Recently, I've been working on quite a number of projects to do with enterprise web application development, and many a times, I got request to have all encryption strings encrypted. Of course, even if they didn't tell me to do so, I'd also do so as it's just too dangerous to keep it in plaintext. So do you have to specifically write a special dll to do this task or use the cryptographic services in .NET to do so? The answer is no! ASP.NET 2.0 provides you such capabilities. Infact, this has already been available in ASP.NET 1.1. Just that ASP.NET 2.0 includes the option to do so with DPAPI too! ASP.NET 2.0 supports two forms of encryptions: RSA (a form of asymmetric encryption) DPAPI RSA is recommended as DPAPI makes use of key that are machine-specific. So that doesn't sound too portable. Well, as RSA is a 1024 bit block encryption, if you do want to encrypt data-strings larger then that, you might want to consider making use of Envelop Encryption, where you'd Generate a random private...