Forum Discussion
edge://flags/#edge-windows-credentials-for-http-auth gone
Jussi Palo Keith Davis Fredrik_Freden Thanks for your patience as I looked into this!
The flag disappearing in version 89 is by design, end users will have no UX to control this behavior. The current setup uses Windows Credentials for now, however the team is working on a policy allowing admins to disable the experience and use the basic prompt instead of Windows credential UI. The GPO is expected in Microsoft Edge 90. You can check out the release schedule for the Beta and Stable channels here.
Please let me know if you have any questions, and I'll keep an eye on this thread. 😃
-Alex
Thanks for the update. However, I'm still confused about why this is even changing. Why would Microsoft not want users to be able to use password managers, like LastPass, for their login? How is using Windows Credentials supposed to even replace this?
- Fredrik_FredenJan 22, 2021Brass Contributor
I am pretty sure that this solution makes sense in some cases. I don't think Microsoft would implement the feature if it was always useless. But it's good that it will be possible to change the behavior.
- Keith DavisJan 21, 2021Steel Contributor
Again, that makes no sense. Even without this, our single-sign-on works fine for computers on the domain, but for example, when a user that has a domain account connects from a non-domain computer, they get this prompt and instead of being able to use LastPass to autofill, have to manually enter their credentials.
- Fredrik_FredenJan 21, 2021Brass Contributor
As far as I understand this is the behavior when using Windows Integreated Authentication. You can use Windows Integrated Authentication to apply single sign on based on your domain credentials and in this case you will not need a password manager.
The problem in my company is that some of our partners have built sites with Windows Integrated Authenticatio. We are not part of their domain and Windows Integrated Authentication will not work because of this. This is when the "bad" credential popup arrives and destroys my day.
So if we get a GPO to adjust this behavior everybody will be happy.