Windows 8 App Development – Using the Credential Locker

Jared Johnson, 10 June 2013

If you need to store usernames and passwords for your Windows 8 app, Windows 8 has a great new feature to make this easier – the Credential Locker. The Credential Locker stores user information encrypted, and is only available to be accessed on a per app baises: If your app saves a password to the Credential Locker only your app can access it, likewise you cannot access passwords saved by other apps. Another great feature is that the Credential Locker can roam with the users Microsoft Account to other Windows 8 machines they use.

Storing a username and password to the Credential Locker is easy. First create the PasswordVault object, and then add a PasswordCredential object that contains the name of your app and the username and password.

Deleting a stored username and password is very similar to storing one. Instead of using the Add method of the Password vault the Remove() method is used instead.

To retrieve a username and password from the Credential Locker the PasswordVault object has 4 methods – the RetrieveAll() method which retrieves all usernames and passwords that have been stored by your app, the Retrieve() method which will return a specific credential based on the username and resource name and the FindAllByUserName() and FindAllByResource methods, which return all credentials for that username or resource name respectively.

In the above example all the credentials are retrieved that are stored with the resource name of the app, the first credential returned is then used to provide the username and password to another method.