> OK, that is incorrect. DPAPI is supposed to protect from this by deriving encryption key from your password.
That's the point: DPAPI is (deliberately) bypassed by TBAL, by storing the necessary info from the user's password to decrypt the DPAPI key after reboot.
That's the point: DPAPI is (deliberately) bypassed by TBAL, by storing the necessary info from the user's password to decrypt the DPAPI key after reboot.