Appendix . How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services

Web applications often need to store security-sensitive data, such as database connection strings and service account credentials in application configuration files. For security reasons, this type of information should never is stored in plain text and should always be encrypted prior to storage.

This How To describes how to use Data Protection API (DPAPI) from an ASP.NET application with Enterprise Services.

Notes

DPAPI can work with either the machine store or user store (which requires a loaded user profile). DPAPI defaults to the user store, although you can specify that the machine store be used by passing the CRYPTPROTECT_LOCAL_MACHINE flag to the DPAPI functions. ...

Get Building Secure Microsoft® ASP.NET Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Building Secure Microsoft® ASP.NET Applications by Microsoft Corporation

Appendix . How To: Use DPAPI (User Store) from ASP.NET with Enterprise Services

Notes

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly