I saw some code utilizing DPAPI. Given the research around MS’s poor DPAPI implementation, <http://elie.im/publi/recovering-windows-secrets-and-EFS- certificates-offline> , is it still safe to rely on DPAPI to protect my credentials? I am thinking not….
DPAPI still applicable?
Share on: