Is SHA512Managed considered the best one-way hash available in .NET 3.5 for security?

Question

Three SHA512Managed related questions:

1. Is SHA512Managed considered the best one-way hash available in .NET 3.5 for security?
2. What Salt size should be used with SHA512Managed? The application is for strong passwords with at least 8 characters.
3. Is 512 overkill compared to 256 for small strings?

Answer 1

Ben's answer is incorrect, you should not be using SHA* functions to hash passwords. You should be using a hash function that is specifically designed for hashing passwords, such as PBKDF2, BCrypt or SCrypt. Min's answer and comments are correct.

Since you want to use standard .NET library I suggest Rfc2898DeriveBytes which is an implementation of PBKDF2.

http://msdn.microsoft.com/en-us/library/system.security.cryptography.rfc2898derivebytes.aspx