DvSchemaSync stores all connection credentials securely using Windows Credential Manager. This ensures your Client Secrets, passwords, and other sensitive information are never stored in plain text files.
How Credentials Are Stored
When you save a connection in DvSchemaSync, the credentials are encrypted and stored in Windows Credential Manager under your Windows user profile. This provides:
Encryption: Credentials are encrypted using Windows Data Protection API (DPAPI)
User isolation: Only your Windows account can access the stored credentials
No plain text: Credentials are never written to configuration files or logs
Viewing Stored Credentials
To view credentials stored by DvSchemaSync:
- Open Windows Credential Manager (search for "Credential Manager" in the Start menu).
- Select Windows Credentials.
- Look for entries beginning with "DvSchemaSync:".
- Click an entry to expand it and view details (passwords are hidden by default).
Removing Stored Credentials
Credentials are automatically removed when you delete a connection in DvSchemaSync. To manually remove credentials:
- Open Windows Credential Manager.
- Select Windows Credentials.
- Find the DvSchemaSync entry you want to remove.
- Click Remove.
- Confirm the removal.
⚠ Note: If you uninstall DvSchemaSync, stored credentials in Windows Credential Manager are not automatically removed, ensure you remove connections prior to uninstalling DvSchemaSync.
Security Best Practices
• Lock your Windows account when stepping away from your computer
• Rotate your App Registration Client Secrets periodically
• Remove connections you no longer need
• Set calendar reminders for Client Secret expiration dates