Windows Password Recovery — расшифровщик Windows Vault
Что такое Windows Vault
Windows Vault представляет собой защищенное хранилище секретов, паролей и другой персональной информации пользователя и системы. Данные, хранимые в Windows Vault, структуизированы и представляют собой набор записей, принадлежащих определенной схеме Vault.
На физическом уровне Vault — дисковый каталог с минимальным набором следующих файлов:
- Policy.vpol — набор ключей шифрования для записей Vault. Данные ключи могут быть защищены при помощи двух основным методов: с помощью DPAPI, либо с помощью пароля пользователя. Последний тип защиты не используется в Windows 8 и в настоящее время не поддерживается программой.
- .vsch — схема Vault, содержащая описатели структур, флаги и др. служебную информацию.
- .vcrd — запись Vault, в которой находятся исходные зашифрованные данные, относящиеся к определенной схеме. Данные могут состоять и, как правило, состоят из нескольких полей.
Обозреватель и расшифровщик Windows Vault
Обозреватель Windows Vault представляет собой утилиту для анализа и расшифровки записей Vault в офлайн режиме. Для этого Мастер расшифровки разбивает весь процесс на несколько последовательных этапов.
- Поиск каталога Vault
- Поиск Мастер Ключа пользователя или системы
- Указание файлов реестра и другой информации, необходимой для расшифровки Мастер Ключа
- Выбор схемы Vault
- Поиск записей Vault, принадлежащих выбранной схеме
- Расшифровка записи
Поиск каталога Vault
В настоящее время существует два типа хранилища Vault: системное и пользовательское. Пользовательский Vault может быть расположен в следующих каталогах:
%USER_APPDATA%\Microsoft\Vault\ %USER_LOCAL_APPDATA%\Microsoft\Vault\
Например,
С:\Users\John\AppData\Local\Microsoft\Vault\18289F5D-9783-43EC-A50D-52DA022B046E
С:\Users\Helen\AppData\Roaming\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
Системный Vault по-умолчанию расположен в:
%SYSTEM_APPDATA%\Microsoft\Vault\ %SYSTEM_LOCAL_APPDATA%\Microsoft\Vault\ %PROGRAMDATA%\Microsoft\Vault\
Например,
С:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
С:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Vault\4BF4C442-9B8A-41A0-B380-DD4A704DDB28
C:\ProgramData\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204
Учтите, некоторые из указанных каталогов имеют системный атрибут, делающий эти каталоги скрытыми.
Выбор Мастер Ключа
После того, как выбран определенный каталог Vault, необходимо указать путь к Мастер Ключу, использующегося в защите ключей шифрования Vault. Мастер Ключ пользователя всегда располагается в каталоге %APPDATA%\Microsoft\Protect\%SID%, а Мастер Ключи системной учетной записи хранятся в директории %SYSTEMDIR%\Microsoft\Protect. Надо отметить, что Мастер Ключей может быть несколько, а для расшифровки определенного объекта подойдет только один, имя которого хранится внутри файла Policy.vpol. При поиске Мастер Ключа, программа может отфильтровывать ненужные имена.
Расшифровка Мастер Ключа
Для расшифровки Мастер Ключа пользователя необходимо задать как минимум два параметра: пароль пользователя на вход и его идентификатор безопасности (SID), который обычно прописан в пути к Мастер Ключу. Программа определяет SID пользователя автоматически. Если это по какой-либо причине сделано не было, укажите его самостоятельно. Для расшифровки системного Мастер Ключа задавать пароль не нужно, всю необходимую информацию программа получает из двух файлов реестра: SYSTEM и SECURITY.
Расшифровка Мастер Ключа пользователя в некоторых случаях требует указания пути к файлу реестра SAM. Это необходимо сделать только в том случае, если учетная запись владельца данных Windows 8 имеет тип LiveID.
Имейте в виду, иногда возможна расшифровка Мастер пароля пользователя и, следовательно, записей Vault без знания пароля владельца.
Начиная с версии 9.7, Windows Password Recovery имеет встроенный механизм для обнаружения и использования уязвимости в защите Мастер Ключей DPAPI. Так, для расшифровки _любых_ записей Windows Vault доменного пользователя, пароль владельце больше не обязателен.
