I was reading about Key Containers in .NET as a secure a place to store a private key for asymmetric cryptography and digital signing.
My question is how secure is the Key Container? because I've found out if I know the key container name, then i will be able to retrieve the private key using the following:
// Create the CspParameters object and set the key container
// name used to store the RSA key pair.
CspParameters cp = new CspParameters();
cp.KeyContainerName = ContainerName;
// Create a new instance of RSACryptoServiceProvider that accesses
// the key container MyKeyContainerName.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
// Display the key information to the console.
Console.WriteLine("Key retrieved from container : \n {0}", rsa.ToXmlString(true));
Are Key Containers a secure place to store private keys ?