STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Google Chrome Current Windows Security Technical Implementation Guide

V-226404

CAT II (Medium)

Import AutoFill form data must be disabled.

Rule ID

SV-226404r961083_rule

STIG

Google Chrome Current Windows Security Technical Implementation Guide

Version

V2R11

CCIs

CCI-001166

Discussion

This policy forces the autofill form data to be imported from the previous default browser if enabled. If enabled, this policy also affects the import dialog. If disabled, the autofill form data is not imported. If it is not set, the user may be asked whether to import, or importing may happen automatically.

Check Content

Universal method: 
1. In the omnibox (address bar) type chrome://policy 
2. If ImportAutofillFormData is not displayed under the Policy Name column or it is not set to 0 under the Policy Value column, this is a finding.

Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the ImportAutofillFormData value name does not exist or its value data is not set to 0, this is a finding.

Fix Text

Windows group policy:
1. Open the "group policy editor" tool with gpedit.msc 
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\
Policy Name: Import autofill form data from default browser on first run
Policy State: Disabled