Share via

FormsAuthenticationConfiguration.Protection Property


Gets or sets the encryption type used to encrypt the cookie.

 property System::Web::Configuration::FormsProtectionEnum Protection { System::Web::Configuration::FormsProtectionEnum get(); void set(System::Web::Configuration::FormsProtectionEnum value); };
[System.Configuration.ConfigurationProperty("protection", DefaultValue=System.Web.Configuration.FormsProtectionEnum.All)]
public System.Web.Configuration.FormsProtectionEnum Protection { get; set; }
[<System.Configuration.ConfigurationProperty("protection", DefaultValue=System.Web.Configuration.FormsProtectionEnum.All)>]
member this.Protection : System.Web.Configuration.FormsProtectionEnum with get, set
Public Property Protection As FormsProtectionEnum

Property Value

One of the FormsProtectionEnum enumeration values. The default value is All.

Note Be sure to use the default value for this property if you want both data validation and encryption to help protect the cookie. This option uses the configured data-validation algorithm based on the machineKey. Triple-DES (3DES) is used for encryption, if available and if the key is long enough (48 bytes or more).

To improve the protection of your cookie, you may also want to set the RequireSSL to true.



The following code example shows how to access the Protection property. Refer to the code example in the FormsAuthenticationConfiguration class topic to learn how to get the section.

// Get the current Protection.
FormsProtectionEnum currentProtection = 

// Set the Protection property.
formsAuthentication.Protection = 
' Get the current Protection.
  Dim currentProtection As FormsProtectionEnum = _

' Set the Protection property.
formsAuthentication.Protection = FormsProtectionEnum.All

Applies to

See also