Ever wonder what the gobbly-gook in your viewstate is? Do you think your view state is safe? Unless you're encrypting your viewstate, it's open for the world to dissect.

Try this. Create an aspx page, add something to the view state, browse to it, and view the source. Look for the <input type="hidden" name="__VIEWSTATE" value=""> tag, and copy everything in between the value="" quote marks.

The browse to WilsonDotNet.com/Demos/ViewState.aspx (link below) and paste it in. Click the "Parse Viewstate" button, and this site will tell you in human readable form, what's in your view state.

Encrypting your view state, slows the page a little, but is easy and can be done by simply adding a key in your web.config file under Configuration.System.Web.

<machineKey validation="3DES" validationKey="" />

in the validationKey="" you'll have to enter a 128 bit key. Check out this page (link below) by Susan Warren to see how to build a page, that generates a 128 bit key.