Windows Data Protection API

Windows Data Protection API (DPAPI) appeared with the release of Windows 2000. It was obvious at the time that developers and users needed the ability to protect their data through the use of encryption. The DPAPI interface is extremely simple, and provides two functions for users: protect data and unprotect data.

Because of the way key-based encryption works, there needs to be some way to protect one user's data from another user. Because DPAPI is part of the operating system, and it requires a password in order to perform data protection operations, it only makes sense that it would use your Windows credential information.

This brings up another problem. There are cases where many different people use the same account ...

Get Microsoft® Visual C#® .NET 2003 Unleashed now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.