WPR v11.7 поддерживает функцию автоматического доверенного входа в систему Windows 10. Если программа обнаруживает, что для пользователя установлен доверенный автоматический вход, для расшифровки данных пароль на вход не потребуется.
WPR v15 поддерживает дополнительные методы расшифровки при помощи биометрии и PIN.
Выбор схемы Vault
На четвертом шаге, если предыдущие прошли успешно, программа предложит выбрать из выпадающего списка одну из схем, принадлежащих нашему Vault. Чуть ниже списка показаны общие характеристики выбранной схемы: ее имя, версия, GUID, флаги, количество атрибутов и записей.
Выбор записи Vault
Аналогичным способом выбираем одну из интересующих нас записей, принадлежащих выбранной на предыдущем шаге схеме.
Расшифровка записи Vault
Ну и, наконец, финальная стадия, где можно просмотреть расшифрованную запись, скопировать ее в буфер обмена или сохранить в файл для дальнейшего анализа. На рисунке показан расшифрованный пароль (он затерт) учетной записи администратора, настроенной на вход при помощи отпечатка пальцев.
Manage Windows Passwords Using Windows Vault
In an era where security breaches and data theft have become rampant, managing passwords efficiently is paramount. Windows Vault (officially known as Windows Credential Manager) offers a built-in solution for securely storing and managing passwords, credentials, and sensitive information on Windows operating systems. This extensive guide will delve deep into Windows Vault, exploring its features, benefits, operations, and effective management of your passwords.
Understanding Windows Vault
Windows Vault is a secure digital locker integrated into the Windows operating system that allows users to store, retrieve, and manage passwords and credentials. This functionality is part of the Credential Manager, which is designed to simplify the handling of login credentials for various applications and services, thus enhancing user convenience and security.
The Credential Manager includes three types of credentials:
-
Web Credentials: These are the credentials used for logging into websites. They can store usernames and passwords for various online accounts, reducing the need to remember each individual password.
-
Windows Credentials: Used for logging into Windows services and resources, such as file shares or servers. Windows Credentials can also include information needed for managed apps.
-
Certificate-Based Credentials: These are more advanced credentials used for communicating securely with applications and services.
Why Use Windows Vault?
Managing passwords can be a struggle, especially when juggling multiple accounts. Windows Vault simplifies this process while providing several benefits:
-
Security: Windows Vault encrypts stored passwords, ensuring they are safely protected from unauthorized access. This built-in encryption helps to safeguard sensitive information.
-
Convenience: It automatically fills in login details, which can save time and eliminate the need to remember every password.
-
Centralized Management: Users can manage all their credentials in one place, making it easier to update or delete outdated information.
-
Integration: It works seamlessly with applications and browsers, offering a native solution without requiring third-party tools.
-
Synchronization: If you use a Microsoft account, your credentials can be synchronized across multiple devices, helping you maintain access to your accounts regardless of where you are.
How to Access Windows Vault
Accessing Windows Vault is straightforward. Here are the steps you need to follow:
-
Via Control Panel:
- Open the Control Panel by searching for it in the Start Menu.
- Click on User Accounts.
- Select Credential Manager.
-
Using the Run Command:
- Press
Windows + Rto open the Run dialog box. - Typing
control /name Microsoft.CredentialManagerwill take you directly to the Credential Manager.
- Press
-
Through Windows Settings:
- Go to Settings by clicking the gear icon in the Start Menu.
- Select Accounts.
- Click on Access work or school on the left pane.
- Click on Credential Manager.
Once you access Credential Manager, you’ll see the Web Credentials and Windows Credentials sections listed, where you can view or manage your saved login information.
Storing Passwords in Windows Vault
Storing a password in Windows Vault is quick and easy. Here’s how to add credentials to the Credential Manager:
-
Open Windows Vault using one of the methods mentioned above.
-
Click on Add a Windows Credential or Add a generic credential.
- Windows Credential is for saving credentials for network resources.
- Generic Credential is for application-specific or web-based credentials.
