I found this 'yes' option is default when I install
Admin – Add Secret Key to URLs – Yes
whenever I use admin, the url seems so complicate due to this option.
Using this option have some benefit? is it effect some admin speed performance badly?
Do you recommend to set 'yes' to this option and can I know the reason?
Best Answer
This option is necessary to prevent against CSRF attacks:
There is no speed benefit to disabling this option and it opens your store up to potential attack. I recommend to leave this option enabled.
Sources:
http://en.wikipedia.org/wiki/Cross-site_request_forgery