- RouterPassView - Recover passwords from the config file of the router.
- Mail PassView - Recover POP3/IMAP/SMTP email passwords.
- IEHistoryView - Internet Explorer History Viewer
- PasswordFox - Reveal the passwords stored in Firefox.
IE PassView is a small password management utility that reveals the passwords stored by Internet Explorer Web browser, and allows you to delete passwords that you don't need anymore. It supports all versions of Internet Explorer, from version 4.0 and up to 11.0.
For each password that is stored by Internet Explorer, the following information is displayed: Web address, Password Type (AutoComplete, Password-Protected Web Site, or FTP), Storage Location (Registry, Credentials File, or Protected Storage), and the user name/password pair. You can select one or more items from the passwords list and export them into text/html/csv/xml file.
- Version 1.32
- Removed the command-line options that export the passwords to a file from the official version. A version of this tool with full command-line support will be posted on separated Web page.
- Version 1.31
- Improved the password decryption on IE10 / Windows 7.
- Version 1.30
- Added support for extracting the passwords of Internet Explorer 10.
- Version 1.26
- Fixed bug: IE PassView didn't display https AutoComplete passwords of IE6.
- Version 1.25
- Added an option to export the passwords into KeePass csv file (In 'Save Selected Items'). You can use the created csv file to easily import your Web site passwords into KeePass password manager.
- Added 'Add Header Line To CSV/Tab-Delimited File' option. When this option is turned on, the column names are added as the first line when you export to csv or tab-delimited file.
- You can now send the IE passwords list to stdout by specifying an empty filename ("") in the command-line of all save parameters.
Using IE PassView
IE PassView doesn't require any installation process or additional DLLs. In order to start using it, just copy the executable file (iepv.exe) to any folder like, and run it. After running iepv.exe, IE PassView scans all Internet Explorer passwords in your system, and display them on the main window.
Types Of PasswordsIE PassView utility can recover 3 types of passwords:
- AutoComplete Passwords. When you enter a Web page that contains a form with user/password fields and a login button, Internet Explorer may ask you if you want to save the password, after pressing the login button. If you choose to save the password, the password is saved as AutoComplete password.
- HTTP Authentication Passwords. Some Web sites allow the user to enter only after typing user and password in a separated dialog-box. If you choose to save the password in this login dialog-box, the password is saved as HTTP authentication password.
- FTP Passwords. Simply the passwords of FTP addresses (ftp://. )
Password Storage LocationsInternet Explorer stores the passwords in different locations, depending on the version of IE, and the type of the password:
- Protected Storage. The 'Protected Storage' is a special secret location in the Registry that was used to store all the passwords of Internet Explorer in versions 4.0 - 6.0
- Registry (Storage2 Key). Starting from version 7.0 of IE, all AutoComplete passwords are stored in HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2 Registry key. The passwords are encrypted with a key created from the Web site address, so it's not possible to get the password without knowing the Web site address.
- Credentials File. Starting from version 7.0 of IE, HTTP authentication passwords are saved in the Credentials file of Windows, together with other network/login passwords. The Credentials file is located in the following locations:
- Windows XP/2003. [Windows Profile]\Application Data\Microsoft\Credentials\[User SID]\Credentials and [Windows Profile]\Local Settings\Application Data\Microsoft\Credentials\[User SID]\Credentials
- Windows Vista. [Windows Profile]\AppData\Roaming\Microsoft\Credentials\[Random ID] and [Windows Profile]\AppData\Local\Microsoft\Credentials\[Random ID]
Known Issues With Internet Explorer 7.0/8.0/9.0
Starting from version 7.0 of Internet Explorer, Microsoft completely changed the way that passwords are saved. In previous versions (4.0 - 6.0), all passwords were saved in a special location in the Registry known as the "Protected Storage".In version 7.0 of Internet Explorer, passwords are saved in different locations, depending on the type of password. Each type of passwords has some limitations in password recovery:
- AutoComplete Passwords. These passwords are saved in the following location in the Registry: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\IntelliForms\Storage2
- HTTP Authentication Passwords. These passwords are stored in the Credentials file under Documents and Settings\Application Data\Microsoft\Credentials. together with login passwords of LAN computers and other passwords.
Due to security limitations, IE PassView can recover these passwords only if you have administrator rights.
Known Issue With Delete Items
Be aware that when you have a Web site that has multiple stored passwords, deleting the one of the passwords also remove all the other passwords for the same Web site. The reason for that is that all the passwords of a Web site are stored in the same entry.
Using The Web Sites File (iepv_sites.txt)
As explained earlier, IE PassView won't be able to retrieve the AutoComplete passwords of Internet Explorer 7.0 if the history of Internet Explorer is cleared.
If you know the exact URLs of Web sites that store user name and passowrd, you can add them into the Web Sites File - iepv_sites.txt, and then IE PassView will retrieve the passwords even if the URL cannot be found in the history file of Internet Explorer.
iepv_sites.txt is a simple text file that must be located in the same folder of iepv.exe. The URLs in the file should be separated by CRLF characters. A sample iepv_sites.txt file with a few URLs is already provided with IE PassView.
Starting from version 1.15, you can also read the passwords stored by IE7 from an external profile in your current operating system or from another external drive (For example: from a dead system that cannot boot anymore). In order to use this feature, you must know the last logged-on password used for this profile, because the passwords are encrypted with the SHA hash of the log-on password, and without that hash, the passwords cannot be decrypted.
You can use this feature from the UI, by selecting the 'Advanced Options' in the Options menu, or from command-line, by using /external parameter. The user profile path should be something like "C:\Documents and Settings\admin" in Windows XP/2003 or "C:\users\myuser" in Windows Vista/2008.
Category: Personal Finance