Prevent IE8 from saving proxy credentials
Posted on 2010-09-21
We have a situation where some of our users log onto a Citrix server (Windows 2008, Xenapp 5.0) using a generic shared login account.
On our network, the shared login account does not have access to the internet via our proxy, for obvious reasons (not being able to indentify the user). However, some of these users that use the shared account also have their own account which they use for other purposes such as internet access.
The problem we have is that sometimes, one of these users will try to visit an external web site with Internet Explorer 8 (whilst logged on using the shared account) and when they get prompted for proxy authentication, they put in their personal username and password, and choose to 'remember to password'.
This results in all of the users of this shared account getting internet access using the cached credentials, and once word gets around, the access gets abused. Of course, this causes big problems for the person whose credentials have been cached and are being used for proxy authentication, as they get the initial blame for the excessive/unacceptable usage.
So, is there a way to prevent IE8 from saving passwords for proxy authentication?
I've tried the group policy setting for "Turn on the auto-complete feature for user names and passwords on forms" but this seems to only apply to HTML forms, not NTLM/HTTP auth challenges.
Any tips would be greatly appreciated.