One of the projects that I’m currently working on requires the use of soft-certificates in order to confirm identity and for doing authorization. Since the application that is being written only needs to have support for Internet Explorer 7, I imported my PKCS #12 certificate through Internet Explorer (Internet Options -> Content -> Certificates -> Personal -> Import).
As I was importing it, there was a page where I needed to provide a password that the CA had given me. On the same page there is an option to “Enable strong private key protection”. It was followed by the sentence “You will be prompted every time the private key is used by an application if you enable this option”. Since I favored security over convenience, I happily selected this option and provided my new password. Just in case I needed to move to another computer, I also marked the key as being exportable.