By default IIS generates random keys for both the Validation Key and Decryption Key every time it starts a website up. The problem with this is if IIS fails and restarts any logged in users Authentication Cookie becomes invalid. To prevent this you can set both Keys to set values so that even if IIS fails and restarts the website uses the same key and any logged-in clients Authentication Cookies are no longer invalidated.
1) Navigate to the Website in question.
2) Select the Machine Key section.
1) Untick "Automatically generate at runtime" for the Validation key.
2) Untick "Automatically generate at runtime" for the Decryption key.
1+2) You can now manually enter your keys.
3) The easiest way to create keys is to click "Generate Keys" in the right-hand column.
1+2) You now have valid keys for both Validation and Decryption
3) Click Apply to save your changes.
1) Here we can see the keys as stored in the <system.web> section of the web.config file.
