← Cybersecurity Alphabet Soup

DPAPI

Data Protection Application Programming Interface

networkhard

DPAPI is the built-in Windows service that applications use to encrypt secrets like saved browser passwords, Wi-Fi keys, and certificates, with keys derived from the user's logon credentials. It spares developers from managing encryption keys themselves. Attackers who compromise a user or domain can abuse DPAPI to decrypt those stored secrets, and the domain backup key is a crown-jewel target because it can unlock DPAPI data for every user in the domain.

Sources

More in network