Re: Master Key Expired
From: John Banes [MS] (jbanes@online.microsoft.com)
Date: 12/30/02
- Next message: Michael: "What's the right way to set up user accounts?"
- Previous message: Dave: "Here's your problem Herman"
- In reply to: Vincenzo Medugno: "Master Key Expired"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "John Banes [MS]" <jbanes@online.microsoft.com> Date: Mon, 30 Dec 2002 13:38:08 -0800
Are you talking about data protection (DPAPI) master keys, by any chance?
These are stored in the user profile, under the "protect" directory. A new
master key file is created every 90 days, but the old master keys are kept
around forever, just in case they are needed to decrypt data that was
originally encrypted when the expired master key was 'current'. The master
key files have filenames equivalent to their GUIDs, which prevents them from
overwritting each other.
-- Regards, John Banes [Microsoft Security Developer] This posting is provided "AS IS" with no warranties, and confers no rights. Please do not send email directly to this alias. This alias is for newsgroup purposes only. "Vincenzo Medugno" <vin.med@tiscali.it> wrote in message news:021001c2a688$35b06170$89f82ecf@TK2MSFTNGXA01... > Hi, > we say that the master key after 3 months expired but W2k > don't delete any master key expired but remember in a > opaque structure the GUID of the Master Key. > My question is the follow: > > - Where are stored the Master Key expired? > > Thank you > > Vincenzo Medugno
- Next message: Michael: "What's the right way to set up user accounts?"
- Previous message: Dave: "Here's your problem Herman"
- In reply to: Vincenzo Medugno: "Master Key Expired"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
