Windows 7 / Getting Started

Managing Usernames and Passwords with CmdKey

The CmdKey utility helps you manage username and passwords. Using this utility, you can display, create, and delete credentials as needed. However, this utility only works with the current user. In other words, the credentials you manage are for the current user, not for another user on the same system. To work with other users, you must first log in as that user. Consequently, this command works well with login batch files that perform tasks on the user's behalf, but not necessarily as a good tool for administering users at the command line.

A system can have two kinds of passwords managed by CmdKey. The first is generic passwords that you can use anywhere. For example, you might create a username and password to access a remote system using a Virtual Private Network (VPN). The second is domain passwords that you use to access a domain server. These password types appear in the Type field output when you list credentials for your system.

Displaying

The /list command line switch lets you list all of the credentials associated with the current account. This mode uses the following syntax:

cmdkey /list
cmdkey /list:targetname

The following list describes each of the command line arguments.

/list Displays all of the entries or only those that you specify with a target name.

targetname Defines a target credential. You use the name of the credential as the target. This command line argument doesn't allow wildcard characters, so you can only use it to list one credential at a time.

Creating

Creates a new domain or generic credential based on a username and password. Use the /add command line switch to create domain credentials and the /generic command line switch to create generic credentials. This mode uses the following syntax:

cmdkey /add:targetname /user:username /pass:password
cmdkey /add:targetname /user:username /pass
cmdkey /add:targetname /user:username
cmdkey /add:targetname /smartcard
cmdkey /generic:targetname /user:username /pass:password
cmdkey /generic:targetname /user:username /pass
cmdkey /generic:targetname /user:username
cmdkey /generic:targetname /smartcard

The following list describes each of the command line arguments.

/add Creates a domain credential.

/generic Creates a generic credential.

targetname Defines a target credential. You use the name of the credential as the target. This command line argument doesn't allow wildcard characters, so you can only use it to list one credential at a time.

/user:username Specifies the username used for login purposes. The username can include any qualifiers required to perform the login.

/pass or /pass:password Specifies the password used for login purposes. If you specify /pass without the password, the system prompts you for a password to use on the remote system. Unlike many password prompts, this prompt doesn't display the password characters as asterisks (*), so it's easy to make mistakes. Make sure you type the password carefully.

/smartcard Creates a password based on the content of a smartcard. The system prompts you to provide the smartcard as part of the input.

Deleting

You can't change a credential using the CmdKey utility. To change a credential, you must first delete the old credential and then create a new one. In addition, you'll likely find that you need to delete old credentials when you don't need them any longer. This mode uses the following syntax:

cmdkey /delete:targetname
cmdkey /delete /ras

The following list describes each of the command line arguments.

/delete:targetname Removes the specified credential. You must provide a target name unless you're deleting a Remote Access Server (RAS) credential.

/ras Specifies that you want to remove a RAS credential.

[Previous] [Contents] [Next]

In this tutorial:

  1. CMD and BAT Files
  2. Starting the Command Interpreter
  3. Using the CMD Switches
  4. Working with the Command Interpreter in the Registry
  5. Modifying Config.NT
  6. Displaying the Config.NT Commands
  7. Modifying AutoExec.NT
  8. Saving Memory Using the LH Command
  9. Defining Application Compatibility with the SetVer Utility
  10. Using Common DOS Utilities
  11. Formatting a Disk with the Format Utility
  12. Terminating a Session Using the Logoff Utility
  13. Managing Environment Variables with the Set Command
  14. Managing Environment Variables with the SetX Utility
  15. Using Debugging Utilities
  16. Working at the Command Prompt
  17. Managing Usernames and Passwords with CmdKey
  18. Changing Screen Colors with the Color Command
  19. Obtaining Command Line Help with the Help Utility
  20. Creating Batch Files
  21. Using the Choice Command
  22. Using the For Command
  23. Using the Goto Command
  24. Using the Prompt Command
  25. Using the WaitFor Utility