-
Enter the Internet or network address, username, and password.
-
Click on OK to save the information.
-
For web credentials, it’s often handled by the browser (like Chrome, Edge, and Firefox). Once you provide login information for a website, the browser typically prompts to save this information, which gets stored in Windows Vault.
Viewing and Editing Stored Passwords
Managing your saved credentials is essential for maintaining security. Here’s how to view and edit existing passwords:
-
Open the Credential Manager as described earlier.
-
In the Web Credentials or Windows Credentials section, locate the specific credential you wish to view or modify.
-
Click on the dropdown arrow next to the credential entry to expand it.
-
Click on Edit to modify the existing password or username. You can change the necessary fields and click Save.
-
To view a stored password, you may need to enter your Windows account password or use a fingerprint or other authentication methods if configured.
-
If you need to remove a credential, click on the credential and select Remove.
Deleting Passwords from Windows Vault
Sometimes, password management requires removing old or unnecessary credentials. Here’s how to delete them:
-
Launch the Credential Manager.
-
Find the credential under the corresponding section (Web or Windows).
-
Click on it to expand it.
-
Press the Remove button.
-
Confirm that you want to delete this credential, and it will be removed.
Troubleshooting Common Issues
While using Windows Vault is generally seamless, you might encounter occasional issues. Here are some common problems and their solutions:
-
Credentials Not Saving: If your passwords are not saving, check that you are using the correct version of Windows and that Windows Vault is functioning correctly. Sometimes, a system restart can fix temporary glitches.
-
Forgotten Password: Unfortunately, if you have forgotten your Windows password and have no alternative means of access, you may have to reset your PC. Always ensure you back up your important data.
-
Auto-fill Not Working: If the auto-fill feature is not functioning in your browsers, make sure that the browser settings are configured to allow it.
-
Corrupted Vault: If you suspect that your Credential Manager is corrupted, you may need to clear your vault. However, this action deletes all credentials, so ensure you back up what’s necessary first.
Using Windows Vault Across Devices
For users who operate multiple devices, particularly when logged in through a Microsoft account, Windows Vault synchronizes stored passwords. This ability means that credentials saved on one device will automatically appear on another, which is especially beneficial for maintaining password continuity on multiple devices.
Best Practices for Password Management
While Windows Vault offers a convenient way to manage passwords, implementing best practices is essential for reinforcing security:
-
Use Strong Passwords: Ensure that all stored passwords are unique, complex, and not easily guessable. A combination of letters, numbers, and symbols is advisable.
-
Two-Factor Authentication: Where available, enable two-factor authentication to add an extra layer of security.
-
Regular Updates: Periodically review and update your stored passwords to help safeguard against potential breaches.
-
Backup: Keep a secure backup of crucial information, especially if it involves sensitive or financial accounts.
-
Clear Outdated Credentials: Regularly remove outdated or duplicate credentials from Windows Vault to streamline management and enhance security.
-
Monitor Account Activity: Regularly monitor the activity on accounts linked to stored passwords in Windows Vault, ensuring no unauthorized access has occurred.
Conclusion
Windows Vault provides an invaluable resource for managing passwords securely and efficiently. By understanding its features, benefits, and management techniques, users can protect sensitive information with minimal hassle.
As cyber threats continue to evolve, so too must our approach to safeguarding our credentials. Embracing personal security habits, combined with the power of Windows Vault, allows us to navigate the digital world confidently. Whether you’re a casual user managing social media accounts or a professional handling sensitive client information, knowing how to use Windows Vault effectively will provide peace of mind regarding password safety.
In the quest for better security practices, the importance of a reliable password management system cannot be overstated, and Windows Vault stands out as a solid choice integrated within the Windows operating environment. Embrace the power of Windows Vault and take control of your passwords today.
Last week, our friends Paul Thurrott and Rafael Rivera explored one of the untold mysteries (according to them) of Windows 7 — Windows Vault
I have been using this feature for quite some time since the beta release, even before Paul and Rafael might have discovered it. Let me explain what this Windows Vault is and how to use it. Before that, let us take a minute to read what Microsoft had replied Mary-Jo Foley regarding Windows Vault
«Windows 7 includes a feature called ‘credential manager.’ This is similar to technology in past versions of Windows in that it stores your frequently used passwords so you can easily access and manage; however, in Windows 7 we’ve added the ability to back up or restore this information. The default storage vault for the credential manager information is the ‘Windows Vault.'»
