Windows Vista can store essential network and Web
site passwords for the current user. These passwords are stored in an
electronic key ring that provides easy logon to essential resources,
wherever they might be located. If you find that a user frequently has
problems logging on to password-protected resources, such as the
company intranet or an external Internet site, you can create a key
ring for that user. To do this, you create a logon session for each resource. This logon session includes the resource location, logon account name, and password.
The following sections examine techniques for adding, editing, and removing key ring entries.
Adding Key Ring Entries
Each user account has a unique key ring. Entries
in the key ring are stored in the user's profile settings and contain
information needed to log on to password-protected resources. If you
are logged on to a domain account when you create a key ring entry, and
the account has a roaming profile (instead of a local or mandatory
profile), the information stored in the key ring entry is available
when you log on to any computer in the domain. Otherwise, the
information in the key ring entry is only available on the specific
computer on which you create the entry.
To add an entry to the current logged-on user's key ring, follow these steps:
-
Log on as the user whose key ring entries you
want to manage. In Control Panel, click User Accounts and then click
User Accounts again. This displays the User Accounts page.
-
In the left pane, click Manage Your Network Passwords.
-
The Stored User Names And Passwords dialog box appears, and you'll see a list of current entries if there are any.
-
Click Add and then use the Stored Credential
Properties dialog box to configure the resource location, logon account
name, and password (as shown in Figure 1). The available fields are as follows:
-
q Log On To The network or Internet resource for which you are configuring the key ring entry. This can be an actual server name, such as http://www.technology.microsoft.com, or it can be an address containing a wildcard, such as http://www.*.microsoft.com.
When you use a fully qualified domain name, the entry is used for
accessing a specific server or service. When you use a wildcard, the
entry is used for any server in the domain. For example, the entry http://www.*.microsoft.com could be used to access http://www.microsoft.com, http://www.ftp.microsoft.com, http://www.smtp.microsoft.com, and http://www.extranet.microsoft.com.
-
q User Name The user
name required by the server, including any necessary domain qualifiers.
For a Windows domain, type the full domain account name such as
Technology\WILLIAMS. For an Internet service, type the full service
account name, such as WILLIAMS@msn.com.
-
q Password The
password required by the server. One of the things most users forget is
that whenever they change their password on the server or service, they
must also change their password on their key ring. If a user forgets
to change the password on the key ring, repeated attempts to log on or
connect to the server or service might result in the account being
locked.
-
q Credential Type
Choose the appropriate credential type for the resource to which you
are logging on. For a Windows domain resource, choose A Windows Logon
Credential. For a Web site or Web application, choose A Web Site Or
Program Credential.
Figure 1: Create the key ring entry by setting the necessary logon information.
-
Click OK.
| Note |
Remind users that Windows Vista makes it easy to
maintain service and key ring passwords. To update the key ring and the
service password at the same time, use the Change feature of the Logon
Information Properties dialog box. See the "Editing Key Ring Entries" section of this chapter for details.
|
Editing Key Ring Entries
You can edit key ring entries at any time, but
keep in mind that local key ring entries are visible only on the
computer on which they were created. This means that if you want to
modify an entry, you must log on to the local workstation where it was
created. The only exception is for users with roaming profiles. When a
user has a roaming profile, key ring entries can be edited from any
computer where the user is logged on.
Use the following steps to edit a user's key ring entries:
-
Log on as the user whose key ring entries you
want to manage. In Control Panel, click User Accounts and then click
User Accounts again. This displays the User Accounts page.
-
In the left pane, click Manage Your Network Passwords.
-
In the Stored User Names And Passwords dialog
box, you'll see a list of current entries. Select the entry you want to
modify and then click Edit.
-
Change the logon account name and password as necessary.
-
Click OK.
| Tip |
If you want to change your password for a service
and update the logon information to use the new password, click Change.
Type your current password in the Old Password field. Then specify and
confirm your new password using the fields provided. Complete the
process by clicking OK. If there are multiple entries for this same
account in the current domain, the other entries are automatically
updated as well. This means you don't have to change the password
associated with these entries.
|
Removing Key Ring Entries
When a user no longer needs a key ring entry, you should remove it. To remove a user's key ring entry, follow these steps:
-
Log on as the user whose key ring entries you
want to manage. In Control Panel, click User Accounts and then click
User Accounts again. This displays the User Accounts page.
-
In the left pane, click Manage Your Network Passwords.
-
In the Stored User Names And Passwords dialog
box, you'll see a list of current entries. Select the entry you want to
delete and then click Remove. When prompted to confirm the action,
click OK.
As stated previously, local key ring entries can
be removed only on the computer on which they were created. When a user
has a roaming profile, though, key ring entries can be deleted from any
computer where the user is logged on.
|
