Using Password Minder to Manage Your Passwords

I started using Password Minder almost immediately after reading about it in the July 2004 edition of MSDN Magazine. I don’t know about you, but trying to remember all of my various passwords for dozens of Web sites, numerous network accounts, VMs, etc. is really quite a nightmare. [I’m actually a little embarrassed to say that on more than one occasion I’ve had to hack one of my VMs in order to reset the password for a domain admin. This process definitely isn’t for the faint of heart, but it was better than having to rebuild my FABRIKAM domain from scratch.]

Instead I tend to use no more than three or four passwords that I can remember (and change every couple of months) and a whole bunch of randomly generated passwords that I rely on Password Minder to store securely.

Note that all of the service accounts used in the “Jameson Datacenter” (a.k.a. my home lab) use random 20 character passwords.

Hence, why I added Password Minder to my Toolbox years ago. [Thanks to Keith Brown for sharing this wonderful utility, as well as take the time to write about the internals of how it works.]

However, there were a few problems I had with the original Password Minder.

First, it didn’t like the fact that my Documents folder is redirected to a server. In other words, my encrypted password file is:

\\BEAST\Users$\jjameson\Documents\My Passwords.xml

Consequently, I encountered the following error when trying to save my password file:

Failed to save the password file. Here are the gory details:

GetVolumeInformation failed:
The filename, directory name, or volume label syntax is incorrect.

I discovered that I could avoid this error by clearing the Let Password Minder control the DACL checkbox in the Password Minder Options dialog window.

The next problem that I encountered was Password Minder throwing up on me (in other words, generating an unhandled IndexOutOfRangeException) when one of my passwords somehow ended up being an empty string (to this day I’m still not sure how that empty password managed to get saved to the file).

Thus I made a small change to line 381 of CryptMaster.cs. The original code was:

            if (null == record.EncryptedUserId) {

I changed this to:

            if (string.IsNullOrEmpty(record.EncryptedUserId) == true) {

The third problem (which I didn’t encounter until a few years later) was that Password Minder wouldn’t run on my Windows Vista x64 desktop.

Note that the original project settings specified Platform target: Any CPU and thus pwm.exe would generate a BadImageFormatException when trying to load the 32-bit NativeHelpers.dll.

Could not load file or assembly ‘NativeHelpers, Version=, Culture=neutral, PublicKeyToken=null’ or one of its dependencies. An attempt was made to load a program with an incorrect format.

This was easy enough to fix simply by setting Platform target to x86 and then recompiling.

So, why do I blog about Password Minder after all this time? Well, just this week I finally got around to incorporating it into my “Toolbox” Visual Studio solution that is scheduled to build daily using Team Foundation Server, and I discovered that my Team Foundation Build server wasn’t setup to build C++ projects, which is what I will blog about next.

Stay tuned…I need to eat some breakfast first 😉

Comments (5)

  1. yyp says:

    u are good !

    go on please!

    fashion jerseys

    fashion blog

  2. Mark says:

    I’ve used Password Minder for a couple of years.

    I’ve now tried to install it on Windows 7 Enterprise, but it fails on start up.

    I’ve tried various compatibility modes to no avail.

    Do I need to recompile it in VS 2010 on W7 to get it to work ( and do I need the C++ redistributable )?

    Or has W7 got something similar buitl-in???

  3. I didn’t have to recompile specifically for Windows 7. As I mentioned before, I encountered problems when originally moving to x64 Vista (due to the 32-bit NativeHelpers.dll in the original Password Minder). After migrating to Windows 7 (x64), Password Minder continued to work just fine.

    Note that I almost always do a "clean" install when upgrading from one version of an OS to another (which is definitely how I "upgraded" to Windows 7 from Windows Vista).

  4. Casey says:

    Thanks!  I just recently switched to Windows 7 (x64) and was lost without PasswordMinder.  I built (in VS2010) with Platform target to x86 and made the same small code change and now back up and running!

  5. Clinton Gallagher says:

    MAR 2011: Keith sent me the latest source but the above did not help me compile. I have 300+ passwords in pwm that will export to xml but pwm2cleartext won't parse them out. Bigtime Bummer. I'm going to look through the exported xml for an empty password.

    If anybody is still listening and can send a compiled copy of the executables for x64 Windows7 contact  csgallagher at metromilwaukee  dot com