As Microsoft says, the Windows Vault stores user credentials for servers, wesbites and other programs that Windows can log in the users automatically. At first instance, this might look like now users can store their Facebook credentials, twitter credentials, gmail credentials etc., so that they automatically log in via browsers. But it is not so.
Windows Vault stores credentials that Windows can log in the users automatically, which means that any Windows application that needs credentials to access a resource (server or a website) can make use of this Credential Manager & Windows Vault and use the credentials supplied instead of users entering the username and password all the time.
Unless the applications interact with Credential Manager, I dont think it is possible for them to use the credentials for a given resource. So, if your application wants to make use of the vault, it should somehow communicate with the credential manager and request the credentials for that resource from the default storage vault.
Let us take an application for example: Google Talk
Google Talk does not use (Windows) Credential Manager to store or retrieve user credentials. Below are the steps if Google Talk wants to make use of the (Windows) Credential Manager
1) Google Talk requests the Credential Manager with the resource
2) Credential Manager looks into its default vault for the appropriate credentials(for that resource)
3) If there is any credential associated, the vault returns it to the Credential Manager
4) Credential Manager returns it back to Google Talk
5) Google Talk signs in with the returned credentials
I have seen few Microsoft applications making use of this feature already in Windows 7
- Windows Live Messenger
- Microsoft Word 2007
- Microsoft Outlook 2007
- Windows Explorer(when accessing network resources)
You have to remember that all these applications are accessing a resource using the Credential Manager, which can be a website or a server. In my case, I accessed my company resource through Microsoft Word which required username and password. When I stored my credentials for my company resource (usually the URL endpoint), Microsoft Word picked it up and prompted me with the username and password boxes filled in with those credentials!
Similarly, I added my network computer and the proper credentials to access it into the vault and Windows Explorer picked it up whenever I connected to that network computer! And similarly, when I accessed other network resources with credentials, Windows Explorer added those to the vault.
Since Windows Vault stores your credentials, you as a user should be able to access your vault and manage all of your credentials.
You can also backup and restore your vault, which is quite handy.
After this, Windows switches to a secure desktop where you could provide a password for your backup. You will be prompted for the password when you restore this vault in the other computer. The backup and restore feature worked really well for me.
Adding Credentials to the Vault
Most of the time its going to be Windows applications that interact with the Credential Manager and not the user. However, if you do want to manage your credentials, you are allowed to do so.
Let us take an example of adding a Windows Credentials. I am going to add credentials to connect to one of my network PC — GALAXY. Initially, the credentials without being in the vault, when I connect to my PC, I get this prompt
Let us add the credentials
Notice that I am writing my PC Name as my resource. After adding the credentials, I can see it in my vault
Here is the prompt I get now whenever I connect to my network PC — GALAXY
It remembers the credentials once I choose the option to remember
I tried adding my company credentials and tested with Microsoft Word 2007 and Microsoft Outlook 2007 and they all worked perfect!
Whats missing?
Well, there is no documentation online by Microsoft mentioning the uses of this credential manager for Windows 7, but given the fact that Windows 7 is still in its beta stage, I couldn’t complain. In my opinion, Microsoft will come out with some documentation once Windows 7 RC is released.
I have not tested adding a certificate-based credentials as I don’t have any Windows applications that gets authenticated using a certificate. Currently in Windows 7 build 7000, I get this when I choose to add a certificate-based credential
But, in the Windows 7 build 7048, Microsoft has given a clue how this feature will be used. Below is what I get when I choose to add a certificate-based credential in Windows 7 build 7048
Now, thats interesting. Adding a certificate that is used with the smart card. Visit here to know more about enrolling for a smart card certificate. If you have a Smart Card Logon certificate (which provides authentication) or a Smart Card User certificate (which provides authentication plus other uses of the smart card cryptography, you can very well test this feature in the Windows 7 build 7048!
