How to Rotate Encryption Key in Magento 2? – Technical Solution 

Your sensitive data getting into the wrong hands is a true nightmare.

Using an encryption key, Adobe Commerce and Magento Open Source, protects your store, but rotating the encryption key is essential to improve its security. 

Rotating the encryption key simply means changing them.  

During the initial installation of your Magento 2 store, you might have opted for any one of these two prompts to encrypt and protect your data:

  • Let Adobe Commerce automatically generate an encryption key
  • You created a custom key of your own

Magento recommends you take timely action to rotate your encryption key to avoid any data leak or unauthorized store access. 

Here is how to do it. 

How to Change an Encryption Key on Magento 2? 

Step 1: Enable Maintenance Mode & Disable Cron Job 

Firstly, enable the maintenance mode.

bin/magento maintenance:enable

And turn off the cron jobs.

For Cloud infrastructure projects:

./vendor/bin/ece-tools cron:disable

For On-premises projects

crontab -e

Step 2: Change Your Encryption Key

Now, from your Magento 2 admin panel, head to System > Other Settings > Manage Encryption Key.

Here, you have two options at the Auto-generate a Key field: 

  • Select YES for Magento to generate a new key for you automatically
  • Select NO if you want to create a custom key of your choice 
Encryption Key on Magento 2

Enter the custom key in the New Key field and click Change Encryption Key to finish the settings. 

Step 3: General Settings for Encryption Key

Lastly, flush the cache, enable the cron jobs, and disable maintenance mode for your store to start working as usual.

Flush the cache

For Cloud infrastructure projects:

magento-cloud cc

For On-premises projects:

bin/magento cache:flush

Enable cron jobs

For Cloud infrastructure projects:

./vendor/bin/ece-tools cron:enable

On-premises projects:

crontab -e

Disable maintenance mode

bin/magento maintenance:disable

And that’s it, your store is safe again.

Things to Keep in Mind While Encryption

Here is a mini-checklist of things to keep in mind while working with an encryption key: 

  • Take a backup of your current key and save it in a secure location for the future.  
  • Always use a strong and random encryption key.
  • Since there is no limit to the length, use it wisely.
  • Rotate every 6 to 12 months, and in case of any security accident, do it immediately.

Now, go ahead and try this solution yourself.

Helpful read: A Definitive Guide on Magento 2 Security

Magento 2 Security Patches Installation

Keep your store secure with the latest Magento 2 patches—add them before it’s too late.

Add Now
Magento Security Patches Installation Service


Sanjay Jethva

Article by

Sanjay Jethva

Sanjay is the co-founder and CTO of Meetanshi with hands-on expertise with Magento since 2011. He specializes in complex development, integrations, extensions, and customizations. Sanjay is one the top 50 contributor to the Magento community and is recognized by Adobe. His passion for Magento 2 and Shopify solutions has made him a trusted source for...