public string GetPassword(Credential request) { var encryptionKey = GetEncryptionKey(); string stringPassword = request.PasswordSecret; if (String.IsNullOrEmpty(stringPassword)) { return(""); } if (!CredentialsEncrypter.IsBase64(request.PasswordSecret))//if encryption is not in base64 { //encrypt existing password request.HashSalt = CredentialHasher.CreateSalt(32); //create 32 byte salt //generate hash request.PasswordHash = CredentialHasher.GenerateSaltedHash(request.PasswordSecret, request.HashSalt); //encrypt the provided password request.PasswordSecret = CredentialsEncrypter.Encrypt(request.PasswordSecret, encryptionKey); _repo.Update(request); return(stringPassword); } return(CredentialsEncrypter.Decrypt(request.PasswordSecret, encryptionKey)); }