Menu
What kind of algorithm does Asp.Net Identity framework use to encrypt the password? I have a scenario where android, iPhone, web and desktop use the same database.
This password should be encrypted, so in ASP.NET MVC I have used Identity framework to encrypt the password. Now I need the algorithm to work for all platforms.
Any help will be appreciated.
Thanks in advance.
264
Commonly used hashing algorithms include Message Digest (MDx) algorithms, such as MD5, and Secure Hash Algorithms (SHA), such as SHA-1 and the SHA-2 family that includes the widely used SHA-256 algorithm.
ASP.NET Core Identity and password hashingThe app will create a hash of the password, and store it in the database along with the user's details. A hash is a one way function, so given the password you can work out the hash, but given the hash you can't get the original password back.
The default password hasher for ASP.NET Core Identity uses PBKDF2 for password hashing. While PBKDF2 is not the worst choice, there are certainly better password hashing algorithms available to you, such as bcrypt, scrypt, and Argon2.
To protect passwords, experts suggest using a strong and slow hashing algorithm like Argon2 or Bcrypt, combined with salt (or even better, with salt and pepper). (Basically, avoid faster algorithms for this usage.) To verify file signatures and certificates, SHA-256 is among your best hashing algorithm choices.
This depends on the selected compatibility mode.
Implementation details can be found in their Github repo
At this moment they support:
version 2
version 3
51
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
