Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Protection Providers

Beginning with Windows 8, Microsoft began distributing the providers that enable you to securely share encrypted secrets and messages across computers. There are currently two key protection providers. The Microsoft Key Protection provider allows you to protect content to a group in an Active Directory forest. The Microsoft Client Key Protection provider allows you to protect content to a set of web credentials.

The correct protector to use is automatically chosen for you when the NCryptCreateProtectionDescriptor function parses the protection descriptor rule string your provide as input. The Microsoft Key Protection provider is chosen for rule strings that begin with SID, SDDL, and LOCAL. The Microsoft Client Key Protection provider parses rule strings that begin with WEBCREDENTIALS. For more information about rule strings, see Protection Descriptors.

Note  Custom providers are not currently allowed.CNG DPAPI

Related topics

CNG DPAPI
NCryptCreateProtectionDescriptor
Protection Descriptors

 

 

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.