Hey, that's pretty cool. I don't have to type my name every time I check email.
Uh, my credit card numbers are now available to anyone who shares my machine, and probably to hackers. So is personal data and stuff I don't want my [pick one - wife, kids, boss, lawers, cops] to know.
Talk about spyware. (For code to read a foriegn registry, see this.)
Ah, perhaps this is a bad idea.
However, since Windows automatically decrypts the data for Internet Explorer, it should be possible to get it to decrypt the data for a hacker (ie, the hacker won't need to know the decryption key).
In addition, the data is easily read by anyone using your machine while you are logged on.
Supposedly, on Windows NT 4 (and above), each user has a unique security identifier (SID) which is supposed to improve security. However, on my Windows 98 system, it appears that most (but not all) users share the SAME SID.
Based on InCtrl traces, a program called pstores.exe (dated 3-18-99 on my system) performs the work.
pstores.exe - Protected Storage Service - appears to be a part of the Windows Cryptographic API. (I have not been able to find direct confirmation of this.)
Related Registry Entries
HKLM\Software\Microsoft\Windows\ Protected Storage System Provider\[your user name]\Data
To clear all the remembered data, from the IE menu, select