Currently the access to specific credentials can be restricted by machines, processes & user roles. This leaves a security risk, especially in Development -environments, which potentially allows stealing personal credentials.
This could be fixed by adding a new option to the Credential Manager, which would allow selecting specific user(s) who can access the credential.
Other option would be allowing creation of user roles, which could be linked to AD user's SID. Currently only AD Group SIDs can be linked to a user role, and companies are not generally happy to create user specific "dummy" AD groups.