Credential store keys are not namespaced

[ckamm]

@guruz pointed out frankosterfeld/qtkeychain#105 and I've verified it on Windows 10:

When we store credentials in the credential store on Windows through QtKeychain we choose the key similarly to other platforms. However, on Windows the library doesn't automatically add the application name or organization name.

Effects

• Keys like "user:http://localhost:0" show up in "Generic Credenticals" section of the Windows Credential Manager
• Different branded clients may share credentials if the same user/server is used. (should be exceedingly rare)

MSDN says the following about the key:

If the Type is CRED_TYPE_GENERIC, this member should identify the service that uses the credential in addition to the actual target. Microsoft suggests the name be prefixed by the name of the company implementing the service. Microsoft will use the prefix "Microsoft". Services written by Microsoft should append their service name, for example Microsoft_RAS_TargetName.

(https://msdn.microsoft.com/en-us/library/windows/desktop/aa374788(v=vs.85).aspx)

Suggestion: Change the key used on Windows to be "$AppName_$oldkey". This is a good opportunity since we're migrating http credential keys anyway.

[SamuAlfageme]

It seems to be working just fine now (tested in W7/8.1). Nice catch.

2.3.3	2.4.0

Some notes:

• After Different accounts may use same keychain entry #5830 we have to be extra-careful and check for the trailing slash to be present when creating the keychain/cred.store entry in all cases - otherwise, the account id might be taken by mistake as the port no.
• Also, in some upgrade scenario, the standard SSL port was included in the instance's URL everywhere - (might be unrelated - I'm trying to find out the conditions/steps again, this is merely aesthetic though)

👍