When you install Magento, an encryption key is created. This key is used to keep storage and data secure within the website and database. For instance, the encryption key is used when storing credit card information, passwords and other vital data for the site as well as the customer.
Today, I’m going to show you where to access your encryption key as well as creating a new one.
Where Is the Key Stored?
In Magento 2, the encryption is stored in an env.php file. This is also the location of the configuration settings for your database should you need it when moving your website or making other access changes.
Click on the “File Manager” tool in cPanel.
Click on the “public_html” directory to access your Magento website.
Open the “app” folder by double-clicking it.
Access the “etc” folder by double-clicking it as well.
Highlight the “env.php” file by clicking it once and click “Edit” from the tool bar.
Leave the character coding set as utf-8 and click “Edit.”
The encryption key is located in the “crypt” array within the coding. It’s the long strand of characters after the:
Normally, you would never share your encryption key with anyone. However, I am going to show you how to generate a new key. Which means this one will be obsolete long before you read this article.
Creating a New Encryption Key
Magento has the ability to create new encryption keys built into its admin panel. With a few clicks of the mouse, you can alter the key to keep security private and protected.
This is ideal in case you take a screen shot of your encryption key and show it to the world.
From the Magento dashboard, select the System section and click “Manage Encryption Key.”
Magento gives you two ways to generate this key. You can have it perform the encryption automatically or you can enter in a new key by hand. By default, Magento will offer the option to manually create a new key.
For this tutorial, let’s go ahead and create an automatic key from Magento.
In the drop down window next to Auto-generate a Key, select “Yes.”
Click the “Change Encryption Key” button on the top right of the screen.
Magento will create a random encryption key for you to use in future APIs or other modifications.
The Magento encryption key is a vital component when you want to save data regarding the website. The system creates one of these keys automatically when you first build your online store. It’s imperative you keep it safe and hidden at all times. Should you suspect there is ever a problem, it’s always best to simply create a new key to prevent anyone from accessing data using the old one.
Author: Josh Dargie
My name is Josh Dargie and I’m the Operations Manager at GreenGeeks. I’ve been with the company since 2009. I have over 16 years of experience working with and for various web hosting providers specifically in development, day-to-day operations and customer service.