Windows DPAPI - what to do with entropy?

Question

I\'m using the Windows DPAPI to encrypt some sensitive data for me. The cipher is stored in the registry. This all works well, but I was wondering if someone could clarify my un

Answer 1

One use of additional entropy is to password protect the application itself. A key derived from the password can be used as entropy while storing application data. Otherwise any process running under the user's context may be able to decrypt the data. If you store the additional entropy instead of prompting for a password, it could still be targeted by a rogue application.