Stack Overflow
Stack Overflow

Questions tagged [dpapi]

DPAPI is the API in Windows that allows a program to store "secrets", like passwords. It is used by Microsoft in IE and storing WiFi passwords and private keys for EFS, and also by Chrome for Windows and Safari for Windows, to store website credentials.

150 questions
5
votes
4 answers

Using DPAPI / ProtectedData in a web farm environment with the User Store

I was wondering if anyone had successfully used DPAPI with a user store in a web farm enviroment? Because our application is a recently converted from 1.1 to 2.0 ASP.NET app, we're using a custom wrapper which directly calls the CryptUnprotect…
Lachman
4
votes
0 answers

How does DPAPI protect MasterKey for system accounts?

While reading Microsoft's documentation about DPAPI I found the following text: DPAPI is focused on providing data protection for users. Because DPAPI requires a password to provide protection, the logical step is for DPAPI to use a user's logon…
JustAMartin
  • 13,165
  • 18
  • 99
  • 183
4
votes
2 answers

ProtectedData.Unprotect Method Fails to Decrypt

We have a build process that needs to decrypt a password which it then uses to connect to a database. We are using the Data Protection API (DPAPI) to encrypt the password at the machine scope on the build server (I'm logged in with my own domain…
Aaron Jensen
  • 25,861
  • 15
  • 82
  • 91
4
votes
0 answers

Store the signing key using Data Protection API

I am working on .Net Core Web API, in which we are using Jwt Token for authorizing web requests. Below is the code to generate token and configure it in the startup. services.AddAuthentication(options => { options.DefaultAuthenticateScheme =…
Shaggy
  • 5,422
  • 28
  • 98
  • 163
4
votes
0 answers

DPAPI - encrypting for another user?

It may be that security is a more apt location for this but I'll ask it here first. If I want to encrypt some plaintext using DPAPI I have two scope options, CurrentUser and LocalMachine. Assume I want to encrypt data that will need decrypting by…
noonand
  • 2,763
  • 4
  • 26
  • 51
4
votes
2 answers

How does System.Security.Cryptography.ProtectedData generate Unique Id

Im using System.Security.Cryptography.ProtectedData to Protect the license data before writing it to the registry. ProtectData.Protect(Byte[], Byte[], DataProtectionScope.LocalMachine) The Dataprotection scope is LocalMachine. What are the…
techno
  • 6,100
  • 16
  • 86
  • 192
4
votes
2 answers

DPAPI + Entropy

We have a WPF app that allows our users to download encrypted content and we want to provide the ability to decrypt this content off-line. The idea is to download the keys and store them using the DPAPI but I'm having trouble with the entropy…
TWith2Sugars
  • 3,384
  • 2
  • 26
  • 43
4
votes
2 answers

Protecting encryption keys using DPAPI: Obvious hole?

I have a Windows.Forms based .NET desktop application that stores privileged information in a file on disk (not using .NET configuraton files), encrypted using a symmetric cryptography algorithm such as TripleDES using MS's CryptoAPI. This file…
Dave Foster
  • 363
  • 4
  • 11
4
votes
1 answer

Data Protection API Scope: LocalMachine & CurrentUser

We have an application that encrypts/decrypts data as DataProtectionScope.LocalMachine. We're now having to change the scope to DataProtectionScope.CurrentUser. Will the existing strings encrypted under the LocalMachine scope still be readable when…
Marcus
  • 9,011
  • 10
  • 45
  • 65
4
votes
2 answers

information on Data Protection API (DPAPI)

I am currently writing a c# mvc web application in which password are being taken from a user and stored in a database - sql server. I need a way of hashing the passwords. It has been recommended to be to use the Data Protection API (DPAPI). I am…
amateur
  • 43,371
  • 65
  • 192
  • 320
3
votes
0 answers

Has anyone gotten Dpapi and Roaming Profiles to work?

According to Microsoft, DPAPI should be able to encrypt data on one machine, and decrypt it on another: See: https://support.microsoft.com/en-us/topic/bf374083-626f-3446-2a9d-3f6077723a60#bkmk_6 When I am logged into a domain controller, and encrypt…
Erik Aronesty
  • 11,620
  • 5
  • 64
  • 44
3
votes
1 answer

ASP.NET Core DPAPI PersistKeyToFileSystem encrypting the key

I am using ASP.NET Core DPAPI. The key in use is currently unprotected. I see in the docs an example that shows the key encrypted, but I can't figure out what is the api setting for that. I am using the…
Veverke
  • 9,208
  • 4
  • 51
  • 95
3
votes
0 answers

Using Microsoft DPAPI with Coldfusion

I'm in the process of decrypting Chrome's cookie information for a particular website. I can read the data from the file using the SQLLite DB object successfully. The next step is to decrypt the encrypted data. I've managed to find two Java…
Gaurav S
  • 999
  • 8
  • 16
3
votes
2 answers

DPAPI fails with CryptographicException when trying to decrypt Chrome cookies

i am trying to get session from my Chrome browser. i can see 2 cookie files in Developer Tools. but this is inconvenient for the user to get cookie values from browser, i would like to do it in code. so i use this code to get Chrome default profile…
cerberus
  • 378
  • 3
  • 15
3
votes
1 answer

How can i encrypt a stored password that any user could decrypt on use of an application?

I have working code that will encrypt and decrypt a string provided to methods and this all works fine for when im storing a users entered password for convenience later. However what I am trying to do is provide a password (encrypted) in the…
Ben R
  • 85
  • 6
1
2
3
9 10