public static bool VerifyPasswordHash(User user, string password)
{
bool canAuthenticate = CryptographyService.ValidateSaltedHash(
user.HashedPassword,
password,
user.PasswordHashAlgorithm);
bool sanity = CryptographyService.ValidateSaltedHash(
user.HashedPassword,
"not_the_password",
user.PasswordHashAlgorithm);
return(canAuthenticate && !sanity);
}
public static bool VerifyPasswordHash(string hash, string algorithm, string password)
{
bool canAuthenticate = CryptographyService.ValidateSaltedHash(
hash,
password,
algorithm);
bool sanity = CryptographyService.ValidateSaltedHash(
hash,
"not_the_password",
algorithm);
return(canAuthenticate && !sanity);
}
