Blog posts of '2015' 'October'

How-to: Generate an ASP.Net Machine Key

How-to: Generate an ASP.Net Machine Key

Using a third-party to generate an ASP.Net machine key is risky, as the third party now has access to your public IP and the generated machine key. But what is a secure way to generate your machine key?

IIS Administration to the Rescue!

The answer is simple. Use the IIS Administration portal to generate your machine keys. This method is 100% local to your corporate infrastructure, and not shared with anybody but you!

  1. Log onto a system that has IIS 7/8+ installed.
  2. In IIS Admin, click the server name in the left tree.
  3. Click the MachineKey icon in the right content pane.
  4. In the Machine Key window, click Generate Keys.
  5. Now copy/paste the Validation Key and Decryption Key into your app's web.config file.


  • I never allow IIS to modify either the machine.config nor my sites web.config. Clicking Generate Keys will not modify .configs. But clicking Apply will.
  • You may want to learn more about encryption method.
  • Machine Keys provide additional Web Site security. I use the machine key to allow the same Forms Auth logon to work on two different sites.

More Info: MSDN Machine Key