Hi,
I'm writing an application which needs to store login data for multiple (XMPP) accounts on Windows.
Currently the application stores them in Windows' "Stored User Names and Passwords" using CredRead and CredWrite. And here is the problem: The login name for an XMPP account cannot be changed (it's the account's JID), but Windows only stores user name/password pairs under a given target name. I use something like "xmpp:[email protected]" for the target name and don't use the user name at all during login. The user can't even set the user name from within the application (it will be set to "[email protected]" automatically instead).
Now I would like to prevent the user name to be changed to something different by the user (using control panel or rundll32.exe keymgr.dll, KRShowKeyMgr) or an other application as this is currently possible and somehow confusing because the actual value is ignored anyway. If I open up the "Stored User Names and Passwords" dialog (using rundll32.exe keymgr.dll, KRShowKeyMgr), the entries which are created by my application are listed as "xmpp:[email protected] (LegacyGeneric)" and can be edited using the "Edit..." button.
The list contains also an entry for Windows Live (listed as "[email protected] (WindowsLive)"), whose user name cannot be changed (trying so will bring up a message box saying: "Windows cannot save the logon information. Make sure the information is correct and that all required fields are completed.".
And here is (finally) my question: Can I get this behavior for my application as well? How can I change the credential type to something different than "LegcyGeneric"? Or is there a better way to store only the password for a given login name (maybe using Windows Data Protection), while still using some "standard" Windows way of storing them?
Any hints and answers are appreciated.