New Encryption Key format introduced on Magento 2.4.7

Starting from Magento 2.4.7, the encryption key has a new format and the key length is increased to 256-bit. We will demonstrate the key generation process and after reading this blog, you should be able to generate one manually.

< 2.4.7 old format

The encryption key is in hex format, and actually, it is calculated by the PHP builtin md5() function.

<?php
    // this is how Magento generates the key
    echo md5(random_bytes(32)); // 128-bit

Example output:

5f81fe506a1025b8ea439fd49c6fa8e3

Alternative PHP way:

<?php
    // this is how Magento generates the key
    echo bin2hex(random_bytes(16));

The OpenSSL way:

openssl rand -hex 16

>= 2.4.7 new format

The encryption key is base64 encoded and prefixed with 'base64'.

<?php
    // this is how Magento generates the key
    echo 'base64' . base64_encode(random_bytes(32)); // 256-bit

Example output:

base64bDr+HSz4tZ+cjZA89J5RvbZzCfDKWO1iXgDfmqeZL0c=

The OpenSSL way:

( echo -n 'base64'; openssl rand -base64 32; ) | cat