Credential Manager, a new item that you may have noticed in the Windows 7 control panel, stores login and password info that you have chosen to save.

Credential manager stores:

  • Website passwords.
  • FTP passwords
  • Terminal Services / Remote Desktop passwords
  • Runas credentials
  • Workgroup shared resource credentials
  • Certificates

It works in a similar way to the Keychain Access application included with Mac OS X and you will be able to use it to store passwords for future applications that are written for Windows 7. It also works with a number of today’s applications.

A cool feature of Credential Manager is the ability to update authentication details, changing login and password details as necessary. This vastly simplifies the process of rotating your passwords for all the web services you access. A big security risk people face is that they often use the same username and password combination for each forum or social networking site that they visit. That means that there only has to be a security breach at one forum and the passwords for all forums are lost. With credential manager you can use unique password for all forums and then update them without having to go through the hassle of having to have an e-mail sent out to you to remind you of what your old complex password was.

My favorite part of Credential Manager is that it allows you to backup all the credentials used on one computer and transfer them to another computer. I use complex passwords that are almost impossible to remember, which means that I tend to use certain web services on certain computers because I can’t remember the credential information so that I can log on to that service from another computer. Credential manager allows me to by backing up the Windows Vault and then restoring it on another computer – allowing me to ensure that each of my computers running Windows 7 (and I use a number of them) has access to the same set of stored credentials. The backup process is secured by forcing you to the secure desktop when entering the password used to encrypt the exported Windows Vault . You must go through the same secure desktop process to import the passwords on the destination computer.

Credential Manager is one of those small but cool features I’ve been waiting for. As I mentioned earlier, getting people to use separate complex passwords for the different websites that they use can be hard. They end up using the same password for all websites, which is a really big security risk. Credential Manager takes the hassle out of remembering complex passwords. It is a nifty feature and one that makes it hard to switch back to computers running earlier Windows operating systems.