diff --git a/src/Microsoft.AspNet.DataProtection/DataProtectionServices.cs b/src/Microsoft.AspNet.DataProtection/DataProtectionServices.cs
index 7fd92d7c41..32b5d78d01 100644
--- a/src/Microsoft.AspNet.DataProtection/DataProtectionServices.cs
+++ b/src/Microsoft.AspNet.DataProtection/DataProtectionServices.cs
@@ -89,6 +89,7 @@ namespace Microsoft.Framework.DependencyInjection
                         {
                             // If the user profile isn't available, we can protect using DPAPI (to machine).
                             keyEncryptorDescriptor = DataProtectionServiceDescriptors.IXmlEncryptor_Dpapi(protectToMachine: true);
+                            keyRepositoryDescriptor = DataProtectionServiceDescriptors.IXmlRepository_Registry(regKeyStorageKey);
 
                             if (log.IsInformationLevelEnabled())
                             {
diff --git a/src/Microsoft.AspNet.DataProtection/Repositories/RegistryXmlRepository.cs b/src/Microsoft.AspNet.DataProtection/Repositories/RegistryXmlRepository.cs
index 9e0d036ef7..be466325bd 100644
--- a/src/Microsoft.AspNet.DataProtection/Repositories/RegistryXmlRepository.cs
+++ b/src/Microsoft.AspNet.DataProtection/Repositories/RegistryXmlRepository.cs
@@ -91,8 +91,9 @@ namespace Microsoft.AspNet.DataProtection.Repositories
         {
             try
             {
+                var registryView = IntPtr.Size == 4 ? RegistryView.Registry32 : RegistryView.Registry64;
                 // Try reading the auto-generated machine key from HKLM
-                using (var hklmBaseKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, RegistryView.Registry32))
+                using (var hklmBaseKey = RegistryKey.OpenBaseKey(RegistryHive.LocalMachine, registryView))
                 {
                     // Even though this is in HKLM, WAS ensures that applications hosted in IIS are properly isolated.
                     // See APP_POOL::EnsureSharedMachineKeyStorage in WAS source for more info.