How to clear the 'Save my Password' checkbox in the Lync Client

Tuesday, August 16, 2011
I was asked by a reader how to clear the "Save my password" checkbox in the Lync 2010 client recently.  Turns out that this not quite a trivial thing to do.

The first time a user signs into Lync from a computer they have the option to click Save my password, as shown below:


If the user clicks the checkbox and signs in succesfully, the Lync server will generate a digital certificate for the user to store in their personal store.  That certificate is used for future authentication attempts from the Lync client without having to supply a password, and the Save my password checkbox is not displayed again.

This article explains how to get the Save my password check box back.  You may want to do this if a user clicked the check box on a public computer, for example.

There are two things that control the appearance of the Save my password check box:
  • The SavedPassword DWORD value in the HKEY_CURRENT_USER\Software\Microsoft\Communicator registry key exists and is set to 1
  • There is a Lync user certificate in the user's personal store that matches the user's SIP address

Both the registry value and the user certificate need to be deleted to return the Show my password check box.  The following two commands will delete these items when run from an elevated command prompt on the affected computer:

reg add HKCU\Software\Microsoft\Communicator /v SavePassword /d 0 /f
certutil -delstore -user my sipaddress

For example,


Now run the Lync client and you will see the Save my password check box again.
by at

6 comments:

  1. AnonymousNovember 10, 2011 at 12:10 PM

    How about for XP, there is no "certutil" in any of the paths. Where is this program on XP.

    ReplyDelete
  2. Jeff Guillet - @exptaNovember 10, 2011 at 12:12 PM

    The only version of Certutil.exe that Windows XP supports is available in the Microsoft Windows Server 2003 Administration Pack. To download the Windows Server 2003 Administration Pack, visit the following Microsoft Web site:

    http://www.microsoft.com/downloads/details.aspx?FamilyID=C16AE515-C8F4-47EF-A1E4-A8DCBACFF8E3&displaylang=en

    ReplyDelete
  3. AnonymousDecember 30, 2011 at 2:30 AM

    Hello, for me this did not work for some reason but you did help.
    What i did and worked was:
    1. Change savepassword in registry: reg add HKCU\Software\Microsoft\Communicator /v SavePassword /d 0 /f
    2. Not delete certificate (lync on reopen would recreate it somehow...) but
    a) open certificate manager certmgr
    b)Locate certificate as you showed us.
    c) Right click properties.
    d) on General tab select Enable only the following purposes and uncheck Client Authentication.

    Then restarting lync on sing in it will request again the password. I think your solution is functional as well, but for some reason in my computer certificate would exist somewhere else as well and lync would recreate it...

    ReplyDelete
  4. AnonymousOctober 24, 2012 at 4:30 PM

    This didn't work for me even with the modified certifcate manipulation. Still did not bring up the "Save Password" checkbox. just signed in automatically when Lync was reopened

    ReplyDelete
  5. katerinaDecember 12, 2012 at 1:31 AM

    Neither for me. I removed the certificate again and now the certificate is not even recreated. Any help ?

    ReplyDelete
  6. AnonymousDecember 18, 2012 at 3:14 AM

    thats great it worked for me in windows7 and xp
    the second command "certutil -delstore -user my sipaddress" not work in xp but you can do it mannualy by entering command certmgr.msc

    ReplyDelete

Thank you for your comment! It is my hope that you find the information here useful. Let others know if this post helped you out, or if you have a comment or further information.

Subscribe to: Post Comments (Atom)