Find, add, remove, edit, backup, restore Stored Usernames and Passwords in Windows 10

The Stored User Names and Passwords Tool in Windows 10 lets you securely manage user names and passwords as a part of your profile. It lets you automatically enter saved user names and passwords for various network resources, servers, websites, and applications, to authenticate yourself. In this post we will see how to add, remove, edit, backup, restore Stored Usernames and Passwords & Credentials in Windows 10/8/7.

Find stored Usernames & Passwords in Windows 10

To directly access the Stored User Names and Passwords Control Panel applet, via WinX Menu, open Command Prompt (Admin), type the following rundll32 command, and hit Enter:

The Stored User Names and Passwords box will open.

Here you will be able to see the saved passwords and user names.

To add a new credential, press the Add button and fill in the required details as follows:

To delete a saved password, select the credential and click on the Remove button.

To edit a password, click the Edit button. Here you will be editing the details.

It could be a Windows logon credential or a Website or Program password.

It is always a good idea to back up the stored user names and passwords. To do this, click on the Backup button to open the following wizard.

Select and browse to the backup location, click Next, and follow the wizard to its completion.

Should the need arise, you can always restore the backup, by clicking on the Restore button and browsing to the backup file location and selecting it.

TIP: Read about the Credentials Manager and Windows Vault here.

PS: This post will show you how to manage passwords in Internet Explorer. While you can add, backup, restore Windows Credentials, there is no way to add or edit Web Credentials. Microsoft recently enumerated the changes it incorporated in Password Policy and Autocomplete Forms in Internet Explorer, to reduce the confusion in users about their passwords being recalled on one site but not another. Check this post to see how Internet Explorer 11 now stores Passwords.

How to securely save username/password (local)?

I’m making a Windows application, which you need to log into first.
The account details consist of username and password, and they need to be saved locally.
It’s just a matter of security, so other people using the same computer can’t see everyone’s personal data.
What is the best/most secure way to save this data?

I don’t want to use a database, so I tried some things with Resource files.
But since I’m kind of new with this, I’m not entirely sure of what I’m doing and where I should be looking for a solution.

5 Answers 5

If you are just going to verify/validate the entered user name and password, use the Rfc2898DerivedBytes class (also known as Password Based Key Derivation Function 2 or PBKDF2). This is more secure than using encryption like Triple DES or AES because there is no practical way to go from the result of RFC2898DerivedBytes back to the password. You can only go from a password to the result. See Is it ok to use SHA1 hash of password as a salt when deriving encryption key and IV from password string? for an example and discussion for .Net or String encrypt / decrypt with password c# Metro Style for WinRT/Metro.

If you are storing the password for reuse, such as supplying it to a third party, use the Windows Data Protection API (DPAPI). This uses operating system generated and protected keys and the Triple DES encryption algorithm to encrypt and decrypt information. This means your application does not have to worry about generating and protecting the encryption keys, a major concern when using cryptography.

Store the entropy and ciphertext securely, such as in a file or registry key with permissions set so only the current user can read it. To get access to the original data, use ProtectedData.Unprotect() :

Note that there are additional security considerations. For example, avoid storing secrets like passwords as a string . Strings are immutable, being they cannot be notified in memory so someone looking at the application’s memory or a memory dump may see the password. Use SecureString or a byte[] instead and remember to dispose or zero them as soon as the password is no longer needed.

How to Find Hidden & Saved Passwords in Windows

They may end up in the registry, within credential files, or within the Windows Vault

If you’ve forgotten a password but you know it was saved somewhere on your computer, you can access your Windows saved passwords and see if it’s there. Windows actually keeps a list of all of your saved passwords and lets you access them when you want.

These saved passwords are from your web browsers, WiFi networks, and other services that you use on your computer. Revealing these passwords is fairly easy as there’s a built-in tool on your computer that lets you do it.

View Windows Saved Passwords Using The Credentials Manager

The feature that saves your login details on your Windows 10 computer is called Windows Credentials Manager. It keeps a track of all of your web as well as other Windows passwords, and lets you access and use them when needed.

The web passwords that it saves are usually from Internet Explorer and Edge. Your Chrome, Firefox, and other web browsers’ passwords won’t appear in the tool. For those browsers, you can check out their settings menu to find and access the option that shows your passwords.

• Search for Control Panel using Cortana search and open the panel.

• Click on the option that says User Accounts as the option you’re looking for is located there.

• On the following screen, click on the option that says Credential Manager to open the tool on your computer.

• When the Credential Manager opens, you’ll see mainly two tabs called Web Credentials and Windows Credentials.

The Web Credentials section hosts all of your browser passwords. These are the passwords that you use to log-in to various websites.

The Windows Credentials stores your other passwords, such as your NAS drive password, and so on. Unless you’re in a corporate environment, you likely won’t use this section.

• To reveal the password for an entry, click on the down-arrow icon next to it. Then, click on the link that says Show next to Password.

• It’ll ask you to enter your Windows account password. If you use a fingerprint to unlock your machine like I do, you’ll be prompted to scan it to continue.

• It’ll then immediately display the password on your screen.

