Recover OpenVPN Saved Password

I am changing a users laptop and they have saved their username and passowrd in the OpenVPN GUI. Naturally they don't know their password because they entered them a while back and click "save password". Is there anyway to recover these details so that I can migrate them to the new laptop without having to get the VPN account reset (which would be quite a lot more difficult that it should be!).

Both laptops are Windows 10.

I have copied the .ovpn, p12 and .key files over but the GUI still prompts for the username and password. There is no password text file inside the config directory (under OpenVPN under Program Files).

I've search the registry too but couldn't find the info there.

EDIT: To be clear I don't actually need to "recover" the password. If it is encrypted in a registry key for example, that is fine, I could export the key from the old laptop and import it on the new one. I need to find a way to copy the details from laptop1 to laptop2.


Solution 1:

Per the OpenVPN GUI source code, saved passwords are stored in the registry under HKCU\Software\OpenVPN-GUI\configs.

Solution 2:

The Powershell script in this link gets the password for me: OpenVPN Password Recovery

The registry names on my computer are a bit different; my version:

$keys = Get-ChildItem "HKCU:\Software\OpenVPN-GUI\configs"
$items = $keys | ForEach-Object {Get-ItemProperty $_.PsPath}

foreach ($item in $items)
{
  $encryptedbytes=$item.'auth-data'
  $entropy=$item.'entropy'
  $entropy=$entropy[0..(($entropy.Length)-2)]

  $decryptedbytes = [System.Security.Cryptography.ProtectedData]::Unprotect(
    $encryptedBytes, 
    $entropy, 
    [System.Security.Cryptography.DataProtectionScope]::CurrentUser)
 
  Write-Host ([System.Text.Encoding]::Unicode.GetString($decryptedbytes))
}

You may also need to execute Add-Type -AssemblyName System.Security in Powershell to make it work.

edit: on windows 10, OpenVPN v11.9, $encryptedbytes=$item.'key-data'