Re: Security - Best Encryption Tool

From: Alek Davis (alek_xDOTx_davis_xATx_intel_xDOTx_com)
Date: 06/02/04


Date: Wed, 2 Jun 2004 10:13:36 -0700

I don't think it is the issue of small vs. large. There are cases when DPAPI
is simply a very bad choice, such as encryption of data stored in a
database. Whether the application runs on one machine or many machines, it
does not matter. DPAPI can serve best for storing application configuration
settings (in .config file or registry), but again you really need to
understand the limitations and vulnerabilities, because in certain
situations DPAPI is no more secure than its alternatives. There is a
misconception that DPAPI is a silver bullet for data protection, but
unfortunately it is not. In some cases it can be the best option, in other
cases, it is not.

Alek

"WJ" <JohnWebbs@HotMail.Com> wrote in message
news:%23jpu7ZJSEHA.3420@TK2MSFTNGP11.phx.gbl...
>
> "Svein Terje Gaup" <stgaup@broadpark.no.spam> wrote in message
> news:u1QY4SCSEHA.1256@TK2MSFTNGP09.phx.gbl...
> > Alek, I see now that you are right, and I stand corrected.
> >
>
> So it is safe to assume that DPAPI solution is best used in small and
single
> web site environment ?
>
> Thanks
>
> John
>
>



Relevant Pages

  • Re: Web.config or App.config Security
    ... I would be surprised if you could use Data Protection Provider from a Web ... If I understand it correctly, it uses DPAPI, but DPAPI (with ... .config file. ... > encrypt all my configurations files. ...
    (microsoft.public.dotnet.security)
  • Re: Encrypt/Decrypt
    ... Thank you Hernan but I am not sure DPAPI is the correct way. ... Encrypt it and then on the software that gets released to the ... >> the login info in a config file on each system this program resides. ...
    (microsoft.public.dotnet.security)
  • Re: Security - Best Encryption Tool
    ... There are cases when DPAPI ... is simply a very bad choice, such as encryption of data stored in a ... settings (in .config file or registry), but again you really need to ... >> Alek, I see now that you are right, and I stand corrected. ...
    (microsoft.public.dotnet.framework.component_services)
  • Re: Security - Best Encryption Tool
    ... There are cases when DPAPI ... is simply a very bad choice, such as encryption of data stored in a ... settings (in .config file or registry), but again you really need to ... >> Alek, I see now that you are right, and I stand corrected. ...
    (microsoft.public.vb.general.discussion)
  • Re: Security - Best Encryption Tool
    ... There are cases when DPAPI ... is simply a very bad choice, such as encryption of data stored in a ... settings (in .config file or registry), but again you really need to ... >> Alek, I see now that you are right, and I stand corrected. ...
    (microsoft.public.dotnet.distributed_apps)