I am certainly sure i am doing something wrong here. Using .net implementation of

Question

0

Asked: May 26, 20262026-05-26T20:23:11+00:00 2026-05-26T20:23:11+00:00

I am certainly sure i am doing something wrong here. Using .net implementation of

0

I am certainly sure i am doing something wrong here. Using .net implementation of the algorithm i hash the password to store in database along with the salt used to hash. On validating the same password with the existing hash does not match.Here is my code

New Entry

byte[] SALT = GetRandomKey();
string password = Convert.ToBase64String((new Rfc2898DeriveBytes(txtPassword.Text, SALT)).GetBytes(20));
Session["test"] = password;
Session["salt"] = Convert.ToBase64String(SALT);

Validating

string HASHEDPASSWORD = Session["test"];
string SALT = Session["salt"];
string ouput = Convert.ToBase64String((new Rfc2898DeriveBytes(password, Encoding.Unicode.GetBytes(SALT))).GetBytes(20));
ltrResult.Text = HASHEDPASSWORD.Equals(ouput) ? "EQUAL" : "NOT EQUAL";

Get RandomKey method

byte[] GetRandomKey()
    {
        byte[] secretkey = new Byte[64];
        RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
        rng.GetBytes(secretkey);
        return secretkey;
    }

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-26T20:23:11+00:00

Editorial Team

2026-05-26T20:23:11+00:00Added an answer on May 26, 2026 at 8:23 pm

Or Convert.FromBase64String instead of Encoding.Unicode.GetBytes.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am certainly sure i am doing something wrong here. Using .net implementation of

New Entry

Validating

Get RandomKey method

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply