Protected Storage


Is used to encrypt and store secure information like this - SSL certificates

  • Passwords for programs (like Outlook, Outlook Express, etc.)
  • Info stored by Profile Assistant
  • Info maintained by MS Wallet
  • Digitally signed S/MIME keys.

Note if this service is set to manual it will cause Outlook Express to take a long time to start, because it has to wait for this service to load first.

Note if this service is stopped or disabled, private keys will be inaccessible, certificate server will not operate, S/MIME & SSL will not work and smart card logon will fail.

Note if Protected Storage becomes corrupt, then it might fail to start or fail to provide services. To reset Protected Storage:

  1. Boot in safemode
  2. Execute this command:

    net stop ProtectedStorage

  3. Move the contents of the this folder to another folder for safe keeping:

    C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\S-1-5-18

    More Info MS KB246183

  4. Delete the following registry key (If it exists):

    [HKEY_USERS \.DEFAULT \Software \Microsoft \Cryptography \Providers \Type 001]

    More Info MS KB312028

  5. Restart Windows

More Info MS KB216382
More Info MS KB264033
More Info MS KB264672
More Info MS KB275465 (Replaces MS KB259416)
More Info MS KB290684
More Info MS KB306895

  • Manual.
Default State:
  • Vista/Win7: Manual
  • WinNT4/Win2k/WinXP/Win2k3: Automatic
Process Name:
  • Win2k/WinNT4+IE4: services.exe (ProtectedStorage)
  • WinXP/Win2k3/Vista/Win7: lsass.exe (ProtectedStorage)