I am in the process of upgrading codeigniter from 1.7.2 to 2.0.1.

Everything seems to have gone ok except I get

In order to use the Session class you are required to set an encryption key in your config file.

What is the change in 2.0.0/2.0.1 that has caused this?

What change do I need to make to fix this.

Will making said change break anything?

ohai again https://www.codeigniter.com/user_guide/libraries/encryption.html :D

The reason they ask for an encryption key is security (obviously)

Note: Even if you are not using encrypted sessions, you must set an encryption key in your config file which is used to aid in preventing session data manipulation. - source: https://www.codeigniter.com/user_guide/libraries/sessions.html

This modification won't break your code. But be careful when updating from 1.7.2 to 2.0.1. I suggest you to backup your code :)

BTW they added this security improvement with the 2.0.0 version of CI. I don't know why they don't mention it in their upgrade guide though :(

add this to your config.php

$config['encryption_key'] = 'your_encryption_key_here';

./application/config/config.php

Encryption Key
---------------------

If you use the Encryption class or the Session class you MUST set an encryption key. See the user guide for info.

$config['encryption_key'] = '02527-269-2503946-70386-34730519';