Where passwords are stored on Windows?

Erwin · August 8, 2018, 2:53pm

I read, that passwords are stored in Windows Credential Manager.
But i found no entry there. I found a keychain.json-file unter AppData/…/Cryptomator.

For example in Cyberduck i found Passwords in the Credential Mananger as documented: “On Windows, passwords are saved in the Credential Manager. You can view and delete your saved login information in Control Panel → User Accounts → Credential Manager → Windows Credentials.” (https://trac.cyberduck.io/wiki/help/en/howto/connection#Passwords)

Are passwords really stored in Credential Manager or can anyone, who has access to my AppData-Folder, get the Infos, he needs, to open my vaults?

If this is so, is it possible, to take the sourcecode from cyberduck, to store passwords in Credential Manager?

karkusviktor · March 28, 2020, 12:07pm

I know it’s a quite old thread, but maybe helps others who stubles across it via Google.
The passwords are stored in the AppData folder as you mentioned, encrypted via Data Protection API.
If you want to check out, decrypt via powershell script.
Just load the password, and the salt from the json file, decode them as base64 and call
[System.Security.Cryptography.ProtectedData]::Unprotect($pass, $salt, $scope )
Somewhat similar to this script:
https://blag.nullteilerfrei.de/2018/01/05/powershell-dpapi-script/

Michael · January 10, 2021, 9:55am

A post was split to a new topic: Keychain.jason & Backblaze