Stay organized with collections
Save and categorize content based on your preferences.
This guide describes how to create and manage user credentials on Windows VMs
running on Compute Engine.
Creating Windows Credentials
To create credentials, access the Manage Windows Credentials dialog:
In the Cloud Explorer, right-click the VM on which you want to
create the credentials.
Select Manage Windows Credentials.
Click Add Credentials.
Enter a Username.
Enter a password, or have Visual Studio create one.
Click Save.
These credentials are encrypted on your machine and associated with the Windows
VM for which they were created.
Deleting Windows Credentials
To delete existing credentials, access the Manage Windows Credentials
dialog:
In the Cloud Explorer, right-click the VM with the credentials you
want to delete.
Select Manage Windows Credential.
Select a user and click Delete credentials.
Click Delete.
Using stored Windows Credentials
You can use the stored Windows credentials when creating a .publishsettings
file for publishing to a VM or when starting a new Terminal Services session
with the VM.
Saving .publishsettings files
To create a .publishsettings file to deploy your ASP.NET app to a VM:
In the Cloud Explorer, right-click the VM where you want to
deploy.
Select Save publishing settings.
Select the credentials to use when creating the .publishsettings file.
If you do not see the credentials you want to use, then click
Manage Windows Credentials to
create new credentials.
Opening a Remote Desktop session
To access a VM through a remote desktop:
In the Cloud Explorer, right-click the VM to which you want to
connect.
Select Open Remote Desktop session.
Select the credentials you want to use to connect to the remote desktop
session.
If you do not see the credentials you want to use, then click
Manage Windows Credentials to
create new credentials.
You might see warnings indicating that the publisher of the remote connection
can’t be identified.
This warning is due to the session being opened by creating a session file that
is not signed because it is only used to start this session. The credentials
used in the session file are encrypted.
Another warning might appear informing you that the identity of the
remote computer cannot be identified.
This warning appears because the connection is secured using a self-signed
certificate, and, by default, your computer does not trust self-signed
certificates. This certificate is not used to ensure the identity of the server
but to secure the connection between your machine and the server.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[],[],null,["# Managing Windows Credentials\n\nThis guide describes how to create and manage user credentials on Windows VMs\nrunning on Compute Engine.\n\nCreating Windows Credentials\n----------------------------\n\nTo create credentials, access the **Manage Windows Credentials** dialog:\n\n1. In the Cloud Explorer, right-click the VM on which you want to\n create the credentials.\n\n2. Select **Manage Windows Credentials**.\n\n3. Click **Add Credentials**.\n\n4. Enter a **Username**.\n\n5. Enter a password, or have Visual Studio create one.\n\n6. Click **Save**.\n\nThese credentials are encrypted on your machine and associated with the Windows\nVM for which they were created.\n| **Note:** If the account already exists, having Visual Studio create a password resets the existing password. Resetting the password can cause the loss of encrypted data secured with the current password, including files and stored passwords. [Learn more](/compute/docs/instances/windows/creating-passwords-for-windows-instances).\n\nDeleting Windows Credentials\n----------------------------\n\nTo delete existing credentials, access the **Manage Windows Credentials**\ndialog:\n\n1. In the Cloud Explorer, right-click the VM with the credentials you\n want to delete.\n\n2. Select **Manage Windows Credential**.\n\n3. Select a user and click **Delete credentials**.\n\n4. Click **Delete**.\n\n| **Important:** Deleting credentials will delete the Windows account and the data associated with the account.\n\nUsing stored Windows Credentials\n--------------------------------\n\nYou can use the stored Windows credentials when creating a `.publishsettings`\nfile for publishing to a VM or when starting a new Terminal Services session\nwith the VM.\n\n### Saving `.publishsettings` files\n\nTo create a `.publishsettings` file to deploy your ASP.NET app to a VM:\n\n1. In the Cloud Explorer, right-click the VM where you want to\n deploy.\n\n2. Select **Save publishing settings**.\n\n3. Select the credentials to use when creating the `.publishsettings` file.\n\n 1. If you do not see the credentials you want to use, then click **Manage Windows Credentials** to [create new credentials](#creating_windows_credentials).\n\n| **Important:** The credentials stored in `.publishsettings` are in plain text. You should delete this file after it is imported into a publish profile and no longer needed. The publish profile stores the credentials encrypted.\n\n### Opening a Remote Desktop session\n\nTo access a VM through a remote desktop:\n\n1. In the Cloud Explorer, right-click the VM to which you want to\n connect.\n\n2. Select **Open Remote Desktop session**.\n\n3. Select the credentials you want to use to connect to the remote desktop\n session.\n\n 1. If you do not see the credentials you want to use, then click **Manage Windows Credentials** to [create new credentials](#creating_windows_credentials).\n\nYou might see warnings indicating that the publisher of the remote connection\ncan't be identified.\n\n\u003cbr /\u003e\n\n\n\u003cbr /\u003e\n\nThis warning is due to the session being opened by creating a session file that\nis not signed because it is only used to start this session. The credentials\nused in the session file are encrypted.\n\nAnother warning might appear informing you that the identity of the\nremote computer cannot be identified.\n\n\u003cbr /\u003e\n\n\n\u003cbr /\u003e\n\nThis warning appears because the connection is secured using a self-signed\ncertificate, and, by default, your computer does not trust self-signed\ncertificates. This certificate is not used to ensure the identity of the server\nbut to secure the connection between your machine and the server."]]
