DPAPI - Machine Specific keys
Al
machine? We would like to know so we can be prepared in case something
changes.
Thanks,
Al
John Banes
key is used for all subsequent encrypt operations. The old keys are kept
around forever, though, so that you can continue to decrypt old data. I'm
not sure that this is what you're talking about, though.
In addition, DPAPI uses an LSA secret to protect machine master keys, which
are the master keys that get used when the CRYPTPROTECT_MACHINE flag is
passed into CryptProtectData. Apart from some special cases that happen
sometimes during setup, this LSA secret never changes as far as I know. Of
course, if you clean install Windows then you will end up with a new LSA
secret and so your old machine data will not decrypt.
Regards,
John
"Al" <n...@no.com> wrote in message
news:eRERq2Fl...@tk2msftngp13.phx.gbl...
al
al
What we are concerned with is that if something changes such as the NIC card
will the system create a new key? Once this new key is generated will we
not be able to read our connection strings any longer? Also it is possible
for a machine to be moved from one domain to another. Will this action also
generate a new key?
Thanks,
Al
"John Banes" <jab...@comcast.remove.net> wrote in message
news:#B7Y5lHl...@TK2MSFTNGP15.phx.gbl...
David Cross [MS]
new one.
--
David B. Cross [MS]
--
This posting is provided "AS IS" with no warranties, and confers no rights.
"al" <x...@x.com> wrote in message
news:%23S8vTsL...@TK2MSFTNGP12.phx.gbl...
Al
Al
"David Cross [MS]" <dcr...@online.microsoft.com> wrote in message
news:uZKOKKpl...@TK2MSFTNGP12.phx.gbl...