FIPS-compatible password encryption for .NET.

Question

FIPS-compatible password encryption for .NET.

I am working on WinForms in a VB.NET (3.5) application that requires the user to enter domain administrator credentials. To make it easier for the user, they only need to enter the username and password once, and then just rely on my application to save these credentials. I would like to save these credentials with other user settings, but for security reasons, the password needs to be encrypted.

What is an easy way to encrypt and decrypt this password? I want the encryption method to be FIPS compatible. The methods I've tried so far lead to this exception:

System.InvalidOperationException: this implementation is not part of the Windows FIPS platform verified cryptographic algorithms.

+3

security .net vb.net encryption fips

Matt hanson 30 sept '08 at 10:35

source share

1 answer

Michael petrotta · Accepted Answer · 2008-10-01T05:50:49+0000

Look at the Data Protection API (DPAPI), which is FIPS compliant (as far as I can tell, you can view the rating here ).

DPAPI maps to .NET 2.0 and later with the System.Security.Cryptography.ProtectedData class. It uses the current user credentials as an encryption key. See my more complete answer here .

FIPS-compatible password encryption for .NET.

More articles: