How to hash password in .NET

Рет қаралды 14,136

Remigiusz Zalewski

Күн бұрын

Пікірлер: 38

@TuCominek Жыл бұрын

Keep good work Remik thanks for the video❤

@remigiuszzalewski Жыл бұрын

Thanks for the feedback ❤

@samuelbaron6741 Жыл бұрын

It's perfect this video!!! Could you make a video on folder structures? That's would be a great help to me and others, your code is very clean!

@dingusdingus9899 Жыл бұрын

i agree

@NoNameBack810 Жыл бұрын

Nice explanation, Thank you.

@the-boss-98 3 ай бұрын

thanks for the video

@remigiuszzalewski 3 ай бұрын

Glad you enjoyed it 😁

@lighr6886 10 ай бұрын

That was a really great video, by any change there is a video where you created that whole dependency injection container

@remigiuszzalewski 10 ай бұрын

Thanks for the feedback 😁 You can check out how I built .NET 8 Web API with similar separation of dependencies in layers: kzbin.info/www/bejne/nWTMpGathrBqZrM

@BlackSkorpion123 Жыл бұрын

Why did you fill in the value of the Password Hasher fields in this form: "128/8"?

@remigiuszzalewski Жыл бұрын

It’s actually 16. I wanted to show that it came from 128 bits / 8 = 16 bytes of the SaltSize (which is recommended) ☺️

@frimen310 8 ай бұрын

Very useful. Thanks! :)

@remigiuszzalewski 8 ай бұрын

You’re welcome! 😁

@Tamer_Ali 2 жыл бұрын

Thanks a lot for that useful video 👍. Could your create a video tutorial of how to Encrypt and Decrypt data or QueryString value without using IDataProtector? Because IDataProtector has a limited life time and also because url coding cause decrypting issue with encrypted querystring value

@remigiuszzalewski 2 жыл бұрын

Thanks 😊 I was thinking about that topic for one of my future videos. Sooner or later it will be covered for sure!

@binojdaniel7 Жыл бұрын

What does your jwtGenerator do? can you share info about that?

@remigiuszzalewski Жыл бұрын

Hi Daniel, jwtGenerator is creating a JSON Web token (JWT) after the successful login in order to return it to the client. In that manner he will be authenticated based on that token when calling an endpoint that is marked as [Authorize] in our API

@binojdaniel7 Жыл бұрын

@@remigiuszzalewski Can you go over the JWT and authorization code too in a video?

@SocialExde Жыл бұрын

Great Video, thanks. Can you tell me, which column type your HashedPassword-Column in users-table has?

@remigiuszzalewski Жыл бұрын

Thanks Deepert 😁. In my case it is normal varchar that was converted from the string type in c#

@rs.wright Жыл бұрын

While trying to verify my hashed password against the plaintext password, I was getting an error that the hashed password contained a malformed base64 string. Took me an hour or so to realize that I set up the password column in the db to only accept 50 characters... Hope someone else can learn from this one. 😅

@robgreene3956 2 жыл бұрын

In the past, I have used a subset of the user email as part of the password. I did not need a separator between the salted part and the hashed password. In your opinion, how would my method compare to yours?

@remigiuszzalewski 2 жыл бұрын

I think that it does not matter. If you were able to normally retreive plain password after storing it that way then it is totally fine!

@marcmcconnell 2 жыл бұрын

@@remigiuszzalewski Except when the user needs to change their email address you will then need to rehash the password. That might be okay but it does mean the encrypted password will change whenever the email does.