yes the machine keys are the same in all web.config files on each app server. Just to be clear we use sql server to store a lot of session state from many pages without problems.
As I said in my previous post, I did download your sample code (thanks for tons of examples I did not know about before. I created a single page app and added a snippet of the sample and set up session state in sql server and when I examine the Session array, there is only 1 RadCaptcha (RadCaptha_TimeOut) property, not CapthaImage.previousText which is what is needed.
I have a work around that saves the user input and I can perform my own validation by saving both CapthaImage.Text and CapthaImage.PreviousText. I check in Page_load (Post_back) and if it is the same app processor I validate with CapthaImage.PreviousText, if it is a new app processor I validate with the CapthaImage.Text I saved in the original Page_Load.
What RadChaptcha properties are supposed to be saved in Session state when I set ImageStorageLocation="Session"