WinCred UDF - Windows Credential Management API

[DonChunior]

Description

WinCred is a User Defined Function (UDF) library for AutoIt that provides a complete interface to the Windows Credential Management API. This UDF allows you to create, read, update, and delete credentials stored in the Windows Credential Manager, which is the same secure storage system used by Windows itself for storing passwords and other sensitive information.

Features

• Create and modify credentials using _WinCred_CredWrite
• Read credentials from the user's credential set with _WinCred_CredRead
• Delete credentials using _WinCred_CredDelete
• Support for all credential types (Generic, Domain Password, Certificates, etc.)
• Configurable persistence options (Session, Local Machine, Enterprise)
• Full Unicode support
• Comprehensive error handling with detailed error codes
• Complete example scripts for all functions
• Fully documented following AutoIt UDF standards

Functions

The UDF provides three main functions:

• _WinCred_CredWrite - Creates a new credential or modifies an existing credential in the user's credential set
• _WinCred_CredRead - Reads a credential from the user's credential set and returns an array with all credential information
• _WinCred_CredDelete - Deletes a credential from the user's credential set

All functions follow AutoIt's standard error handling mechanism. For detailed syntax, parameters, and return values, please refer to the function documentation in the UDF file.

Constants

All constants are defined in WinCredConstants.au3, including credential types ($CRED_TYPE_*), persistence options ($CRED_PERSIST_*), and flags ($CRED_PRESERVE_CREDENTIAL_BLOB). See the constants file for a complete list.

Quick Start Example

#include "WinCred.au3"

; Create a credential
Local $sTargetName = "MyApp-Credential"
Local $sUserName = "MyUsername"
Local $vPassword = Binary("MySecretPassword")

If _WinCred_CredWrite($sTargetName, $CRED_TYPE_GENERIC, $sUserName, $vPassword) Then
    ConsoleWrite("Credential created successfully!" & @CRLF)
Else
    ConsoleWrite("Error creating credential: " & @error & @CRLF)
EndIf

; Read the credential
Local $aCredential = _WinCred_CredRead($sTargetName, $CRED_TYPE_GENERIC)
If Not @error Then
    ConsoleWrite("TargetName: " & $aCredential[0] & @CRLF)
    ConsoleWrite("UserName: " & $aCredential[2] & @CRLF)
    ConsoleWrite("Blob Size: " & BinaryLen($aCredential[3]) & " bytes" & @CRLF)
EndIf

; Delete the credential
_WinCred_CredDelete($sTargetName, $CRED_TYPE_GENERIC)

Example Scripts

The UDF includes complete example scripts in the Examples directory:

• _WinCred_CredWrite.au3 - Demonstrates creating credentials with different persistence settings
• _WinCred_CredRead.au3 - Shows how to read credentials and display all available information
• _WinCred_CredDelete.au3 - Demonstrates deleting credentials and verifying deletion

All examples are fully commented and follow AutoIt best practices.

Security Notes

• Credentials are stored securely in the Windows Credential Manager
• The CredentialBlob should contain binary data (use Binary() function)
• For sensitive data, consider encrypting the blob before storing

Documentation

Full function documentation is included in the UDF file following AutoIt UDF standards. The UDF is compatible with AutoIt's built-in help file system.

License

This UDF is released under the MIT License. See the LICENSE file for details.

Changelog

See CHANGELOG.md for a complete list of changes.

Links

• GitHub Repository: https://github.com/DonChunior/WinCred-UDF
• Microsoft Documentation: https://learn.microsoft.com/en-us/windows/win32/api/wincred/