ViewStateUserKey makes ViewState more tamper-resistant November 17, '04 Comments [1] Posted in ASP.NET | ViewState Sponsored By Here's a little-known but very useful no-brainer to add to your ASP.NET application's base Page.void Page_Init (Object sender, EventArgs e){ if (User.Identity.IsAuthenticated) ViewStateUserKey = User.Identity.Name;}"What this does is key the view state to an individual using a unique value of your choice. This option, which is only available in ASP.NET 1.1, is the Page.ViewStateUserKey. This needs to be applied in Page_Init because the key has to be provided to ASP.NET before view state is loaded."For more good details on preventing tampering and best-practices with ASP.NET, visit Anil John's page on Authentication/Authorization and Defense in Depth. « What are you reading? | Blog Home | Presentation Tips for People running Vir... » About Scott Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author. About Newsletter Sponsored By Hosting By