I would like to store valuable client data (ex. passwords, OAuth tokens) in a way that they will be accessible only from one application (separation on application base). The mechanism must be transparent for the user - additional password protection will be irritating.
Is there any way to achieve that in Windows?
(In Android case such separation is possible by assigning each application unique user ID and taking advantage of standard *nix mechanisms.)
I am aware of existence of Isolated Storage (http://msdn.microsoft.com/en-us/library/3ak841sy.aspx), but the documentation states clearly it is not recommended for storing valuable data:
You should not use isolated storage in the following situations:
- To store high-value secrets, such as unencrypted keys or passwords, because isolated storage is not protected from highly trusted code, from unmanaged code, or from trusted users of the computer.