8

Suppose I encrypt data and write it to a file like this:

byte[] encrypted =
    ProtectedData.Protect(plain, null, DataProtectionScope.CurrentUser);
File.WriteAllBytes(filename, encrypted);

Decrypting is as straightforward:

byte[] encrypted = File.ReadAllBytes(filename);
byte[] decrypted =
    ProtectedData.Unprotect(encrypted, null, DataProtectionScope.CurrentUser);

Now when I change my windows password between the calls to Protect and Unprotect, Unprotect will throw an exception. I do want the encrypted data to be linked to my user account, but I also want it to survive password changes.

I guess I have to hand the data over to Windows rather than writing it to my own file, so that Windows can re-encrypt it on password changes. I just can't find the documentation that tells me how. Does anyone know?

Walter Peel
  • 293
  • 1
  • 4
  • 7

1 Answers1

14

How do you change the password? Using the normal procedure and specifying the old password should work with ProtectedData, while setting a new password under computer management wouldn't.

Set Password dialog with warning

sisve
  • 19,501
  • 3
  • 53
  • 95
  • That was quick! Thanks mate, that was the problem. If I let the user change their own password it works. – Walter Peel Jan 21 '11 at 06:15
  • Quick Q if i reset the account's password, then later set it back to its old password again, would Unprotect would start working again? – Shane Aug 08 '17 at 07:51
  • The dialog states _irreversible loss_, so it wouldn't work. – sisve Aug 08 '17 at 14:03