How-to: Generate an ASP.Net Machine Key
Using a third-party to generate an ASP.Net machine key is risky, as the third party now has access to your public IP and the generated machine key. But what is a secure way to generate your machine key?
IIS Administration to the Rescue!
The answer is simple. Use the IIS Administration portal to generate your machine keys. This method is 100% local to your corporate infrastructure, and not shared with anybody but you!
- Log onto a system that has IIS 7/8+ installed.
- In IIS Admin, click the server name in the left tree.
- Click the MachineKey icon in the right content pane.
- In the Machine Key window, click Generate Keys.
- Now copy/paste the Validation Key and Decryption Key into your app's web.config file.
- I never allow IIS to modify either the machine.config nor my sites web.config. Clicking Generate Keys will not modify .configs. But clicking Apply will.
- You may want to learn more about encryption method.
- Machine Keys provide additional Web Site security. I use the machine key to allow the same Forms Auth logon to work on two different sites.
More Info: MSDN Machine Key