csharp-password-hash

.NET standard library to secure the passwords using multiple hashing algorithms.

Features

Secure the passwords using different types of hashing algos
Uses of the different Encoding types
Generating random salt
Unit test cases to check the library fuctionality

Getting Started

Must have the latest version of the Visual Studio

Clone csharp-password-hash into your system using below commands:

Open command prompt and type below commands

git clone https://github.com/LoginRadius/csharp-password-hash
cd csharp-password-hash
csharp-password-hash.sln

It will open the solution into the Visual Studio

Usage

Below are samples to show how you might use the library.

Create user model class

public class User{
  public string EmailId{get;set;}
  public string Password{get;set;}
}

Create user object

//Create user object and set emailId and password properties
var userObject = new User
{
  EmailId = "test@gmail.com",
  Password = "Test#11"
};

Example 1 - Create HashConfig object (When GeneratePerPasswordSalt is true)

//Create HashConfig object and set below properties
var hashConfig = new HashingConfig
{
  GeneratePerPasswordSalt = true, // This property is used when we have generate different password salt
  GlobalSalt = null, // This is used when we have to use the same salt for every password
  SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",// Format which will be used in salted password 
  HashingAlgo = HashingAlgo.MD5, // Hashing algo which we want to use
  PasswordHashEncodingType = EncodingType.Default // Encoding type for password hashing
};

Check password (When GeneratePerPasswordSalt is true)

//Combine the user object and HashConfig object (When GeneratePerPasswordSalt is true)
//Create method to check password
public void ValidatePassword()
{
  var userObject = new User
  {
   EmailId = "test@gmail.com",
   Password = "Test#11"
  };
  var hashConfig = new HashingConfig
  {
    GeneratePerPasswordSalt = true,
    GlobalSalt = null,
    SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
    HashingAlgo = HashingAlgo.MD5,
    PasswordHashEncodingType = EncodingType.Default
  };
  var passwordHashing = new PasswordHashing(); // Create password hashing object
  var hash = passwordHashing.GetHash(userObject.Password, hashConfig); // GetHash for the password
  var match = passwordHashing.CheckPassword(hash, hashConfig, userObject.Password); //Check password
}

Example 2 - Create HashConfig object (When GeneratePerPasswordSalt is false)

//In that case we have to set the GlobalSalt property
//Create HashConfig object and set below properties
var hashConfig = new HashingConfig
{
  GeneratePerPasswordSalt = false, \
  GlobalSalt = SecureSalt, 
  SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
  HashingAlgo = HashingAlgo.MD5, 
  PasswordHashEncodingType = EncodingType.Default 
};

Check password (When GeneratePerPasswordSalt is false)

//Combine the user object and HashConfig object (When GeneratePerPasswordSalt is false)
//Create method to check password
public void ValidatePassword()
{
  var userObject = new User
  {
   EmailId = "test@gmail.com",
   Password = "Test#11"
  };
  var hashConfig = new HashingConfig
  {
    GeneratePerPasswordSalt = false,
    GlobalSalt = "SecureSalt",
    SaltedPasswordFormat = "#PasswordPlaceHolder#--#SaltPlaceHolder#",
    HashingAlgo = HashingAlgo.MD5,
    PasswordHashEncodingType = EncodingType.Default
  };
  var passwordHashing = new PasswordHashing(); // Create password hashing object
  var hash = passwordHashing.GetHash(userObject.Password, hashConfig); // GetHash for the password
  var match = passwordHashing.CheckPassword(hash, hashConfig, userObject.Password); //Check password
}

Contributing

Would love any contributions by you, including better documentation, tests or more robust functionality. Please follow the contributing guide

License

MIT

LoginRadius / csharp-password-hash