View Saved WiFi Passwords On Windows 10

The Credentials Manager, unfortunately, doesn’t let you view your saved WiFi passwords. However, there are two other ways you can use to access the Windows saved passwords for your wireless networks.

These methods should let you access passwords for all the WiFi networks you’ve ever connected to.

Use Command Prompt To Reveal Saved WiFi Passwords

The Command Prompt utility lets you perform a number of tasks on your computer, and one of these is to let you view your saved WiFi passwords. It can be used to retrieve a list of all of your networks, and then you can choose the network you want to view the password for.

You’re basically going to just copy and paste the commands, so even if you haven’t used the tool before, you should still be fine.

• Search for Command Prompt using Cortana search and click on Run as administrator.

• Type in the following command into the Command Prompt window and press Enter. It’ll show the WiFi networks it has saved passwords for.

netsh wlan show profiles

• Note down the WiFi network name you want to find the password for.
• Type in the following command replacing NAME with your WiFi network’s name and hit Enter.

netsh wlan show profile name=NAME key=clear

• Look towards the section that says Security settings. Here, you’ll find an entry saying Key Content. The value next to it is your WiFi password.

Use An App To Access Saved WiFi Passwords

If you need to access your saved WiFi passwords too frequently, the command line method isn’t ideal for you as it requires you to type in a command each time you want to view a password. A better option would be to use a third-party app that lets you easily and quickly reveal your Windows saved passwords.

One of these apps is WiFi Password Revealer by Magical Jelly Bean. It’s a free app you can use on your Windows 10 computer to view your WiFi passwords.

• Download and launch the app on your computer.
• It’ll immediately scan and display all the WiFi passwords it could find on your screen.

• If you want to copy a password, right-click on it in the app and select Copy selected password.

View Windows Vault Passwords Using An App

Some of the Windows saved passwords are stored in Windows Vault on a Windows 10 computer. If the password you’re looking for is located there, then you can use a free app to find and reveal it on your machine.

There’s an app called VaultPasswordView that lets you access all the passwords saved in the Windows Vault on your machine.

• Download and launch the app on your machine.
• Use the Root Folder dropdown menu to select your root folder. Then click on the Automatic Fill button to auto-fill some of the options on the screen.

• Enter your account password in the Windows Login Password field and hit OK.

• You should be able to view your Windows Vault saved passwords.

Delete Saved Passwords On Windows 10

Since your computer saves most passwords that you use on your computer, it may even have the passwords that you don’t actually use. If you want, you can delete these saved passwords on your Windows 10 computer.

These can be deleted from the Windows Credentials Manager on your PC.

• Launch Windows Credentials Manager from Control Panel.
• Click on the arrow icon next to the password you want to delete.
• Select the option that says Remove at the end of your credential details.

• It’ll ask if you’d really like to remove the password from your computer. Click on Yes to continue.

It’s easy to forget passwords especially if you have a lot of those to remember. Are you someone who needs to look at the saved passwords to log in somewhere or do you remember all of your passwords? Chime in in the comments below.

Mahesh has been obsessed with technology since he got his first gadget a decade or so ago. Over the last few years, he’s written a number of tech articles on various online publications including but not limited to MakeTechEasier and Android AppStorm. Read Mahesh’s Full Bio

Saving Your PuTTY Username and Password in a Windows Shortcut

In this guide I will show you how to create a Windows shortcut, which will store your PuTTY session information so that you don’t have to enter the username and password every time you log in. If you haven’t already installed PuTTY, you can download it from putty.org

1. Create Windows Shortcut

Begin by creating a Windows Shortcut.

Right-click the Desktop, select New and Shortcut.

Click Browse and navigate to the PuTTY folder.
It’s usually located in C:\Program Files\PuTTY or C:\Program Files (x86)\PuTTY

Select putty.exe, click OK and Next.
Enter a name for you shortcut. e.g. LinuxServer and click Finish.

2. Edit Shortcut

Right-click on your new shortcut and click Properties.

Take note of the Target field. It shows the path to putty.exe in Program Files. We are going to add a switch to this.

After the double quotes, paste in the following

Replace john with your username, 192.168.1.10 with your server IP and PaSsWoRd with your own password.

The Target field should now look something like this. (Your path may differ depending on where putty.exe is installed.)

Click OK and you’re done!

Now when you double-click the shortcut it will bring you straight into your Linux server without having to enter username or password.

Consider Key-based Authentication

Storing your password in a Windows shortcut is not very secure though, is it?

As well as offering additional security, SSH key authentication can be more convenient than the more traditional password authentication. SSH keys can allow you to connect to a server, or multiple servers, without having to remember or enter your password for each system.

Disable Sudo Password Prompt or Extend Timeout in Linux

Every time you issue a sudo command, Linux asks for your user password after a certain inactivity timeout, usually 5 minutes. This is the recommended behaviour to prevent unauthorised commands being run by someone or a malicious script in your absence. However, this requirement can be disabled per session or permanently, or you can extend the inactivity timeout.

VNC via a PuTTY SSH Tunnel

If you’re using Ubuntu, I’ve written a guide for installing a VNC server and connecting to it through a secure SSH Tunnel using PuTTY. 😎

Let me know if this helped. Follow me on Twitter, Facebook and YouTube, or 🍊 buy me a smoothie.