private bool isValidPassword(string username, string password)
        {
            UserBE user    = getUserFromDB(username);
            bool   isValid = false;

            if (!string.IsNullOrEmpty(user.user))
            {
                byte[] hashedPassword = Cryptographic.HashPasswordWithSalt(Encoding.UTF8.GetBytes(password), user.salt);

                if (hashedPassword.SequenceEqual(user.pass))
                {
                    isValid = true;
                }
            }

            return(isValid);
        }
        private bool saveUser(string user, string password)
        {
            bool isSaved = false;

            byte[] salt           = Cryptographic.GenerateSalt();
            var    hashedPassword = Cryptographic.HashPasswordWithSalt(Encoding.UTF8.GetBytes(password), salt);

            var connectionString = ConfigurationManager.ConnectionStrings["DemoCredentials"].ConnectionString;

            using (SqlConnection connection = new SqlConnection(connectionString))
            {
                string saveUser = "******";

                using (SqlCommand command = new SqlCommand())
                {
                    command.Connection  = connection;
                    command.CommandType = CommandType.Text;
                    command.CommandText = saveUser;
                    command.Parameters.Add("@username", SqlDbType.VarChar, 50).Value = user;
                    command.Parameters.Add("@salt", SqlDbType.VarBinary).Value       = salt;
                    command.Parameters.Add("@pass", SqlDbType.VarBinary).Value       = hashedPassword;

                    try
                    {
                        connection.Open();
                        int recordsAffected = command.ExecuteNonQuery();
                        if (recordsAffected > 0)
                        {
                            isSaved = true;
                        }
                    }
                    catch (SqlException ex)
                    {
                        lblResultado.Text = ex.Message;
                    }
                    finally
                    {
                        connection.Close();
                    }
                }
            }

            return(isSaved);
        }