How to configure Windows VPN to not save *Session password?
So I have a standard PPTP VPN connection in Windows (8 or 10, behavior is the same). When I connect to the VPN, I'm using a standard username/password combination, not a Windows password and not my machine login password.
The trouble is Windows will save that password as *Session and I have to go remove it from "Manage network passwords" every time I connect or I will lose the ability to connect to any of my regular servers via SMB because it tries to log into those servers using the VPN password.
I've searched around and can find almost no other information about this.
windows vpn credentials
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
add a comment |
So I have a standard PPTP VPN connection in Windows (8 or 10, behavior is the same). When I connect to the VPN, I'm using a standard username/password combination, not a Windows password and not my machine login password.
The trouble is Windows will save that password as *Session and I have to go remove it from "Manage network passwords" every time I connect or I will lose the ability to connect to any of my regular servers via SMB because it tries to log into those servers using the VPN password.
I've searched around and can find almost no other information about this.
windows vpn credentials
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13
add a comment |
So I have a standard PPTP VPN connection in Windows (8 or 10, behavior is the same). When I connect to the VPN, I'm using a standard username/password combination, not a Windows password and not my machine login password.
The trouble is Windows will save that password as *Session and I have to go remove it from "Manage network passwords" every time I connect or I will lose the ability to connect to any of my regular servers via SMB because it tries to log into those servers using the VPN password.
I've searched around and can find almost no other information about this.
windows vpn credentials
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
So I have a standard PPTP VPN connection in Windows (8 or 10, behavior is the same). When I connect to the VPN, I'm using a standard username/password combination, not a Windows password and not my machine login password.
The trouble is Windows will save that password as *Session and I have to go remove it from "Manage network passwords" every time I connect or I will lose the ability to connect to any of my regular servers via SMB because it tries to log into those servers using the VPN password.
I've searched around and can find almost no other information about this.
windows vpn credentials
windows vpn credentials
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
asked Jul 30 '15 at 20:06
CoreyHCoreyH
745711
745711
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13
add a comment |
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13
add a comment |
3 Answers
3
active
oldest
votes
On Windows 7 you were able to control this via either registry or Connection Manager Admin Kit
The registry to edit is:
User Key:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettings]
Value Name: DisablePasswordCaching
Data Type: REG_DWORD
(DWORD Value) Value Data: (0 = default, 1 = disable password cache)
Alternatively you can clear the password by right click (but still every time)
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
add a comment |
Check this link:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication
Some of the caveats are listed above. The setting is found by going to Control Panel->Administrative Tools->Local Security Policies.
Then open: Local Policies->Security Options->Network access: Do not allow storage of passwords and credentials for network authentication
Set it to Enabled
This is not as narrow a setting as you might like, and may not apply to your situation. But for me it prevents our laptop users on laptops from saving their VPN credentials.
At first glance it does not appear to work; it does not prevent the check box from appearing, and the user name appears to be saved in the setup window, but after setup, the VPN connection always prompts for credentials.
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
add a comment |
On destination server open The Local Group Policy Editor
Go to:
User Configuration | Administrative Templates | Windows Components | Remote Desktop Services
Select the Remote Desktop Connection Client item under Remote Desktop Services. In the Setting list on the right, double-click on the Do not allow passwords to be saved setting. Set it to enable.
Now the password will not be saved.
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f947832%2fhow-to-configure-windows-vpn-to-not-save-session-password%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
On Windows 7 you were able to control this via either registry or Connection Manager Admin Kit
The registry to edit is:
User Key:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettings]
Value Name: DisablePasswordCaching
Data Type: REG_DWORD
(DWORD Value) Value Data: (0 = default, 1 = disable password cache)
Alternatively you can clear the password by right click (but still every time)
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
add a comment |
On Windows 7 you were able to control this via either registry or Connection Manager Admin Kit
The registry to edit is:
User Key:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettings]
Value Name: DisablePasswordCaching
Data Type: REG_DWORD
(DWORD Value) Value Data: (0 = default, 1 = disable password cache)
Alternatively you can clear the password by right click (but still every time)
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
add a comment |
On Windows 7 you were able to control this via either registry or Connection Manager Admin Kit
The registry to edit is:
User Key:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettings]
Value Name: DisablePasswordCaching
Data Type: REG_DWORD
(DWORD Value) Value Data: (0 = default, 1 = disable password cache)
Alternatively you can clear the password by right click (but still every time)
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
On Windows 7 you were able to control this via either registry or Connection Manager Admin Kit
The registry to edit is:
User Key:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternetSettings]
Value Name: DisablePasswordCaching
Data Type: REG_DWORD
(DWORD Value) Value Data: (0 = default, 1 = disable password cache)
Alternatively you can clear the password by right click (but still every time)
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
answered Aug 11 '15 at 20:24
TomEusTomEus
3,1301329
3,1301329
add a comment |
add a comment |
Check this link:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication
Some of the caveats are listed above. The setting is found by going to Control Panel->Administrative Tools->Local Security Policies.
