Retrieve credentials from Windows Credentials Store using C#
There is a NuGet library that I've been using, called CredentialManagement.
The usage is pretty simple. I wrapped it a little, but I probably didn't need to:
public static class CredentialUtil
{
public static UserPass GetCredential(string target)
{
var cm = new Credential {Target = target};
if (!cm.Load())
{
return null;
}
// UserPass is just a class with two string properties for user and pass
return new UserPass(cm.Username, cm.Password);
}
public static bool SetCredentials(
string target, string username, string password, PersistanceType persistenceType)
{
return new Credential {Target = target,
Username = username,
Password = password,
PersistanceType = persistenceType}.Save();
}
public static bool RemoveCredentials(string target)
{
return new Credential { Target = target }.Delete();
}
}
Sample usage:
CredentialUtil.SetCredentials("FOO", "john", "1234", PersistanceType.LocalComputer);
var userpass = CredentialUtil.GetCredential("FOO");
Console.WriteLine($"User: {userpass.Username} Password: {userpass.Password}");
CredentialUtil.RemoveCredentials("FOO");
Debug.Assert(CredentialUtil.GetCredential("FOO") == null);
If you're interested in implementing it yourself, browse the source: http://credentialmanagement.codeplex.com/SourceControl/latest
The trick is that there is no C# API into the Credential Manager. This library wraps the other .dll entry points nicely. :-)
This works from a Windows Server 2012. I don't have a Windows 8 box to test from.
Using Windows 8 WinRT APIs in .NET Desktop Applications
In short
- Unload project file
- Edit it
- Add <TargetPlatformVersion>8.0</TargetPlatformVersion> to the PropertyGroup part
- Add reference to Windows.Security (you'll have a list of Windows Libraries)
- Add
System.Runtime.WindowsRuntime.dlllocated inC:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETCore\v4.5
You can then use this (from here):
private string resourceName = "My App";
private string defaultUserName;
private void Login()
{
var loginCredential = GetCredentialFromLocker();
if (loginCredential != null)
{
// There is a credential stored in the locker.
// Populate the Password property of the credential
// for automatic login.
loginCredential.RetrievePassword();
}
else
{
// There is no credential stored in the locker.
// Display UI to get user credentials.
loginCredential = GetLoginCredentialUI();
}
// Log the user in.
ServerLogin(loginCredential.UserName, loginCredential.Password);
}
private Windows.Security.Credentials.PasswordCredential GetCredentialFromLocker()
{
Windows.Security.Credentials.PasswordCredential credential = null;
var vault = new Windows.Security.Credentials.PasswordVault();
var credentialList = vault.FindAllByResource(resourceName);
if (credentialList.Count > 0)
{
if (credentialList.Count == 1)
{
credential = credentialList[0];
}
else
{
// When there are multiple usernames,
// retrieve the default username. If one doesn’t
// exist, then display UI to have the user select
// a default username.
defaultUserName = GetDefaultUserNameUI();
credential = vault.Retrieve(resourceName, defaultUserName);
}
}
return credential;
}
The answer from Randy uses System.String to store the password, which is unsafe. You will want to use System.Security.SecureString for that purpose.
You would be better off if you just read Credential Management with the .NET Framework 2.0.