Home > Information > Blog > Show blog article
Show blog article
01.03.2024
New blog post
Dumping the history of users' IP addresses in Windows
20.02.2024
Reset Windows Password v14.1
IP addresses history viewer, fast disk search, local security editor and some more
02.01.2024
Wireless Password Recovery v6.9.0
A revision of the GPU health monitor along with some minor updates
23.12.2023
HAPPY NEW YEAR!
Happy New Year greetings and holidays discount

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

What is Windows Vault?

09:15:43 19.10.2012 posted by Passcape_Admin at 09:15:43 19.10.2012

Amazingly, Windows Vault was first introduced to the public with the release of Windows 7, but there's still no normal information with its description on the net. The documentation on this interesting subject is either completely absent or, to say the least, is superficial. So, what is Vault?

Windows Vault is a protected storage for secrets, passwords and other personal information user or system.

Windows Vault has come to replace the outdated 'Credential Manager', which was used in the earlier versions of Windows. Vault has acquired a number of new features:

  • Backing up and restoring all passwords
  • Improved encryption system and portability to other systems
  • Improved programming interface
  • Manual creation and administration of Vault storages
Windows Vault

On the physical level, Vault is a disk-based folder with a set of the following files:

  • Policy.vpol - set of encryption keys for Vault credentials (records). These keys can be protected using two basic methods: either using DPAPI or using a specific user password. The latter protection method is not used in Windows 8 and currently is not supported by the software.
  • <GUID>.vsch - Vault schema that contains data description, flags and other system information.
  • <GUID>.vcrd - Vault credential that stores the original encrypted data associated with a certain schema. The data may consist of and normally consists of several fields. Description of the fields is stored in vsch file. AES algorithm is used to protect Vault credentials. Encryption/decryption key for the algorithm resides in policy.vpol file, salt is involved to prevent instant data recovery using rainbow-table-based attacks.

There are two types of Vault storage at the moment: system Vault and user Vault. The user Vault may be found at the following locations:

<USER_APP_DATA>/Microsoft/Vault/<GUID>
<USER_LOCAL_APP_DATA>/Microsoft/Vault/<GUID>
For example,
С:/Users/Helen/AppData/Roaming/Microsoft/Vault/4BF4C442-9B8A-41A0-B380-DD4A704DDB28
С:/Users/John/AppData/Local/Microsof/tVault/18289F5D-9783-43EC-A50D-52DA022B046E

Note that any user can create a custom Vault storage and save here a private data. Windows has VaultCmd.exe utility for managing custom Vaults.


System Vault by default resides in the following folders:

<SYSTEM_APP_DATA>/Microsoft/Vault/<GUID>
<SYSTEM_LOCAL_APP_DATA>/Microsoft/Vault/<GUID>
<PROGRAM_DATA>/Microsoft/Vault/<GUID>
For example,
С:/Windows/System32/config/systemprofile/AppData/Roaming/Microsoft/Vault/...
С:/Windows/System32/config/systemprofile/AppData/Local/Microsoft/Vault/...
C:/ProgramData/Microsoft/Vault/AC658CB4-9126-49BD-B877-31EEDAB3F204

Some of the folders have the system attribute set on, which makes the folders hidden in Windows Explorer.


So, Windows Vault is a structured storage for private data that has come to replace Credential Manager. Microsoft's another attempt to create a universal storage for secrets that Windows lacks so badly. We have written about this already.

Take a look at the following pictured sample on how to use Vault Explorer tool to recover Vault credentials offline.




 
Rating
Current rating RatingRatingRatingRatingRating
Avarage rating Ø 8.13
Number of votes 8
Your vote Rate this message: 1Rate this message: 2Rate this message: 3Rate this message: 4Rate this message: 5Rate this message: 6Rate this message: 7Rate this message: 8Rate this message: 9Rate this message: 10

Comments

There are no comments existing at the moment.
Add comment

Spamprotection