Internet Explorer – AutoComplete Passwords

Tools>Internet Options>Content>AutoComplete

There you will see the option:  “Prompt Me to Save Passwords” and simply
checking it will
bring the prompt back at most web logins No sign of registry
involvement there at all,  but in fact, what you are really doing when you make
that
choice is editing this string value in the registry:

“FormSuggest PW Ask”

When you check the box, you are setting it to YES:

“FormSuggest PW Ask”=”yes”

If you uncheck the box, you are setting the value to NO

“FormSuggest PW Ask”=”no”

and you will never be prompted to save your password ever.

The main key that holds this value is here:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main

Just look in the right hand pane for the value “FormSuggest PW Ask” which will
be set to
either yes or no. If you prefer you can manually
change the value right there rather than via Internet Explorer by just double
clicking the
value and changing it to yes or no yourself.
This value can even be deleted. It will get recreated next time a choice is
made in IE or
at the prompt.

Passwords

So what happens when you click Yes to have your password remembered?
Again, a registry change occurs.

The password is stored at the SPW key (which stands for Saved PassWords).
The location is here:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\SPW

In the right hand pane of the SPW key you will see all your saved AutoComplete
controlled
passwords..
However, you won’t recognize them because they are encrypted, looking something
like this:

“7*J9PQR+U,?@6?Q”=dword:00000000
“97KTG3U[J:N+CBA”=dword:00000000

Secret – encrypted passwords and autocomplete info can be easily decrypted by
using
special password revealing utilities like Advanced Password
Recovery for IE, IE Password Revealer, and others.

If the non registry method doesn’t work to get a lost prompt back, you can try
manually
deleting the password associated with the particular login giving
you the problem, but chances are you have more than just a few passwords stored
there so
you can’t really tell which one is which. In that
case, the most obvious and easiest way would be to to delete all the encrypted
passwords
but if you have a lot of them and dread the thought
of having to enter your passwords again at each site where you previously used
to login to
automatically, then the best way is to back them up first,
then delete them like this:

1. Select the SPW key, click File>Export and then save it as a reg file (ie
spw.reg) to
your desktop or wherever you find convenient.
2. Once exported, right click the SPW key in the registry and choose Delete.
3. Login to the site that was your problem and enter your user name/password.
This time the dialog box will come up and you can choose Yes to remembering
your password.
4. Double click the reg export you made to merge it back into the registry.

Done!

But it was “NO”-  do NOT remember my password, that I mistakenly checked!

Secret – it makes no difference whether you chose YES or NO. Your password is
saved at the
SPW key regardless of your choice.
Saving your password is not the same as remembering it to Windows. When you
click NO, the
password has to exist so that Windows
will know what action to take with it (offer to remember it or not)  To
remember or not
remember is controlled by more complex binary
values hidden deep under the Protected Storage..  key
HKEY_CURRENT_USER\Software\Microsoft\Protected Storage System Provider
where all your AutoComplete info is held and though it is possible to hack
these values,
it is not something you can just turn on or off with
a simple yes or no.

If anyone is interested to know more about this, you can send an email to the
feedback
address below and the request will be considered.