How to Set a Machine Key to Your Custom ASP Application

Machine key is used for authentication and security in ASP. If you have an asp application that requires login, you must set the Machine Key for security and to avoid a viewstate validation error. A viewstate validation error will log off any user connected to your application even if you set a 8 hours timeout. For that reason, In this article I will give a step by step guide on how to set a Machine Key to your ASP Application

The Machine Key <machineKey> element helps to control tamper proofing and encryption of ViewState, forms authentication tickets, and role cookies. Instead of creating a complicated function, we will use a tool to generate random machine keys.

1. Go to this address and get a random machine key. It should look like this:

<machineKey validationKey=”83BDD6F29FEF43C0256106B322F775DE77D8704CC3A5E07B9D2BD2253337374A3A64DD466D6A2CA81C6FBF27F6BFF637FC24CE8C17B0540BB191E07B90CB5DC0″ decryptionKey=”4411595512AD6A65D5C09842DB764FA1BAAC04A37FD6C7E4827D42ED8F8C496E” validation=”SHA1″ decryption=”AES” />

It is very important that you include the validation method (SHA1) and the decryption method (AES)

2. Now, open the web.config file of your custom ASP Application and paste the machine key right below the  <system.web> tag and save it:

3. And that’s it, Machine Key is now set.

The importance for this is not only about securing your authentication method, it is also to avoid random application log off. If Machine Key is not set, any recycle of the application pool  will generate a new key and it will give you a validation error.

This concludes How to set a Machine Key to your Custom ASP Application

Looking for quality Asp Hosting? Look no further than Arvixe Web Hosting!

Happy Hosting!

Rodolfo Hernandez

Tags: , , , , , , , , , , | Posted under ASP .NET 3.5, DotNet/Windows Hosting | RSS 2.0

Author Spotlight

Rodolfo Hernandez

Rodolfo Hernandez

I like photography and reading books. Currently working for Arvixe as Elgg Community Liaison. Elgg Security Expert Web Security Expert CEO of UDP SW Social Web

Leave a Reply

Your email address will not be published. Required fields are marked *


7 × 7 =

You may use these HTML tags and attributes: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>