How to Find Hidden & Saved Passwords in Windows
More in How-To
As you go about your day logging into various websites in your browser or accessing protected file shares on the network, Windows stealthy works in the background and may or may not store your credentials in various locations within the operating system.
These usernames and passwords may end up in the registry, within credential files, or within the Windows Vault. The credentials are stored in encrypted format, but can easily be decrypted using your Windows password. In this article, I’m going to show several tools you can use to view these hidden passwords on your system.
Windows Credential Manager
To get started, let’s talk about the built-in tool called Credential Manager that is in Windows. Click on Start and type in credential manager to open the program.
You’ll notice there are two categories : Web Credentials and Windows Credentials. The web credentials will have any passwords from sites that you saved while browsing in Internet Explorer or Microsoft Edge. Click on the down arrow and then click on the Show link.
You’ll have to type in your Windows password in order to decrypt the password. So that’s something you should know when you login to an account while using another person’s computer, even if they are someone you trust. You may not want them to know your login credentials.
If you click on Windows Credentials, you’ll probably see fewer credentials stored here unless you work in a corporate environment. These are credentials when connecting to network shares, different computers on the network, or network devices.
I’ll also mention how you can view Google Chrome saved passwords. Basically, each browser has the same feature, so you can do the same thing for Firefox, Safari, etc. In Chrome, click on the three dots at the top right and then click on Settings. Scroll down and then click on Show advanced settings.
Under Passwords and forms, click on the Manage saved passwords link next to Offer to save your web passwords.
Here you’ll see a list of all the passwords that you have stored in Chrome. The list may be quite long if you have the save password feature enabled.
Even though you can find quite a few passwords using the methods above, there are still more saved in other locations on your system. To get to these, you have to use some third party tools. My favorite site for free and clean tools is Nirsoft. There are basically three tools you can use : EncryptedRegView, CredentialsFileView, and VaultPasswordView.
All of these tools can be downloaded, extracted and run without needing to install them. This is great because it doesn’t mess with your system at all and once you are done, you can just delete the files.
When you run the program, you’ll see a dialog box where the Run as administrator box is checked. You don’t have to do anything, just click on OK. The program will then scan the registry and decrypt any passwords it finds in the registry.
Just arrow through the list and you’ll probably find a handful of gems. In my case, I found two passwords that were useful. Everything else was encrypted text that wasn’t a password.
Instead of double-clicking on this program, you should right-click and choose Run as Administrator.
On the main dialog that pops up, you’ll need to type in your Windows password at the bottom before clicking OK.
Now you should see a list of various credentials stored on your system. If you’re on a domain, you’ll see a lot more entries.
This one works the same way as CredentialsFileView, but instead looks inside the Windows Vault. This tool is especially useful for Windows 8 and Windows 10 users because these two operating systems store the passwords for Windows Mail, Edge, and IE in the Windows Vault.