Mercurial has a built-in method for storing passwords, but it stores them plaintext in your settings file. For those of us bound by various compliance regulations, or just those of us that care about security, this is a huge no-no.

First you’ll want to clear your password from TortoiseHg’s authentication section for your repository if you haven’t already (this will remove your credentials from your “.hg\hgrc” settings file in the repo, you may want to manually confirm this).

Next you need to enable the Mercurial Keyring extension by pasting the text below into your mercurial.ini file (can be accessed via File > Settings > Edit File), which is bundled with TortoiseHg, so a path is not required:

[extensions] mercurial_keyring=

On the next push it’ll ask for your password, put it in and it should never ask again.

To confirm/update your password was saved in the Windows Vault, go to your Control Panel > User Accounts > Manage your credentials