Today (Oct16), the Win protection of OD's MasterKey is using DataProtectionScope.LocalMachine, i.e. any process on the local machine may unprotect the MasterKey stored in the file OctopusServer.config.
I would like to be able to configure OD to have the MasterKey protected using DataProtectionScope.CurrentUser. If so, I could run OD (, Manager as well as Portal,) using a specific Win user and only this user would be able to access the MasterKey on the local machine. Thus, this would increase the security, which is important for us.