.NET standard library to secure the passwords using multiple hashing algorithms.
- Secure the passwords using different types of hashing algos
- Uses of the different Encoding types
- Generating random salt
- Unit test cases to check the library fuctionality
- Must have the latest version of the Visual Studio
Clone csharp-password-hash
into your system using below commands:
Open command prompt and type below commands
git clone https://github.com/LoginRadius/csharp-password-hash
cd csharp-password-hash
csharp-password-hash.sln
It will open the solution into the Visual Studio
Below are samples to show how you might use the library.
public class User{
public string EmailId{get;set;}
public string Password{get;set;}
}
//Create user object and set emailId and password properties
var userObject = new User
{
EmailId = "test@gmail.com",
Password = "Test#11"
};
//Create HashConfig object and set below properties
var hashConfig = new HashingConfig
{
GeneratePerPasswordSalt = true, // This property is used when we have generate different password salt
GlobalSalt = null, // This is used when we have to use the same salt for every password
SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",// Format which will be used in salted password
HashingAlgo = HashingAlgo.MD5, // Hashing algo which we want to use
PasswordHashEncodingType = EncodingType.Default // Encoding type for password hashing
};
//Combine the user object and HashConfig object (When GeneratePerPasswordSalt is true)
//Create method to check password
public void ValidatePassword()
{
var userObject = new User
{
EmailId = "test@gmail.com",
Password = "Test#11"
};
var hashConfig = new HashingConfig
{
GeneratePerPasswordSalt = true,
GlobalSalt = null,
SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
HashingAlgo = HashingAlgo.MD5,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing(); // Create password hashing object
var hash = passwordHashing.GetHash(userObject.Password, hashConfig); // GetHash for the password
var match = passwordHashing.CheckPassword(hash, hashConfig, userObject.Password); //Check password
}
//In that case we have to set the GlobalSalt property
//Create HashConfig object and set below properties
var hashConfig = new HashingConfig
{
GeneratePerPasswordSalt = false, \
GlobalSalt = SecureSalt,
SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
HashingAlgo = HashingAlgo.MD5,
PasswordHashEncodingType = EncodingType.Default
};
//Combine the user object and HashConfig object (When GeneratePerPasswordSalt is false)
//Create method to check password
public void ValidatePassword()
{
var userObject = new User
{
EmailId = "test@gmail.com",
Password = "Test#11"
};
var hashConfig = new HashingConfig
{
GeneratePerPasswordSalt = false,
GlobalSalt = "SecureSalt",
SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
HashingAlgo = HashingAlgo.MD5,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing(); // Create password hashing object
var hash = passwordHashing.GetHash(userObject.Password, hashConfig); // GetHash for the password
var match = passwordHashing.CheckPassword(hash, hashConfig, userObject.Password); //Check password
}
Would love any contributions by you, including better documentation, tests or more robust functionality. Please follow the contributing guide