Credential Manager in Windows 7

Before you start

Objectives: Learn what is Credential Manager, why it is used, where to find it, and how to manage saved credentials used to gain access remote resources.

Prerequisites: you have to be familiar with tools which can be used in Windows to manage authentication locally, with sharing permissions, with UNC paths, and with Windows user accounts.

Key terms: credentials, Windows, ID, access, manager, password, username, vault, resource, provider

What is Credential Manager

Whenever we try to access some resource, whether it is local or remote resource, Windows always validates our credentials to make sure we have rights to access that resource. To avoid entering our credentials every time, we can use Credential Manager to save our credentials. That way Windows will automatically use credentials from the Manager, instead of asking us to enter them. In our case we will try to access files on remote computer over network. The name of the remote computer is “lenovo”. We will use the UNC path to access that computer. UNC path is:

 1 Run

UNC Path Example

When we click OK, we will be asked to enter our credentials. We will do that now.

 000002 lenovo Credentials Entered

Credentials Entered

Notice that we can check “Remember my credentials” box. If we don’t check that box, we will have to enter our credentials every time we want to access this resource. Remember that in this case our computers are not on a Windows domain. If we were on a domain, Windows would automatically check our credentials against Active Directory. Since we are working with local user accounts, we must specify the name of the computer where the user is located. This is because every computer in the Workgroup environment has its own users. That’s why we have entered “lenovo\mediacenter” as the user name, “lenovo” being the name of the computer, and “mediacenter” being the actual username. So, we have to know the username and password information located on the computer that we want to connect to. This is how Workgroup environment works. We will also check the “Remember my credentials” box.

Once we click OK, if we entered credentials correctly, we will be connected to the Lenovo computer. We can see that there is one shared folder and one shred printer on that computer.

 000003 Connected Lenovo

Connected to Lenovo

If you are unable to connect to the remote machine, and you are sure that you have entered username and password correctly, make sure that remote access and sharing is enabled on your remote machine. You can do that in Network and Sharing Center under Advanced Sharing Settings.

Managing Credentials

Since we have chosen to save our credentials we will be able to access our remote resource without entering our credentials again. But the question is, where are those credentials saved? The answer is the Security Vault which we can manage using the Credential Manager located in Control Panel.

 000005 Windows Vault

Credential Manager

Notice that under Windows Credentials section we have saved user name and password for the “lenovo” computer. Here we can edit that credential or remove it from the vault. We can even add additional Windows credentials by specifying the name of the server, username and the password.

 000006 Add Credentials

Adding Credentials

We can also enter certificate credentials if we want to authenticate with the resource using certificates or smart cards. We can even enter generic credentials for non-Windows resources like websites or applications.

 000008 Different Credentials

Different Credentials

We can always backup our vault. To do that we can simply click on the “Back up vault” option. In our case we will save them to the Desktop, but for restoring, it is better to save them to removable media.

000009 Vault Backup Location

Vault Backup Location

When we click Next, we have to somehow protect those credentials. Before we enter the password for our file Windows 7 wants us to enter Secure Desktop and to do that we are prompted to press Control+Alt+Delete. Once we are in Secure Desktop we can go ahead and enter a password for our backup file.

 000010 Backup Password

Backup Password

Now that we have our credentials backed up, we can always restore them using the “Restore vault” option in Credential Manager.

In Windows 7 we can also link our Windows account to an online ID. With online IDs we can easily access online resources with our online ID. To link our Windows account to an online ID, we can simply click on the “Link online IDs” option.

 000011 OnlineID

Online ID

The first thing we have to do is install an online ID provider. When we click on the “Add an online ID provider” option,  we will be redirected to a web page where we can download ID providers. At the time of writing this article there is only one option and that is Windows Live Sign-in Assistant.

 000012 ID Providers

Web Page with Providers

So we will download that provider and install it. When the provider is installed, it will be available in the Online ID Provider list.

 000013 Provider List

Installed Providers

When we link our account with our Windows Live ID, we won’t have to enter credentials for resources related with that online ID.