I know that right after Dev Days right now there is a big buzz about DPAPI. I think the main reasons is that it really simplifies cryptography to a point that we can essentially ignore key generation (at least this appears to be the case for every example that I haven't seen). Key generation is defined by looking at when you want the data to be able to be decrypt (do I tie this data to the user, or to this machine, for instance).
I know that the goal here is to make it easier for “Joe Programmer“ (I hate the term “Mort“) to use encryption without having to know a lot about cryptography and the cryptography framework.
Here are my problems with DPAPI. First of all it uses Triple-DES which is not the absolute strongest encryption (AES/Rijn-Dael is actually stronger). I wish that we could determine behind the scenes how the strong the encryption is (someone told me that this is possible, but it is not easy to do).
Sometimes you want to go the opposite direction and munge the data so prying eyes (of users) can't tell what it is, but that the programmer can mentally decrypt (building a simple ROT13 encryption scheme for example would accomplish this); this would let us munge the data settings in our app.config files, for instance.
There are times when I want to control the key (because I need the data to be decrypted on machines or by the people that I say should be able to decrypt it). DPAPI actually doesn't let me set the key (at least as far as I can tell), so I give up some of the control.
Something else, I would like to see MS do is give us an application block of something similar that lets us securely retrieve/store our crypto keys on a machine. Maybe they should strip the key generation features (maybe they have) out and let me just use them so I can use this with my own encryption.