While writing some demos for DevWeek, i came up with a nice way to use ProtectedData.

I wanted to have some custom attributes to put on class members, and if such a attributed class gets XML-serialized those members should be encrypted using DPAPI, e.g.

    [ProtectedXml(DataProtectionScope.LocalMachine)]
    public class Config : ProtectedXmlBase
    {
        [ProtectedField]
        public string ConnectionString;

        public string DisplayName;
    }

With the [ProtectedXml] attribute you can choose the scope of the DPAPI encryption (User or Machine) and with [ProtectedField] you can mark the fields which should be encrypted upon serialization.

This is accomplished by implementing the IXmlSerializable interface to do custom XML serialization and using ProtectedData for the encryption/decryption. Compiled wiht the November CTP of Whidbey. enjoy