Then open: Local Policies->Security Options->Network access: Do not allow storage of passwords and credentials for network authentication
Set it to Enabled
This is not as narrow a setting as you might like, and may not apply to your situation. But for me it prevents our laptop users on laptops from saving their VPN credentials.
At first glance it does not appear to work; it does not prevent the check box from appearing, and the user name appears to be saved in the setup window, but after setup, the VPN connection always prompts for credentials.
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
add a comment |
Check this link:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication
Some of the caveats are listed above. The setting is found by going to Control Panel->Administrative Tools->Local Security Policies.
Then open: Local Policies->Security Options->Network access: Do not allow storage of passwords and credentials for network authentication
Set it to Enabled
This is not as narrow a setting as you might like, and may not apply to your situation. But for me it prevents our laptop users on laptops from saving their VPN credentials.
At first glance it does not appear to work; it does not prevent the check box from appearing, and the user name appears to be saved in the setup window, but after setup, the VPN connection always prompts for credentials.
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
add a comment |
Check this link:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication
Some of the caveats are listed above. The setting is found by going to Control Panel->Administrative Tools->Local Security Policies.
Then open: Local Policies->Security Options->Network access: Do not allow storage of passwords and credentials for network authentication
Set it to Enabled
This is not as narrow a setting as you might like, and may not apply to your situation. But for me it prevents our laptop users on laptops from saving their VPN credentials.
At first glance it does not appear to work; it does not prevent the check box from appearing, and the user name appears to be saved in the setup window, but after setup, the VPN connection always prompts for credentials.
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
Check this link:
https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-access-do-not-allow-storage-of-passwords-and-credentials-for-network-authentication
Some of the caveats are listed above. The setting is found by going to Control Panel->Administrative Tools->Local Security Policies.
Then open: Local Policies->Security Options->Network access: Do not allow storage of passwords and credentials for network authentication
Set it to Enabled
This is not as narrow a setting as you might like, and may not apply to your situation. But for me it prevents our laptop users on laptops from saving their VPN credentials.
At first glance it does not appear to work; it does not prevent the check box from appearing, and the user name appears to be saved in the setup window, but after setup, the VPN connection always prompts for credentials.
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
edited Feb 5 at 16:21
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
answered Feb 5 at 16:10
Mac-n-MacMac-n-Mac
11
11
add a comment |
add a comment |
On destination server open The Local Group Policy Editor
Go to:
User Configuration | Administrative Templates | Windows Components | Remote Desktop Services
Select the Remote Desktop Connection Client item under Remote Desktop Services. In the Setting list on the right, double-click on the Do not allow passwords to be saved setting. Set it to enable.
Now the password will not be saved.
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
add a comment |
On destination server open The Local Group Policy Editor
Go to:
User Configuration | Administrative Templates | Windows Components | Remote Desktop Services
Select the Remote Desktop Connection Client item under Remote Desktop Services. In the Setting list on the right, double-click on the Do not allow passwords to be saved setting. Set it to enable.
Now the password will not be saved.
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
add a comment |
On destination server open The Local Group Policy Editor
Go to:
User Configuration | Administrative Templates | Windows Components | Remote Desktop Services
Select the Remote Desktop Connection Client item under Remote Desktop Services. In the Setting list on the right, double-click on the Do not allow passwords to be saved setting. Set it to enable.
Now the password will not be saved.
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
On destination server open The Local Group Policy Editor
Go to:
User Configuration | Administrative Templates | Windows Components | Remote Desktop Services
Select the Remote Desktop Connection Client item under Remote Desktop Services. In the Setting list on the right, double-click on the Do not allow passwords to be saved setting. Set it to enable.
Now the password will not be saved.
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
answered Aug 6 '15 at 6:59
integratorITintegratorIT
670615
670615
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
add a comment |
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
1
1
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
I don't think this is it - this refers to remote desktop and I'm talking about vpn and the windows session password for browsing network shares.
– CoreyH
Aug 7 '15 at 18:17
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
aren't You authenticating vpn users with local or active directory users?
– integratorIT
Sep 28 '15 at 12:58
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f947832%2fhow-to-configure-windows-vpn-to-not-save-session-password%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Found a 7 year old post that seems related, but I don't think Windows uses PBK files for VPNs anymore social.technet.microsoft.com/Forums/windows/en-US/…
– CoreyH
Jul 30 '15 at 20:13
I've just tried this, from that post: "1. Locate the .pbk file that contains the entry that you dial. To do so, click Start, type *.pbk in the Research Bar, and then press Enter. 2. Open the file in Notepad. 3. Locate the following entry: UseRasCredentials=1 4. Modify the entry to the following: UseRasCredentials=0 5. On the File menu, click Save, and the click Exit." -on Windows 10 1803 and it worked.
– colmob
Oct 10 '18 at 6:13