Before you start
Objectives: Learn what is Credential Manager, why it is used, where to find it, and how to manage saved credentials used to gain access remote resources.
Prerequisites: you have to be familiar with tools which can be used in Windows to manage authentication locally, with sharing permissions, with UNC paths, and with Windows user accounts.
Key terms: credentials, Windows, ID, access, manager, password, username, vault, resource, provider
What is Credential Manager
Whenever we try to access some resource, whether it is local or remote resource, Windows always validates our credentials to make sure we have rights to access that resource. To avoid entering our credentials every time, we can use Credential Manager to save our credentials. That way Windows will automatically use credentials from the Manager, instead of asking us to enter them. In our case we will try to access files on remote computer over network. The name of the remote computer is “lenovo”. We will use the UNC path to access that computer. UNC path is:
UNC Path Example
When we click OK, we will be asked to enter our credentials. We will do that now.
Notice that we can check “Remember my credentials” box. If we don’t check that box, we will have to enter our credentials every time we want to access this resource. Remember that in this case our computers are not on a Windows domain. If we were on a domain, Windows would automatically check our credentials against Active Directory. Since we are working with local user accounts, we must specify the name of the computer where the user is located. This is because every computer in the Workgroup environment has its own users. That’s why we have entered “lenovo\mediacenter” as the user name, “lenovo” being the name of the computer, and “mediacenter” being the actual username. So, we have to know the username and password information located on the computer that we want to connect to. This is how Workgroup environment works. We will also check the “Remember my credentials” box.
Once we click OK, if we entered credentials correctly, we will be connected to the Lenovo computer. We can see that there is one shared folder and one shred printer on that computer.
Connected to Lenovo
If you are unable to connect to the remote machine, and you are sure that you have entered username and password correctly, make sure that remote access and sharing is enabled on your remote machine. You can do that in Network and Sharing Center under Advanced Sharing Settings.
Since we have chosen to save our credentials we will be able to access our remote resource without entering our credentials again. But the question is, where are those credentials saved? The answer is the Security Vault which we can manage using the Credential Manager located in Control Panel.
Notice that under Windows Credentials section we have saved user name and password for the “lenovo” computer. Here we can edit that credential or remove it from the vault. We can even add additional Windows credentials by specifying the name of the server, username and the password.
We can also enter certificate credentials if we want to authenticate with the resource using certificates or smart cards. We can even enter generic credentials for non-Windows resources like websites or applications.
We can always backup our vault. To do that we can simply click on the “Back up vault” option. In our case we will save them to the Desktop, but for restoring, it is better to save them to removable media.
Vault Backup Location
When we click Next, we have to somehow protect those credentials. Before we enter the password for our file Windows 7 wants us to enter Secure Desktop and to do that we are prompted to press Control+Alt+Delete. Once we are in Secure Desktop we can go ahead and enter a password for our backup file.
Now that we have our credentials backed up, we can always restore them using the “Restore vault” option in Credential Manager.
In Windows 7 we can also link our Windows account to an online ID. With online IDs we can easily access online resources with our online ID. To link our Windows account to an online ID, we can simply click on the “Link online IDs” option.
The first thing we have to do is install an online ID provider. When we click on the “Add an online ID provider” option, we will be redirected to a web page where we can download ID providers. At the time of writing this article there is only one option and that is Windows Live Sign-in Assistant.
Web Page with Providers
So we will download that provider and install it. When the provider is installed, it will be available in the Online ID Provider list.
When we link our account with our Windows Live ID, we won’t have to enter credentials for resources related with that online ID.