Parameters passed from page to page via URL’s can be encrypted via the Application Generation Options dialog. When enabled, the URLs for Show Record and Edit Record pages are encrypted using the Session ID as the encryption key. In some cases, the URLs for Add Record pages are also encrypted, such as when copying a record.
You may change the encryption key to something other than the Session ID in the Encrypt and Decrypt methods of the BaseApplicationPage class, located in:
…\<Application Name>\App_Code\Shared\BaseApplicationPage.cs (or .vb)
Application Security Management