AutoFill must be disabled.

From Google Chrome Current Windows STIG

Part of DTBC0022 - AutoComplete for forms

Associated with: CCI-000381

SV-57597r2_rule AutoFill must be disabled.

Vulnerability discussion

This AutoComplete feature suggests possible matches when users are filling in forms. It is possible that this feature will cache sensitive data and store it in the user's profile, where it might not be protected as rigorously as required by organizational policy. If you enable this setting or do not set a value, AutoFill will remain under the control of the user. This will allow them to configure AutoFill profiles and to switch AutoFill on or off at their own discretion.

Check content

Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If AutoFillEnabled is not displayed under the Policy Name column or it is not set to false under the Policy Value column, then this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the AutoFillEnabled value name does not exist or its value data is not set to 0, then this is a finding.

Fix text

Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Enable AutoFill Policy State: Disabled Policy Value: N/A

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer