This documentation is archived and is not being maintained.

FormsProtectionEnum Enumeration

Specifies the forms protection method that the application uses.

[Visual Basic]
Public Enum FormsProtectionEnum
public enum FormsProtectionEnum
__value public enum FormsProtectionEnum
enum FormsProtectionEnum


Member name Description
All Specifies that the application uses both data validation and encryption to help protect cookies. This option uses the configured data validation algorithm (based on the <machineKey> element). Triple-DES (3DES) is used for encryption, if it is available and if the key is at least 48 bytes longs. All is the default (and recommended) value.
Encryption Specifies that cookies are encrypted using Triple-DES or DES, but data validation is not performed on cookies. Cookies used this way might be subject to chosen plain-text security attacks.
None Specifies that both encryption and validation are disabled for sites that use cookies only for personalization and have weaker security requirements. Using cookies in this manner is not recommended; however, it is the least resource-intensive way to enable personalization using the .NET Framework.
Validation Specifies that the application uses a validation scheme to verify that the contents of an encrypted cookie have not been altered in transit. The cookie is created by concatenating a validation key with the cookie data, computing a Message Authentication Code (MAC), and appending the MAC to the outgoing cookie.


Namespace: System.Web.Configuration

Platforms: Windows 2000, Windows XP Professional, Windows Server 2003 family

Assembly: System.Web (in System.Web.dll)

See Also

System.Web.Configuration Namespace