System.Web.Configuration.MachineKeyValidation Enumeration

Specifies the hashing algorithm that ASP.NET uses for forms authentication and for validating view state data, and for out-of-process session state identification.


public enum MachineKeyValidation


ASP.NET uses a hash-based message authentication code (HMAC) to help detect whether data that is used for forms authentication or view state has been tampered with. The HMAC is generated when view state content is created, and the HMAC is checked on subsequent requests. The HMAC helps ASP.NET determine whether someone has changed data that is sent between the server and the client, but the data can be read by anyone as it travels through the Internet unless it is also encrypted. By default, view state is validated but not encrypted. For more information, see System.Web.UI.Page.ViewStateEncryptionMode and System.Web.UI.Page.RegisterRequiresViewStateEncryption.

The System.Web.Configuration.MachineKeyValidation enumeration lets you specify the algorithm that ASP.NET uses to create the HMAC. The default value is MachineKeyValidation.HMACSHA256. ASP.NET uses the value of the MachineKeySection.ValidationKey property with the selected algorithm to generate the HMAC.


Member NameDescription

Specifies that ASP.NET uses the AES (Rijndael) encryption algorithm.


Specifies that ASP.NET uses the Message Digest 5 (MD5) hashing algorithm.


Specifies that ASP.NET uses the HMACSHA1 hash algorithm.


Specifies that ASP.NET uses the TripleDES (3DES) encryption algorithm.


Namespace: System.Web.Configuration
Assembly: System.Web (in System.Web.dll)
Assembly Versions:
Since: .NET 2.0