jeśli chodzi o haszowanie to ja mam to tak ogarnięte:
private static string CreateSalt(int size)
{
var rng = new RNGCryptoServiceProvider();
var buff = new byte[size];
rng.GetBytes(buff);
return Convert.ToBase64String(buff);
}
private string HashPassword(string pass)
{
HashAlgorithm hashalg = new SHA256CryptoServiceProvider();
byte[] bytValue = System.Text.Encoding.UTF8.GetBytes(pass);
byte[] bytHash = hashalg.ComputeHash(bytValue);
return Convert.ToBase64String(bytHash);
}
i potem:
var rnd = new Random();
user.Salt = CreateSalt(rnd.Next(1000));
user.Password = this.HashPassword(model.Password + user.Salt);