specify an executable file located in a core folder of the operating system.
Example: %WINDIR%\SysNative\app.exe → C:\Windows\System32\app.exe
Use this if you need to specify an executable file located inside an operating system folder.
Example: %WINDIR%\app.exe → C:\Windows\app.exe
Use this if you need to specify an executable file located anywhere else on the system drive.
Example: %SYSTEMDRIVE%\folder_name\app.exe → C:\folder_name\app.exe
Clicking any listed variable will automatically add it to the Application Path field.
FAQ
Not at this time.
Not at this time.
No, there are no plans to implement, as browsing is usually not performed on server OS.