In enterprise environments, organizations may need to restrict Chrome’s Incognito Mode to strengthen security policies and monitor web browsing activities. This guide provides step-by-step instructions for effectively disabling Chrome Incognito Mode using Active Directory Group Policy Objects (GPO).
1. Downloading and Installing Chrome ADMX Templates
1.1 Template Download
To manage Chrome policies, you must first download the official ADMX templates provided by Google.
- Visit Chrome Enterprise Download Page
- Select the “Manage policies” tab
- Choose “Policy templates – Chrome ADM/ADMX templates” and click Download
- Accept the Terms of Service and download the
policy_templates.zipfile
1.2 Template Installation
Install the downloaded templates in the correct location.
Local Computer Installation:
- Extract the
policy_templates.zipfile - Copy
chrome.admxandgoogle.admxfiles from\policy_templates\windows\admx\folder - Paste them into
%systemroot%\PolicyDefinitions(typicallyC:\Windows\PolicyDefinitions) - Copy the English
chrome.admlandgoogle.admlfiles from\policy_templates\windows\admx\en-US\folder - Paste them into
%systemroot%\PolicyDefinitions\en-US
Domain Environment Installation (Central Store):
- On the domain controller, copy ADMX files to
C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions - Copy ADML files to
C:\Windows\SYSVOL\domain\Policies\PolicyDefinitions\en-US
2. Disabling Incognito Mode via Group Policy
2.1 Local Group Policy Editor Configuration
- Press Win + R to open the Run dialog
- Type
gpedit.mscand press Enter - Navigate to:
- Computer Configuration → Administrative Templates → Google → Google Chrome
- Double-click the “Incognito mode availability” policy
- Select “Disabled”
- Click OK
2.2 Domain Group Policy Configuration (GPMC)
- Open Group Policy Management Console (GPMC)
- Create a new GPO or edit an existing one
- Navigate to Computer Configuration → Policies → Administrative Templates → Google → Google Chrome
- Edit the “Incognito mode availability” policy
- Select “Disabled” and apply
Mode
| Setting Value | Meaning | Behavior |
|---|---|---|
| Not Configured | Default value | Incognito mode available |
| Enabled | Policy active | Select detailed options from dropdown |
| Disabled | Incognito mode disabled | Completely blocks Incognito mode |
3. Direct Registry Configuration
In environments where GPO is not available, you can directly edit the registry.
3.1 Command Prompt Configuration
Run Command Prompt as administrator and enter the following command:
REG ADD HKLM\SOFTWARE\Policies\Google\Chrome /v IncognitoModeAvailability /t REG_DWORD /d 1
3.2 Registry Value Details
| Registry Value | Behavior |
|---|---|
| 0 or No value | Allow Incognito mode (default) |
| 1 | Disable Incognito mode |
| 2 | Force Incognito mode |
3.3 Removing Configuration
To revert the setting, use the following command:
REG DELETE HKLM\SOFTWARE\Policies\Google\Chrome /v IncognitoModeAvailability /f
4. Policy Application and Verification
4.1 Applying Policy
- Run gpupdate /force command to immediately apply policy
- Completely close and restart Chrome browser
- Changes typically apply within a few minutes
4.2 Verifying Policy Application
Verification in Chrome:
- Enter chrome://policy in Chrome browser
- Click Reload policies
- Check the IncognitoModeAvailability entry
- Verify the value is set to 1 with Status: OK
UI Verification:
- Click the ⋮ menu in the top-right corner of Chrome
- Verify the “New incognito window” option has disappeared
- Ctrl + Shift + N shortcut should also be disabled
5. Additional Security Settings
Additional Chrome security policies that work well with Incognito mode restrictions:
| Policy Name | English Name | Description |
|---|---|---|
| Disable Guest Mode | BrowserGuestModeEnabled | Block guest browsing |
| Block Adding Profiles | BrowserAddPersonEnabled | Prevent new profile creation |
| Block Browsing History Deletion | AllowDeletingBrowserHistory | Prevent history deletion |
Disabling Chrome Incognito mode is an important component of enterprise security policies. Using the methods outlined in this guide, you can effectively manage Chrome browsers according to your organization’s security requirements. Always test policies in a test environment before applying them to production systems.
References