asp.net.ph
Home  
Getting Started  
Skip Navigation Links
Web Forms  
Skip Navigation Links
Data Access  
Skip Navigation Links
Web Apps  
Skip Navigation Links
Web Basics  
Skip Navigation Links
Show Me   Search
Friday, January 10, 2025 

Skip Navigation Links

<machineKey> Section

ASP.NET Syntax   ASP.NET Configuration Sections

Configures keys to use for encryption and decryption of Forms authentication cookie data. This section can be declared at the machine, site, and application levels but not at the subdirectory level. 

<machineKey 
   validationKey = "autogenerate | value" 
   decryptionKey = "autogenerate | value"
   validation = "SHA1 | MD5 | 3DES" />

The <machineKey> tag supports three attributes.

Attribute Option Description
validationKey     Specifies the key used for validation.
    AutoGenerate Specifies that ASP.NET generates a random key and stores it in the Local Security Authority ( LSA ). The AutoGenerate option is the default value.
    value Specifies a manually assigned validation key. This value must be manually set to ensure consistent configuration across a network of Web servers ( a Web farm ). The key must be a minimum of 40 characters ( 20 bytes ) and a maximum of 128 characters ( 64 bytes ) long. If keys shorter than the maximum length are used, they should be created by a truly random means, such as by using RNGCryptoServiceProvider. The recommended key length is 128 hexadecimal characters.
decryptionKey     Specifies the type of encryption used for validation.
    AutoGenerate Specifies that ASP.NET generates a random key and stores it in the Local Security Authority ( LSA ). The AutoGenerate option is the default value.
    value Specifies a manually assigned validation key. This value must be manually set to ensure consistent configuration across a Web farm. The key must be a minimum of 40 characters ( 20 bytes ) and a maximum of 128 characters ( 64 bytes ) long. If keys shorter than the maximum length are used, they should be created by a strong random means, such as by using RNGCryptoServiceProvider. The recommended key length is 128 hexadecimal characters.
validation     Specifies the type of encryption used for data validation.
    SHA1 Specifies that ASP.NET uses SHA1 encryption.
    MD5 Specifies that ASP.NET uses MD5 encryption.
    3DES Specifies that ASP.NET uses Triple-DES ( 3DES ) encryption. When 3DES is selected, forms authentication defaults to SHA1. When the validation attribute is set to 3DES, the view state validation technique uses 3DES encryption.

Syntax Example

The following example sets both the validationKey and the decryptionKey keys to AutoGenerate. 

<machineKey validationKey = "AutoGenerate"
   decryptionKey = "AutoGenerate"
   validation = "SHA1" />
See Also

ASP.NET Configuration   MachineKeySection Class




Home
Suggested Reading

© 2025 Reynald Nuñez and asp.net.ph. All rights reserved.

If you have any question, comment or suggestion
about this site, please send us a note