Behavior of stored user names and passwords (281660)
The information in this article applies to:
- Microsoft Windows XP Home Edition
- Microsoft Windows XP Professional
This article was previously published under Q281660 SUMMARY Windows XP introduces a new behavior which makes it easier
to access resources that require credentials other than the logged-on user's
credentials. This article describes the functionality and expected behavior of
Stored User Names and Passwords. MORE INFORMATION Stored User Names and Passwords is a mechanism that
dynamically and manually creates credential sets (a user name and password) for
resources. This functionality is available from the graphical user interface
(GUI) and from the command line. The types of credentials that you can manage
with Stored User Names and Passwords are:
- User names and passwords
- X.509 certificates (smart cards)
- Passports
Note: Windows XP Home Edition stores only Remote Access
Services/Virtual Private Networking and Passport credentials. If you use a restricted user account to log on the computer, follow these steps: - Click Start, click Run, type Control Userpasswords2, and then press ENTER.
- Click the Advanced tab, and then click Manage Passwords.
The most common scenarios
for using Stored User Names and Passwords is when a user attempts to access one
of the following:
- Resources in an untrusted domain
- Resources with alternative credentials
- A Web site with a password
- A Web site with a certificate
To access these credentials in Control Panel:
- Windows XP Home Edition or Windows XP Professional in a
workgroup:
In the User Accounts tool, select the logged-on user
account. - Windows XP Professional in a domain:
In the User
Accounts tool, on the Advanced tab, click Manage Passwords.
In Stored User Names and Passwords, keys are created
dynamically and manually. DYNAMIC keys are created in the following
way:
- A user attempts to connect to
\\server\share.
- The user's logon credentials are attempted. If these do not
gain access, Stored User Names and Passwords prompts.
- Credentials are put in Stored User Names and Passwords
after it successfully connects, or if Cancel is clicked on a returned error message.
The following options are available for the Stored User Names
and Passwords prompt:
- Username
- Password
- Remember my password
MANUAL Keys are created in the following way:
- Start the Stored User Names and Passwords tool in Control
Panel.
- Click Add.
- Type the appropriate information in the boxes:
- Server: Use the hostname, FQDN, wildcards, and so forth.
- User Name: Domain\Username; Machine\Username; UPN.
- Password: Type the password.
Stored User Names and Passwords connection objects (keys) can
be created manually to various entities:
- specific resource:
server.domain.forest.com
- less specific set of resources:
*.domain.forest.com (all
resources in
domain.forest.com)
- very general set of resources:
*.forest.com (all resources in
forest.com)
If there are multiple credentials that can apply to a target
resource, Stored User Names and Passwords in Windows XP SP1 and later uses the
most specific credential. For example, a user attempts to connect to
\\ server, which is
server. domain. forest.com.
The user may have credentials for the server,
*. domain. forest.com, and
*. forest.com. In this scenario, the most specific
credential applicable is for the server itself, so that is the one
used.
For more information about Stored User Names and Passwords, click the following article number to view the article in the Microsoft Knowledge Base:
281249
Stored user names and password credentials are stored for the lifetime of the logon session
| Modification Type: | Major | Last Reviewed: | 7/11/2006 |
|---|
| Keywords: | kbinfo KB281660 |
|---|
|