Stack Overflow
Stack Overflow

Questions tagged [dpapi]

DPAPI is the API in Windows that allows a program to store "secrets", like passwords. It is used by Microsoft in IE and storing WiFi passwords and private keys for EFS, and also by Chrome for Windows and Safari for Windows, to store website credentials.

150 questions
1
vote
1 answer

How to reset DPAPI key into the key ring?

I'm new to using DPAPI so this is something I've messed up on my app because I've been redeploying between my work laptop and my personal desktop so now the key that DPAPI is using to protect my data has changed between environments. Now I'm getting…
psiodrake
  • 316
  • 1
  • 9
1
vote
1 answer

DPAPI output buffer memory management

I'm using CryptProtectData() and CryptUnprotectData() APIs for data encryption and decryption in my App. Reading the API documentation, it's not clear why LocalFree() needs to be called against the output buffer after usage. The example code on that…
Ping
  • 93
  • 1
  • 5
1
vote
1 answer

How to store .NET Core non-interactive app credentials properly on both Windows and Linux?

I need to store credentials for my app. I've read it's a very bad practice to store them with code. I know, DPAPI is just made for it, but how to use it on Linux like Ubuntu? So - if I could make DPAPI work on Linux without spending whole day on it…
Harry
  • 4,524
  • 4
  • 42
  • 81
1
vote
1 answer

Linux (Ubuntu) equivalent to Windows DPAPI

I am trying to find a solution to store secrets (to be used by my application) on Ubuntu Server 20.04. I have used Windows' DPAPI in the past to store secrets using the protection of the user account accessing the API. Is there an official package…
Eli Abramson
  • 119
  • 1
  • 11
1
vote
0 answers

Using DPAPI with Typescript?

Is there a way to use the DPAPI (Data Protection Application Programming Interface) on Windows XP with TypeScript? My VSCode extension is a client. And the client needs to login to a server. The client requires user input user/password on VSCode…
caozhaohong
  • 11
  • 1
1
vote
1 answer

Manage sensitive Options data in VSPackage

I'm working on a Visual Studio extension package (VSIX) which needs to connect to a database. I'd also like to take reasonable precautions security-wise when storing sensitive configuration. At the moment, I'm using a standard property-grid Options…
Hydrargyrum
  • 3,378
  • 4
  • 27
  • 41
1
vote
1 answer

How to read Brave Browser cookie database encrypted values in C# (.NET Core)?

I am attempting to read the encrypted values of cookies using a C# console app. My cookie reader class using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Security.Cryptography; using…
user6481581
1
vote
2 answers

How can I protect the entropy?

DPAPI is great for protecting sensitive information! Unfortunately, the DPAPI "optional entropy" is basically another piece of sensitive information that must be protected. Ironic. What are some possible (sneaky) sources of "entropy" I could use…
Chris Laplante
  • 29,338
  • 17
  • 103
  • 134
1
vote
0 answers

Long term encryption of data in dot net

For a net core 2 web app, we are developing we used DPAPI for encrypting/decrypting of string data before storing in DB. We turned off key regeneration so that we could use the same keys in dev/production and for moves. Recently we have found that…
mikelus
  • 927
  • 11
  • 25
1
vote
1 answer

Microsoft Access 2010 and ODBC Connection string security

I am using Microsoft Access 2010 with unbound forms. No linked tables allowed, otherwise the connections string is stored in the table definitions. So it follows that we will use a query definition with no name to access SQL SERVER. This is…
cmaduro
  • 1,672
  • 3
  • 21
  • 40
1
vote
0 answers

WebAPI, DPAPI and LoadUserProfile

We are trying to use DPAPI in our OWIN-based WebAPI self-hosted app. The app is configured for Windows authentication and runs as a service under SYSTEM account: var listener =…
Alex I
  • 2,078
  • 3
  • 18
  • 24
1
vote
1 answer

Why were SecureString and ProtectedMemory placed in different assemblies and namespaces?

On the conceptual level, SecureString looks like a specialization of ProtectedMemory. Granted, its primary function is to shorten the lifetime of (immutable) strings inside RAM, swap, and crash dumps. However, it also uses DPAPI to protect the data…
Jirka Hanika
  • 13,301
  • 3
  • 46
  • 75
1
vote
1 answer

Storing sensitive data that is encrypted using Data Protection API with PersistKeysToFileSystem

Folks, I need to encrypt some string data into a SQL database from and MVC Core 2.0 application. I'm thinking of using the Data Protection API with PersistKeysToFileSystem so that I can restore the data to another server and decrypt the data using…
mikelus
  • 927
  • 11
  • 25
1
vote
0 answers

Can the Asp.Net Core Data Protection System detect the configuration has changed and generate a new key?

I'm creating a new asp.net core 2 website that's using data protection as per this article. As a first pass I created this without protecting the keys (since we're not in production yet) e.g. public void ConfigureServices(IServiceCollection…
Gavin Sutherland
  • 1,666
  • 3
  • 23
  • 36
1
vote
3 answers

Can my Windows Domain Administrator decrypt my DPAPI encrypted files?

I want to encrypt passwords using the DPAPI like this ProtectedData.Protect(plain, optionalEntropy, DataProtectionScope.CurrentUser); and wonder if the domain administrator could decrypt the generated blob, as Using Passwords Effectively …
Walter Peel
  • 293
  • 1
  • 4
  • 7
1 2 3
9 10