Web applications often need to store security sensitive data, such as database connection strings and service account credentials in application configuration files. For security reasons, this type of information should never be stored in plain text and should always be encrypted prior to storage.

This How To describes how to create a managed class library that encapsulates calls to the Data Protection API (DPAPI) to encrypt and decrypt data. This library can then be used from other managed applications such as ASP.NET Web applications, Web services and Enterprise Services applications.

For related How To articles that use the DPAPI library created in this article, see the following articles in the Reference ...