Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hueman domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/CloudIngenium.com/htdocs/wp-includes/functions.php on line 6114
Resolved: You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key – Knowledge eXchange

Resolved: You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key

Q) How to resolve the error message “You must specify a non-autogenerated machine key to store passwords in the encrypted format.” when using ASP.Net membership:

When using ASP.Net membership provider you might encounter the error “You must specify a non-autogenerated machine key to store passwords in an encrypted format” like this one:

System.Configuration.Provider.ProviderException was unhandled by user code
Message=”You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.”
Source=”System.Web”
StackTrace:
at System.Web.Security.MembershipProvider.EncryptPassword(Byte[] password)
at System.Web.Security.MembershipProvider.EncodePassword(String pass, Int32 passwordFormat, String salt)
at System.Web.Security.SqlMembershipProvider.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status)
at System.Web.Security.Membership.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, Object providerUserKey, MembershipCreateStatus& status)
at System.Web.Security.Membership.CreateUser(String username, String password, String email, String passwordQuestion, String passwordAnswer, Boolean isApproved, MembershipCreateStatus& status)

A) You need to set up an encryption/decryption key first

What is happening here is you are probably using an automatically generated encryption/decryption key or you haven’t set one up yet. For example, the following code uses an Automatically Generated key:

<machineKey validationKey="AutoGenerate, IsolateApps" decryptionKey="AutoGenerate, IsolateApps" validation="SHA1" />

What you need to do is use a tool to generate a new key set and use it on your application. As the error indicates, the use of the keyword autogenerate is causing this issue. By setting it to a static value the application is able to use it safely.

Microsoft’s ASP.Net membership provider requires this keys to encrypt and decrypt the information (aka passwords) stored. We fix them so that the key is persistent throughout the server/application or farm if necessary (reboots, recycles, etc).

As you can imagine, encrypting sensitive information like passwords is very important. Hackers who are able to gain access to your database can extract those passwords and if they are not safely stored your users may be compromised.

There are several tools to create encryption / decryption keys. A simple search online on Google could give you a number of option you should evaluate. One thing to keep in mind is that there are risks to this as potentially the tool provider can store the keys it generates or if you are not using an HTTPS connection a third party could intercept the communication and know your encryption key. I think the best approach nowadays is to use IIS Manager to generate those keys. On IIS 7 you already have a feature to generate those keys:

Kx.CloudIngenium.com - Machine Key on IIS 7

They are stored on the web.config of your application so you can extract the key from there and use it on your configuration files.

Enhanced by Zemanta

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.