Home/ Questions/Q 6213903
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T06:46:47+00:00

If someone logs in on a pc from Starbucks (for example) and they accidentally

  • 0

If someone logs in on a pc from Starbucks (for example) and they accidentally check the ‘remember me’ option thereby setting a persistent cookie on that pc, is there any way of denying that cookie from the server without resorting to changing the cookie name in web.config?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I solved this (a while back actually) by setting a machineKey in web.config & changing it when the username/password is changed:

     Sub ChangeMachineKey()
    Dim commandLineArgs As String() = System.Environment.GetCommandLineArgs()
    Dim decryptionKey As String = CreateMachineKey(64)
    Dim validationKey As String = CreateMachineKey(128)
    'HttpContext.Current.Response.Write(decryptionKey + "<br />" + validationKey + "<hr />")
    Dim filename As String = HttpContext.Current.Server.MapPath("~/Web.config")
    Dim XmlReader As XmlTextReader = New XmlTextReader(filename)

    Dim xDoc As XmlDocument = New XmlDocument()
    xDoc.Load(XmlReader)
    XmlReader.Close()

    Dim Node As System.Xml.XmlNode = xDoc.SelectSingleNode("//configuration/system.web/machineKey")
    Node.Attributes.GetNamedItem("validationKey").Value = validationKey
    Node.Attributes.GetNamedItem("decryptionKey").Value = decryptionKey
    xDoc.Save(filename)
End Sub

Public Shared Function CreateMachineKey(ByVal numBytes As Integer) As String
    Dim Random As Byte() = New Byte(numBytes / 2 - 1) {}
    Dim rng As New RNGCryptoServiceProvider()
    rng.GetBytes(Random)
    Dim machineKey As New System.Text.StringBuilder(numBytes)
    Dim i As Integer = 0
    Do While i < Random.Length
        machineKey.Append(String.Format("{0:X2}", Random(i)))
        i += 1
    Loop
    Return machineKey.ToString()
End Function

    This forces everyone to sign in again but since there is only one admin account it works perfectly for me!

    • 0