Credential manager integration

1 . A non-transitory computer readable medium having program instructions stored therein that are executable by a computing device to cause the computing device to implement a credential manager that performs operations comprising: storing, in a protected manner, 1) a set of credentials for authenticating a user and 2) metadata about the set of credentials; providing, to a program, a separate copy of the metadata, wherein the metadata stored in the protected manner is not accessible to the program, and wherein the separate copy of the metadata is accessible to the program to determine whether the set of credentials includes a credential relevant to an authentication prompt; receiving, from the program, a request for the relevant credential; in response to the request, performing an authentication of the user; and based on the authentication, providing the requested credential to the program for supplying to the authentication prompt. 2 . The computer readable medium of claim 1 , wherein the operations comprise: receiving a request to store an additional credential for authenticating the user; storing the additional credential in an encrypted manner; and invoking an application programming interface (API) of the program to provide metadata about the additional credential. 3 . The computer readable medium of claim 1 , wherein the metadata includes usernames associated with the credentials. 4 . The computer readable medium of claim 1 , wherein the metadata includes a service identifier for the credential, wherein the service identifier indicates a service associated with the credential and is usable by the program to determine that the credential is relevant to the authentication prompt. 5 . The computer readable medium of claim 4 , wherein the operations comprise: maintaining a ranking of credentials associated with the service, wherein the provided metadata includes information about the ranking usable by the program to select the relevant credential. 6 . The computer readable medium of claim 1 , wherein the storing includes: storing the relevant credential in a database such that the relevant credential is retrievable from the database using a key, wherein the metadata includes the key associated with the relevant credential. 7 . The computer readable medium of claim 1 , wherein the operations comprise: receiving a request to update a particular credential of the set of stored credentials; in response to the request, updating the particular credential and metadata about the particular credential; and invoking an application programming interface (API) of the program to notify the program of the updating. 8 . A computing device, comprising: a processor circuit; and a memory storing program instructions executable by the processor circuit to implement a credential manager that performs operations including: storing, in a protected manner, 1) a set of credentials for authenticating a user and 2) metadata about the set of credentials; providing, to a program, a separate copy of the metadata, wherein the metadata stored in the protected manner is not accessible to the program, and wherein the separate copy of the metadata is accessible to the program to determine whether the set of credentials includes a credential relevant to an authentication prompt; receiving, from the program, a request for the relevant credential; in response to the request, performing an authentication of the user; and based on the authentication, providing the requested credential to the program for supplying to the authentication prompt. 9 . The computing device of claim 8 , wherein the operations include: receiving a request to store an additional credential for authenticating the user; storing the additional credential in the protected manner; and invoking an application programming interface (API) of the program to provide metadata about the additional credential. 10 . The computing device of claim 8 , wherein the program is an operating system; and wherein the protected manner includes encryption. 11 . The computing device of claim 8 , wherein the operations include: identifying the relevant credential in the stored set of credentials based on a service identifier included in the request for the relevant credential. 12 . The computing device of claim 8 , wherein the relevant credential includes one-time password (OTP). 13 . The computing device of claim 8 , wherein the request for the relevant credential includes a key provided by the credential manager and usable to identify the credential in a database maintained by the credential manager. 14 . The computing device of claim 8 , wherein the operations include: maintaining a ranking of credentials associated with a service; and wherein the providing of the relevant credential is based on the ranking of credentials. 15 . A method, comprising: storing, by a credential manager executing on a computing device, in a protected manner, 1) a set of credentials for authenticating a user and 2) metadata about the set of credentials; providing, by the credential manager to a program, a separate copy of the metadata, wherein the metadata stored in the protected manner is not accessible to the program, and wherein the separate copy of the metadata is accessible to the program to determine whether the set of credentials includes a credential relevant to an authentication prompt; receiving, by the credential manager from the program, a request for the relevant credential; in response to the request, performing an authentication of the user; and based on the authentication, providing, by the credential manager, the requested credential to the program for supplying to the authentication prompt. 16 . The method of claim 15 , further comprising: receiving, by the credential manager, a request to store an additional credential for authenticating the user; storing, by the credential manager, the additional credential in an encrypted manner; and providing, by the credential manager, metadata about the additional credential to the program. 17 . The method of claim 15 , further comprising: receiving, by the credential manager, a request to update a particular credential of the set of stored credentials; in response to the request, updating, by the credential manager, the particular credential and metadata about the particular credential; and invoking, by the credential manager, an application programing interface (API) of the program to notify the program of the updating. 18 . The method of claim 15 , wherein the set of credentials is protected using one or more cryptographic keys derived based on authentication information provided by the user. 19 . The method of claim 15 , wherein the metadata includes service identifiers associated with the stored set of credentials and type information identifying types of the stored set of credentials. 20 . The method of claim 15 , wherein the program is an operating system; and wherein the credential manager is a third-party credential manager relative to the program.