Script for removing Stored Passwords

DoveSupport
DoveSupport used Ask the Experts™
on
Hi Expert Exchange,
 
Is there a way to remove stored passwords with a script because our users are restricted and we are having AD lockouts.


This would be a great help.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2013

Commented:
No script that I know of but others may chime in.  What are they having issues with.  Have you thought about adjusting your password policy if it is causing that much pain to the users?

Thanks


Mike
Steven CarnahanAssistant Vice President\Network Manager

Commented:
What is causing the lockout? If it is a when they are at the initial log in to the network then it should inform them that they need to change the password at that time. If that is the stored password then it will change what is stored as well.

IMHO: It is poor practice to store passwords in any case. It sort of defeats the purpose of having a password in the first place.
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
The user is getting locked out when logging on and using 3rd party software.
The stored passwords are a problem related to the proxy server, file share and Unix share's.
The problem is the password is stored but are not open to the user for when they put there username in it doesn't automatically add the password but windows dose keep a copy and that could be creating conflict.

Many Thanks
Most Valuable Expert 2011
Top Expert 2011
Commented:
I'm wondering if you disable the ability for the OS to store them, if it would still present ones still cached?

Disable Password Caching
http://www.pctools.com/guides/registry/detail/124/
Most Valuable Expert 2012
Top Expert 2014

Commented:
Have you tried CmdKey?
http://technet.microsoft.com/en-us/library/cc754243(WS.10).aspx

First run
cmdkey /list

and see if the problematic resources show up.  If so, I think that's your problem.  We've had sync issues with our Proxy because they set IE to remember their passwords too.

Regards,

Rob.

Author

Commented:
Many Thanks
Hi ,

  I am a new user , could anyone help me with a script , which can clear the stored passwords in multiple systems, when included in logon script. Thanks in advance..

Regards ,
Raju
Most Valuable Expert 2012
Top Expert 2014

Commented:
Hi, in a batch login script, you should be able to run
cmdkey /delete:*

to delete all stored passwords.

Rob.
Rob ,

Thanks for your response , If i want to push one script to all machines in the network , ( I can do that), i need the script which would delete all passwords stored in ms credential. however , will try you option too. Thanks a ton for reply
Most Valuable Expert 2012
Top Expert 2014

Commented:
Sure.  Play around with the cmdkey options.  Type cmkey /? and go through some syntaxes.  If you only want to delete ms* credentials, use
cmdkey /delete:ms*

Rob.
Thanks ROB..

Author

Commented:
I love the way our original ticket was hijacked for another !
My apology to the whole community , I didnt know , i had to create new ticket. I found another interresting command vaultcmd to read the password , thanks all..

Regards ,
Raju

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial