I've been doing some research about M$ DPAPI and came to a doubt that did not clearly states the best option, as far as i could tell.
In this research i'm building a test web app that stores a user password using ProtectedData.Protect Method. The information propagated at the documentation is that most uses should go with CurrentUser, as LocalMachine allows anyone in the same machine context to decrypt that information (in this case, user password).
Q: So, here is the thing: What user context is this related to, the machine user running the web server (IIS) or the user logged into the web application (web app uses windows authentication scheme, Active Directory in this case)? In that case, which scope will provide the most secure scheme?
Aucun commentaire:
Enregistrer un commentaire