Home > Information > Blog > Show blog article
Show blog article
17.03.2017
Windows Password Recovery 11.2
Some improvements and speed optimization
27.01.2017
Wireless Password Recovery v4.0
This version can recover multiple handshakes simultaneously almost without speed loss
24.01.2017
Reset Windows Password v7.0.5
New features to recovery Internet and network passwords
27.12.2016
Happy New Year!
New Year greetings and holidays discount

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

What is Windows Vault?

09:15:43 19.10.2012 posted by Passcape_Admin at 09:15:43 19.10.2012

Amazingly, Windows Vault was first introduced to the public with the release of Windows 7, but there's still no normal information with its description on the net. The documentation on this interesting subject is either completely absent or, to say the least, is superficial. So, what is Vault?

Windows Vault is a protected storage for secrets, passwords and other personal information user or system.

Windows Vault has come to replace the outdated 'Credential Manager', which was used in the earlier versions of Windows. Vault has acquired a number of new features:

  • Backing up and restoring all passwords
  • Improved encryption system and portability to other systems
  • Improved programming interface
  • Manual creation and administration of Vault storages
Windows Vault

On the physical level, Vault is a disk-based folder with a set of the following files:

  • Policy.vpol - set of encryption keys for Vault credentials (records). These keys can be protected using two basic methods: either using DPAPI or using a specific user password. The latter protection method is not used in Windows 8 and currently is not supported by the software.
  • <GUID>.vsch - Vault schema that contains data description, flags and other system information.
  • <GUID>.vcrd - Vault credential that stores the original encrypted data associated with a certain schema. The data may consist of and normally consists of several fields. Description of the fields is stored in vsch file. AES algorithm is used to protect Vault credentials. Encryption/decryption key for the algorithm resides in policy.vpol file, salt is involved to prevent instant data recovery using rainbow-table-based attacks.

There are two types of Vault storage at the moment: system Vault and user Vault. The user Vault may be found at the following locations:

<USER_APP_DATA>/Microsoft/Vault/<GUID>
<USER_LOCAL_APP_DATA>/Microsoft/Vault/<GUID>
For example,
С:/Users/Helen/AppData/Roaming/Microsoft/Vault/4BF4C442-9B8A-41A0-B380-DD4A704DDB28
С:/Users/John/AppData/Local/Microsof/tVault/18289F5D-9783-43EC-A50D-52DA022B046E

Note that any user can create a custom Vault storage and save here a private data. Windows has VaultCmd.exe utility for managing custom Vaults.


System Vault by default resides in the following folders:

<SYSTEM_APP_DATA>/Microsoft/Vault/<GUID>
<SYSTEM_LOCAL_APP_DATA>/Microsoft/Vault/<GUID>
<PROGRAM_DATA>/Microsoft/Vault/<GUID>
For example,
С:/Windows/System32/config/systemprofile/AppData/Roaming/Microsoft/Vault/...
С:/Windows/System32/config/systemprofile/AppData/Local/Microsoft/Vault/...
C:/ProgramData/Microsoft/Vault/AC658CB4-9126-49BD-B877-31EEDAB3F204

Some of the folders have the system attribute set on, which makes the folders hidden in Windows Explorer.


So, Windows Vault is a structured storage for private data that has come to replace Credential Manager. Microsoft's another attempt to create a universal storage for secrets that Windows lacks so badly. We have written about this already.

Take a look at the following pictured sample on how to use Vault Explorer tool to recover Vault credentials offline.




 
Rating
Current rating RatingRatingRatingRatingRating
Avarage rating Ø 7.50
Number of votes 4
Your vote Rate this message: 1Rate this message: 2Rate this message: 3Rate this message: 4Rate this message: 5Rate this message: 6Rate this message: 7Rate this message: 8Rate this message: 9Rate this message: 10

Comments

There are no comments existing at the moment.
Add comment

Spamprotection