public static void setPassword(DLL.Model.Users emp, string value) { // generate a 128-bit salt using a secure PRNG byte[] salt = new byte[128 / 8]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } // set salt emp.salt = Convert.ToBase64String(salt); emp.password = System.Text.Encoding.UTF8.GetString(getHash(value, emp.salt)); }
public static bool validate(DLL.Model.Users emp, string attemptedPassword) { string hashed = System.Text.Encoding.UTF8.GetString(getHash(attemptedPassword, emp.salt)); return(emp.password.Equals(hashed)); }