%APPDATA%\Microsoft\Protect\{SID}
directory, where {SID} is the Security Identifier of that user. The DPAPI key is stored in the same file as the master key that protects the users private keys. It usually is 64 bytes of random data. (Notice that this directory is protected so you cannot list it usingdir
from the cmd, but you can list it from PS).spotless
master key:spotless
chrome secrets using their decrypted master key:dpapi::cred
with the appropiate /masterkey
to decrypt: