API magic: Windows’ password dialog

I ran across an article on MSDN with some info on using Windows security APIs in your program. It’s targeted at C++, though it has a couple of passing references to .NET.

Some observations:

  1. It has an example of how to bring up the standard Windows “enter a password” dialog, customized for your program. I wondered how GMail Notifier did it. (CredUIPromptForCredentials, for those too lazy to follow the link.) Alas, the example is in C++, not .NET, but it’s on pinvoke.net.
  2. It has examples of a new XP/2003 API function that encrypts data using the current user’s credentials, so that data can only be decrypted by that same user. This is a pretty interesting idea, for things like password storage. (CryptProtectData and CryptUnprotectData. Also documented on pinvoke.net.)
  3. Man. Security APIs are ugly.
  4. Especially from C++.

Leave a Reply

Your email address will not be published. Required fields are marked *