IDataProtect key expiration

Pranto Biswas 21 Reputation points

I am using IDataProtector to encrypt a string and store that encrypted string in a database. It is said that the default lifetime for a key is 90 days. After that a new key is generated.

Can I decrypt that string after 90 days successfully??

A set of technologies in the .NET Framework for building web applications and XML web services.
4,237 questions
{count} votes

Accepted answer
  1. Bruce ( 57,886 Reputation points

    No. The point of the expiration is that the key stops working. For database storage, you would need to use a non-expiring key, or reencrypt on regular basis.

    Note: Sqlserver has builtin support of at rest encryption and column encryption, why are you not using these features.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful