asp.net mvc - Encrypting information to a hidden field in an MVC application -


i working on mvc project. need encrypt information , store in hidden field. solution being deployed in intranet scenario , information private not critical encrypting best practice. using windows authentication.

to prevent user seeing these values using rijndael encryption method create encrypted string converting encrypted value hex string , placing in hidden field.

i hard-coding values key , iv (storing them in web.config - , encrypting). have read iv should different in every encryption. not want have start storing each iv server side , retrieving on post unless have to.

how critical generate new iv key every request?

would there more suitable encryption algorithm not require generated values?

you can store key , iv values in database each user. prevent generating them on each request, make unique each employee accesed web application

regeneration make each midnight using windows service or sql job.


Comments

Popular posts from this blog

Python Kivy ListView: How to delete selected ListItemButton? -

asp.net mvc 4 - A specified Include path is not valid. The EntityType '' does not declare a navigation property with the name '' -