Remember password not working

Got a problem with Viscosity or need help? Ask here!

programcsharp

Posts: 2
Joined: Sat Feb 11, 2023 11:21 pm

Post by programcsharp » Sat Feb 11, 2023 11:24 pm
The VPN client itself is working great -- love Viscosity, makes stuff very simple!

But remember password doesn't seem to work for very long. It does work sometimes, but a few hours or days later it forgets the password and I have to enter it again. Then it saves for a bit and later looses the password again.

I'm on Windows 11 Pro, 22H2, build 22621.1194.

Is there some Windows security feature that might be clearing saved passwords or data protection credentials, or some other possibility that's affecting this? Some log I can check to see exactly what happened when the creds are lost?

Aaron

Posts: 26
Joined: Wed Nov 30, 2022 2:53 pm

Post by Aaron » Mon Feb 13, 2023 1:24 pm
Hi,

I recommend checking whether your saved details are actually being lost, or whether the OpenVPN server you are connecting to is occasionally rejecting them. The more common case is that the OpenVPN server rejects your connection attempt (not necessarily due to a wrong username/password) with an AUTH_FAILED message, causing Viscosity to re-prompt you for new details. If this is occurring generally you'll see an AUTH_FAILED message in the connection log:
https://www.sparklabs.com/support/kb/ar ... th_failed/

If you're sure the saved credentials are being lost, then it likely points to something modifying, deleting, or preventing changes to Viscosity’s encrypted credential storage file. This file is located at C:\Users\<user>\AppData\Roaming\Viscosity\LoginInfo.xml

I recommend you try exiting Viscosity, deleting this file, and then re-opening Viscosity and let it re-create the file when you save the password.

If that’s still not working, then it may be endpoint security software causing issues (such as local security software, antivirus software, and enterprise management software). Any such software could be quarantining the file for some reason, or preventing changes. Please try temporarily disabling/removing any such software and see if the issue persists.

Regards,
Aaron
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs

programcsharp

Posts: 2
Joined: Sat Feb 11, 2023 11:21 pm

Post by programcsharp » Mon Mar 13, 2023 12:47 am
Thanks for the details. Yes, it seems like the passwords are being lost, but the problem seems to be the crypto key used for the LoginInfo.xml file changes from time to time.

What's used for encryption, is it a Windows data protection key? And what could make that change? Maybe not something in Viscosity, but Windows rotating data keys for some reason?

I pulled a copy of LoginInfo.xml a week ago. Everything continued to work for a week, passwords were saved etc. Then today, I went to go and log in and the password wasn't saved. I checked the file and it hasn't changed since I made the copy, so the only thing I can think is the crypto key changed somehow.

Aaron

Posts: 26
Joined: Wed Nov 30, 2022 2:53 pm

Post by Aaron » Mon Mar 13, 2023 6:07 pm
What's used for encryption, is it a Windows data protection key? And what could make that change? Maybe not something in Viscosity, but Windows rotating data keys for some reason?
Yes, Viscosity uses DPAPI for secure storage of saved details. It would be highly unusual for the master encryption key for your Windows account to be unexpectedly changing - it may point to a hardware problem or a problem with the Windows install. It would be a good idea to rule out any of the other possibilities first, as they are more likely to be the cause. If there is a DPAPI problem on your computer you would also be seeing the same issue with other software that uses DPAPI as well.

Windows generates your local user DPAPI encryption keys from your Windows account's password. However changing your Windows password will not break DPAPI as it maintains a list of past password hashes. The only exception is if your password is changed in a way where these past hashes are not stored (i.e. resetting your password using sys admin commands like "net user" or the Local User and Group Management console to reset the password).

Regards,
Aaron
Web: https://www.sparklabs.com
Support: https://www.sparklabs.com/support
Twitter: https://twitter.com/sparklabs
4 posts Page 1 of 1