How To Customize Password Hashing in ASP.Net Identity

By FoxLearn 2/18/2024 1:55:04 AM   186
This post shows you how to implement custom password hasher in ASP.NET Identity.

You create an encrypt method to encrypt your password

There are many ways to encrypt passwords, within the scope of this article I will use MD5 to hash a string

Creating an Encrypt class, then create a method allows you to input a string, then encrypt it

public class Encrypt
{
    public static string GetMD5Hash(string input)
    {
        //using md5 to hash string
        using (MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider())
        {
            //convert string to byte arrays
            byte[] bs = System.Text.Encoding.UTF8.GetBytes(input);
            bs = md5.ComputeHash(bs);//Hash byte
            System.Text.StringBuilder s = new System.Text.StringBuilder();
            //convert byte arrays to string
            foreach (byte b in bs)
                s.Append(b.ToString("x2").ToLower());
            return s.ToString();
        }
    }
}

You need to create a CustomPasswordHasher class then implement IPasswordHasher and add a custom encrypt string to the HashPassword method.

public class CustomPasswordHasher : IPasswordHasher
{
    public string HashPassword(string password)
    {
        return Encrypt.GetMD5Hash(password);//using custom hash password
    }

    public PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
    {
        if (hashedPassword == HashPassword(providedPassword))
            return PasswordVerificationResult.Success;
        else
            return PasswordVerificationResult.Failed;
    }
}

Open the IdentityConfig.cs then modify code as below to implement custom password

public ApplicationUserManager(IUserStore<ApplicationUser> store)
            : base(store)
{
    PasswordHasher = new CustomPasswordHasher();
}

I hope you can solve your problem with custom membership password hasher base on MD5 encrypt in ASP.NET Identity