ViewState should not store sensitive information. It is only encoded and not encrypted. Where it is really handy is for storing things that you would normally put in the session. Example: an HR rep is editing a particular user, the user presses ctrl+N to open a new browser window and selects another user for reference. They change the values in the first open window and hit save… If you are using session variables, you are hosed. Not so if you are using ViewState. So, we don’t care if the user finds out another user’s id, but we care if they change the view state to another user id. This is why the view state is protected by a checksum.
i have try every method which you have used,but this is question :Authentication of viewstate failed. 1) If this is a cluster, edit configuration so all servers use the same validationKey and validation algorithm. AutoGenerate cannot be used in a cluster. 2) Viewstate can only be posted back to the same page. 3) The viewstate for this page might be corrupted. also happens,so,have you have another way?thank you very much!!!