How to allow import/export of DPAPI secured credentials

Question

I'm writing a winforms application that stores usernames and passwords locally within a configuration file so that the person using the application does not have to retype their credentials every time they log in to the various services my application supports. It is absolutely necessary that the password be able to be decrypted so I opted for using ProtectedData and the Protect and Unprotect methods to securely store passwords. This made it easy to pass on responsibility of protecting their data to Windows and the end user rather than worrying about keys and such myself.

Now I want to offer the user the ability to move settings between installations. A great example of this is if they wished to keep a backup of lots of different account settings, or they want to move to a different computer.

I've worked it out to be something like this:

1. User clicks "export accounts" button
2. Application decrypts the stored settings using Unprotect
3. Application writes the settings to a plaintext "backup" which will then be imported and re-ecrypted on the new account.

All of this sounds great up to step #3. Step 3 bothers me because it places the passwords in plaintext. Is there a best practice for import/export of credentials in such a scenario or would be be considered "okay" to make it the user's responsibility to secure the exported file? To me, assuming that the user secures their Windows account properly, this seems like it would be okay to assume. I've kicked around the idea of not even allowing them to import/export the settings files but this seems like it could be a major inconvenience. Similarly, I could also be building towards an extremely rare edge-case where someone has so many stored accounts that it would take just short of a decade to re-input manually.

If anyone who has experience doing such a thing would chime in with best practices/advice for this I'd really appreciate it. I'm fairly new to having to deal with all the complications of storing credentials.

Answer 1

Your local storage of Keys could be compromised given enough time and space, all we do is make that more difficult.

When I was using DPAPI for a similar data protection across multiple computers in a domain, the only way I was left with is where you are right now. Unprotect the sensitive data to plain text. Copy them to another computer, then Protect the data using DPAPI. This did not look good, so I scrapped the option of exporting data all together! and provided another encryption scheme that allows exporting sensitive data in a secure manner.

This might not be the answer to your question, but when it comes to exporting encrypted data, using DPAPI leaves you no choice but what you have, thats by design.

The recommended practice is to use a symmetric algorithm (like Rijndael) to encrypt the data. Encrypt the symmetric algorith's key using an Asymmetric algorithm. Later, save the asymmetric algorithm's public/private key pair and the encrypted symmetric algorithm's key lccally. Export them to another computer. Decrypt the encrypted symmetric algorithm's key using the private key of Asymmetric algorithm. Then use the symmetric key to decrypt the exported data.

To put things in perspectice, when you export:

1. Use RijndaelManaged to encrypt the original data.
2. Secure the key used by RijndaelManaged by encrypting it with an RsaCryptoServiceProvider.
3. When you persist RSA public/private key pair, make sure you use CspParameters.
4. Export the RSA public/private key pair to an XML file using the ToXmlString
5. Copy the key encrypted in Step 2, the RSA key pair created in Step 4, the original encrypted data to another computer.
6. Import the RSA public/private key pair from an XML string using FromXmlString. Purge the Xml files container public/private key pair.
7. Now that your private (and public) keys are available in your new computer, use it to decrypt the RijndaelManaged's key.
8. Once you have the RijndaelManaged's key, use it to decrypt the original data.

Now that should suffice your scenario. It's your trade off to use DPAPI for regular credentials storage and when the user has a need to export the credentials to another computer, you may follow the steps 1 to 8 listed above.

Though it is not a good practice to store credentials locally, sometimes in the interest of user experience, we dont really have a choice but to increase the complexity of encryption.

Be sure to configure User-level/Machine-level protection when using DPAPI, also an entropy value.