Don’t hard code keys. The keys should be loaded at runtime from a secure source. Azure key vault is a possible option.
How to resolve Use of hard-coded cryptographic key vulnerabilities in asp.net application?
Sana, Ramesh
20
Reputation points
How to resolve Use of hard-coded cryptographic key vulnerabilities in asp.net application?