To improve credential sharing security, team administrators will want to prevent team members from saving shared credentials in their browser and logging into websites using HTTP instead of HTTPS. Click on Team Settings, then on the Browser Extensions tab to configure the options for your team.


Password Saving


The Password Saving option configures whether StrongPass can be used to log into websites if the team member has enabled the option to save passwords in their browser. This is how the settings work:


Block All will prevent team members from using StrongPass with any account credentials when password saving is enabled.


Block Use-Only will prevent team members from using StrongPass with credentials that have been assigned to them with Use-Only Permission when password saving is enabled in the browser. They may use StrongPass with their own credentials or credentials that have been shared with Full Permission as long as the HTTP Sites option also allows access.

Block None means the Browser Extension does not prevent team members from using StrongPass when password saving is enabled in the browser. They can use StrongPass with any credentials, regardless of whether password saving is enabled, as long as the HTTP Sites option also allows access.


Note: Safari does not allow the Browser Extension to check if password saving is enabled, so the behavior for Safari users will be different for Block All and Block Use-Only. If either of these is selected, team members using Safari will only be able to use StrongPass with their own credentials or credentials that have been shared with Full Permission as long as the HTTP Sites option also allows access, regardless of whether password saving is enabled in their browser.


HTTP Sites


The HTTP Sites option configures whether StrongPass can be used to log into websites that use HTTP instead of HTTPS on their sign-in page. This is how the settings work:


Block All will prevent team members from using StrongPass with any account credentials on HTTP sign-in pages.


Block Use-Only will prevent team members from using StrongPass with credentials that have been assigned to them with Use-Only Permission on HTTP sign-in pages. They may use StrongPass with their own credentials or credentials that have been shared with Full Permission as long as the Password Saving option also allows access.


Block None means the Browser Extension does not prevent team members from using StrongPass on HTTP sign-in pages. They can use StrongPass with any credentials, on any sign-in page, as long as the Password Saving option also allows access.