Menu
The password leak of LinkedIn proved how important it is to securely hash your passwords. However, even hashing passwords with a salt is not secure with the 'normal' hashing algorithms (such as MD5 and the SHA family), since they are optimized for speed, which allows hackers compute 2300 million hashes per second (brute force).
There are hashing algoritms that are safer to use because they are much more computational intensive, such as PBKDF2, Bcrypt, PBMAC, and scrypt. These hashing algorithms however, don't seem to be included in the .NET framework.
So, which performance intensive hashing algorithms are included in the .NET framework?
ANSWER: PBKDF2 is included in the framework and this site shows how to use it properly.
739
To protect passwords, experts suggest using a strong and slow hashing algorithm like Argon2 or Bcrypt, combined with salt (or even better, with salt and pepper). (Basically, avoid faster algorithms for this usage.) To verify file signatures and certificates, SHA-256 is among your best hashing algorithm choices.
The NT hash is simply a hash. The password is hashed by using the MD4 algorithm and stored. The NT OWF is used for authentication by domain members in both Windows NT 4.0 and earlier domains and in Active Directory domains.
Both SHA256 and SHA512 are approved NIST hash algorithms. "to defend against dictionary attacks, a password hashing scheme must include a work factor to make it as slow as is workable."
The primary difference between SHA-256 and SHA-512 is the word size; SHA-256 uses 32-byte words where asSHA-512 uses 64-byte words.
I think it's not really a meaningful Class name, but I do think it is included in the .NET framework. According to multiple sources, Rfc2898DeriveBytes is actually a PBKDF2 implementation. MSDN says so as well.
See Why do I need to use the Rfc2898DeriveBytes class (in .NET) instead of directly using the password as a key or IV? and PBKDF2 implementation in C# with Rfc2898DeriveBytes
for example.
116
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
