1. Home
  2. Magento Tutorials
  3. How to Use the Magento Encryption Key

How to Use the Magento Encryption Key

When you install Magento, an encryption key is created. This key is used to keep storage and data secure within the website and database. For instance, the encryption key is used when storing credit card information, passwords and other vital data for the site as well as the customer.

Today, I’m going to show you where to access your encryption key as well as creating a new one.

Where Is the Key Stored?

In Magento 2, the encryption is stored in an env.php file. This is also the location of the configuration settings for your database should you need it when moving your website or making other access changes.

Click on the “File Manager” tool in cPanel.

File Manager cPanel Tool

Click on the “public_html” directory to access your Magento website.

Access Magento Directory

Open the “app” folder by double-clicking it.

App Folder Open

Access the “etc” folder by double-clicking it as well.

Open ETC Folder

Highlight the “env.php” file by clicking it once and click “Edit” from the tool bar.

Edit ENV File

Leave the character coding set as utf-8 and click “Edit.”

Edit Button For ENV

The encryption key is located in the “crypt” array within the coding. It’s the long strand of characters after the:

‘key’ =>

Encryption Key

Normally, you would never share your encryption key with anyone. However, I am going to show you how to generate a new key. Which means this one will be obsolete long before you read this article.

Creating a New Encryption Key

Magento has the ability to create new encryption keys built into its admin panel. With a few clicks of the mouse, you can alter the key to keep security private and protected.

This is ideal in case you take a screen shot of your encryption key and show it to the world.

From the Magento dashboard, select the System section and click “Manage Encryption Key.”

Manage Encryption Key

Magento gives you two ways to generate this key. You can have it perform the encryption automatically or you can enter in a new key by hand. By default, Magento will offer the option to manually create a new key.

For this tutorial, let’s go ahead and create an automatic key from Magento.

In the drop down window next to Auto-generate a Key, select “Yes.”

Auto-Generate Encryption Key

Click the “Change Encryption Key” button on the top right of the screen.

Change Encryption Key

Magento will create a random encryption key for you to use in future APIs or other modifications.

New Encryption Key

The Magento encryption key is a vital component when you want to save data regarding the website. The system creates one of these keys automatically when you first build your online store. It’s imperative you keep it safe and hidden at all times. Should you suspect there is ever a problem, it’s always best to simply create a new key to prevent anyone from accessing data using the old one.

Author: Josh Dargie

My name is Josh Dargie and I’m the Operations Manager at GreenGeeks. I’ve been with the company since 2009. I have over 16 years of experience working with and for various web hosting providers specifically in development, day-to-day operations and customer service.

Updated on May 26, 2017

Was this article helpful?

Related Articles

Add A Comment