>Craig's documentation does not tell me what happens if the incorrect secret key is entered or decryption/encryption fails. Is there any other documentation in this case?I don't know as I have not used it. You could ask Craig, or try it yourself but what happens in CryptAPI when you do that is that you change gibberish into different gibberish instead of clear text. He probably does the same as the password is not stored anywhere so it's hard to tell if it is the correct one.