What is a good password hashing algorithm to use from C#, if later on

Question

0

Asked: May 16, 20262026-05-16T01:28:59+00:00 2026-05-16T01:28:59+00:00

What is a good password hashing algorithm to use from C#, if later on

0

What is a good password hashing algorithm to use from C#, if later on you may know that there are going to be Java and Ruby programs that may also need to ‘login’/authenticate a user. Anything out of the box in .NET that translates well to other languages and is easy to use.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-16T01:29:00+00:00

The strongest cryptographic hash algorithm which NSA/NIST has standardized on is SHA-512.

Be sure to use a per-password random salt (a 128-bit salt generated by a cryptographically strong random number generator is good). Or, even better, be sure to use a per-password random key (again generated by a cryptorandom), and use HMAC-SHA-512. Be sure to use multiple iterations – 4096 and 65,536 are good round numbers (2^12 and 2^16).

let h = get_hash_hunction("SHA-512")
let k = get_key_for_user("Justice")
let hmac = get_hmac(h, k)
let test = get_bytes("utf-8", http_request_params["password"])
for(i in 0 .. (2^16 - 1))
    let test = run_hmac(hmac, test)
return test == get_hashed_password_for_user("Justice")

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

What is a good password hashing algorithm to use from C#, if later on

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply