This topic of the Windows Credential Editor came up again recently The use of Windows Credential Editor an attack that compromised a fairly large Active Directory deployment resulting in me writing the whitepaper entitled ”Active Directory was compromised, now what?” whitepaper. I ask that you register on my blog, but it is worth it.
This makes a good argument for Kerberos over NTLM for Windows Networks. If you don’t Windows Credential Editor may make you wish you had turned NTLM off.
Microsoft provides some security guidance on the subject in kb article 2793313.