What about developers?
Searching MSDN, I found a sample — Credential Management with the .NET Framework 2.0. The sample application interacts with the Credential Manager and allows you to manage your credentials in the default vault. It worked perfectly in Windows 7 build 7000.
The Credential Manager is nothing new for Windows 7 and is present since Windows XP. The documentation is available in MSDN for quite a long time since Windows XP.
May be next time Rafael and Paul should consider digging more into the feature before concluding that its something new to Windows 7 and undocumented by Microsoft. Windows applications, especially Microsoft products, make use of this Credential Manager a lot.
Credential Manager & Windows Vault are nothing new and have just got a new shiny user interface in Windows 7
Quick Tips
- You can keep your Personal Vault unlocked for a maximum of 4 hours.
- Personal Vault can be disabled from OneDrive Online settings.
- You will need to authenticate every time you unlock the Personal vault.
As the name suggests, Personal Vault is your private folder in OneDrive, which is password-protected and syncs across devices. You can also keep it open for a few minutes to hours, after which it will be automatically locked. When you set it up for the first time, you must verify your account by logging into your Microsoft account or using the Authenticator app.
How to Open Personal Vault on Windows
Step 1: Press the Windows + E keys shortcut to open File Explorer and select OneDrive from the left navigation panel.
Step 2: Double-click the Personal Vault icon and confirm your identity using the default Windows authentication method. If you have a Windows Hello-compatible laptop, use the face unlock or fingerprint to complete the authentication. If you don’t have a Windows Hello function, enter your computer’s PIN or Microsoft account password to access the Private Vault.
Step 5: File Explorer will open a new window with Private Vault files.
Another way to access Personal Vault is from the Taskbar or system tray.
Step 1: Click the OneDrive icon in the system tray and select the Settings gear at the top right of the fly-out menu.
Step 2: Select Unlock Personal Vault and verify your identity to access it.
Note: If you don’t see the OneDrive icon in the system tray, enable it from the Settings app.
How to Move Items in Personal Vault
Step 1: Press the Windows + E keys shortcut to open the File Explorer app.
Step 2: Right-click on the file or folder and select copy or cut.
Step 3: Open Private Vault (refer to the steps above) and paste the files.
How to Lock Personal Vault on Windows 11
Step 1: Open OneDrive from the taskbar.
Step 2: Select Lock Personal Vault, and you are ready.
How to Disable Personal Vault on Windows 11/10
Step 1: Visit OneDrive online and sign in with your Microsoft account details.
Step 2: Select the Settings gear at the top right.
Step 3: Click on Options under the OneDrive settings section.
Step 4: Select Personal Vault from the left sidebar, click Disable, and confirm your decision.
Was this helpful?
Thanks for your feedback!
The article above may contain affiliate links which help support Guiding Tech. The content remains unbiased and authentic and will never affect our editorial integrity.
Microsoft Windows Vault overview
Microsoft Windows Vault is a utility that allows you to work with several file extensions. Its task is to use various file-based processes, such as converting or opening and editing. Below is a list of all extensions that are used by Microsoft Windows Vault Microsoft Windows Vault can open files from the list above, so you should install it to work with them successfully.
What information about the Microsoft Windows Vault software do you need?
- 1. Microsoft Windows Vault and the extensions it supports
- 2. Where to get the Microsoft Windows Vault?
1. File formats supported by the Microsoft Windows Vault software
List of file extensions that work with the Microsoft Windows Vault software. The files listed below are not always the formats you can edit with Microsoft Windows Vault. Sometimes it may be a file containing settings for software that you are not editing. Click on a given file extension for additional information.
2. Where to download the Microsoft Windows Vault?
By far the safest place to download Microsoft Windows Vault is the software developer’s website. There may be times when you do not find the installation files there. You will surely find information about the place where you can safely download them. Using unreliable sources can download viruses or other malicious software.
Share:
Microsoft Windows Vault download
About Microsoft Windows Vault
Extensions supported by Microsoft Windows Vault
Microsoft Windows Vault for free
Tags:
Copy and paste this link anywhere.