Is there a way to view password stored in Windows Credentials?

Question

I have a list of credentials stored in my Windows Credential Manager. But I can't view those passwords. Is there any way to see those credentials? enter image description here

Is there a problem or something ? Why don't you just click on the arrow? — Devid, Aug 26 '14 at 12:20

score 4 · Answer 1 · answered Aug 26 '14 at 11:06

4

You could try Network Password Recovery tool from Nirsoft

answered Aug 26 '14 at 11:06

Enigman

765
3
7

1

Tried that now. The password is not in plain text. This is what I got for each User - D81z8YUl,YHgArp[t12w9'$\QFgPNk%pJB`c1.feZhpouff9C:'eeGNfdlUXYFv#Fw)g"q$:KrY[gu-f6^?2jG3wUkC5|D+*WZT%dCVvlV(w!7sejK+p$wV]9Hj]bQ=xpWN%GXg3#&BH,Wx.'q7a~iGYe5b)D3MZK5;M_mUR&Rttd#J@!u_@,wD$JtlE1bvD~[;sgMet(N,$tul@$g.or*GqD@\qWbn – Kunal Aug 26 '14 at 11:11
1

It depends. Some application store the password as plain text and some applications hash it. – Tomas Kubes Jul 10 '18 at 10:28
1

FYI: Windows defender flags this with "This program has potentially unwanted behaviour." – Christopher Chase Aug 12 '20 at 00:53
3

@ChristopherChase Windows defender flags any program that can potentially be used by a hacker as having "potentially unwanted behaviour". This includes many legitimate tools. – Tim Seguine May 31 '21 at 07:35
Doesn't seem to work on Windows 10, just an empty list. – Jason C Mar 22 '23 at 18:31

score 2 · Answer 2 · answered Dec 16 '16 at 22:18

2

If you are a developer you could take advantage of this library to find your stored Windows Credentials. https://github.com/spolnik/Simple.CredentialsManager

answered Dec 16 '16 at 22:18

Amadeus Sanchez

233
2
7

score 1 · Answer 3 · answered Mar 24 '23 at 13:24

Windows has increased the security of passwords.

If you're in the "Windows Credentials" section of the Credential Manager, and if you expand any credential using the arrow, you'll find that asterisks are shown instead of the passwords, and I found no way to convince Windows to show the password itself on my computer.

If you open PowerShell and attempt to get the credential of some user using the Get-StoredCredential command, Windows will ask for the password of that account, which sort of defeats the purpose of getting the password.

To get at some of the passwords requires the Nirsoft program of CredentialsFileView, which can show most but not all passwords, but it requires entering the Windows login password into the program. I suggest sorting by the column of "Entry Type" in order to sort by password type. The interesting ones probably have the Entry Type of "Domain Password".

Sator · Answer 4 · 2023-03-27T12:15:15.537

1

You could try to crack the passwords with mimikatz(GitHub):

Download the ZIP file from the release page or from here
Place it onto C: and extract the content
Open powershell as an admin
cd into the folder where the executable mimikatz.exe is placed
Start mimikatz with mimikatz.exe
Run these commands:

privilege::debug
token::elevate
sekurlsa::logonPasswords

After these commands you get a list of credentials and there you should find your desired passwords.

edited Mar 27 '23 at 12:15

answered Mar 27 '23 at 11:35

Sator

93
4

1

Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Mar 27 '23 at 12:07
Totally worked, thanks. Chrome hates mimikatz and I had to fight a bit with Kaspersky, too, but once I got all that under control it did indeed list the credential passwords. – Jason C Mar 29 '23 at 13:24
It is a bit a pain in the ass, but happy that it worked for you. – Sator Mar 30 '23 at 09:57

score 0 · Answer 5 · answered Oct 05 '20 at 23:50

0

Here's a single .cs file to print the password of a generic credential: https://github.com/KirillOsenkov/Misc/blob/c2e28fb9e37b7d115bead10a0bc7bfce5e1e4375/WindowsCredentialViewer.cs

I'm not redistributing a binary since reading credentials is a dangerous thing and you should verify what you run before you download a tool from the internet to read your passwords. Just add that single C# file to a new C# console app and run.

answered Oct 05 '20 at 23:50

Kirill Osenkov

109
4

1

Unfortunately "CredReadW" returns false for the password I'm trying to recover even if running the program as administrator... – nsimeonov Nov 15 '20 at 01:57

score 0 · Answer 6 · edited Feb 21 '23 at 14:02

0

For python see the keyring module (link) e.g:

pip install pywin32 keyring
python -c "import keyring;print(keyring.get_password('servicename', 'username'))"

edited Feb 21 '23 at 14:02

sparrowt

2,433
1
24
23

answered Sep 17 '21 at 19:46

fakej Gazeta.pl

9
2

Is there a way to view password stored in Windows Credentials?

6 Answers6

Linked