Event ID: 5376

Credential Manager credentials were backed up.

Credential Manager credentials were backed up.

Subject:
    Security ID:        %1
    Account Name:       %2
    Account Domain:     %3
    Logon ID:       %4

This event occurs when a user backs up their own Credential Manager credentials. A user (even an Administrator) cannot back up the credentials of an account other than his own.
Microsoft Documentation

Event ID - 5376





Lookup Audit Policy Configuration Settings

C:\> AuditPol.exe /get /subcategory:"User Account Management"
How to enable Windows Auditing



LEFT/RIGHT arrow keys for navigation

Back to List