Re: DPAPI or not DPAPI, that is the question
From: Andrew Edward (spam_at_spam.spam)
Date: 10/29/03
- Next message: Pieter Philippaerts: "Re: Another RSACryptoServiceProvider question"
- Previous message: Daryn Kiely: "Another RSACryptoServiceProvider question"
- In reply to: Andrew Edward: "DPAPI or not DPAPI, that is the question"
- Next in thread: John Banes [MS]: "Re: DPAPI or not DPAPI, that is the question"
- Reply: John Banes [MS]: "Re: DPAPI or not DPAPI, that is the question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Oct 2003 14:22:14 -0500
Of course, right after I posted my article I realized this is probably what
I should do:
Don't use DPAPI to encrypt the data itself. Use DPAPI to encrypt a password
entered by the user, from which we generate our own encryption key. That
way all the user has to do to decrypt the data on another computer is
remember their password. No need to muck around with trying to export and
import DPAPI key(s) (assuming that's even possible).
Sorry...I'm new at this (as if you couldn't tell).
- Next message: Pieter Philippaerts: "Re: Another RSACryptoServiceProvider question"
- Previous message: Daryn Kiely: "Another RSACryptoServiceProvider question"
- In reply to: Andrew Edward: "DPAPI or not DPAPI, that is the question"
- Next in thread: John Banes [MS]: "Re: DPAPI or not DPAPI, that is the question"
- Reply: John Banes [MS]: "Re: DPAPI or not DPAPI, that is the question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
