public void GenerateHashAndSalt_ThenCheckingOtherPassword_ReturnsFalse() { // Arrange var iterationCount = 10_000; var saltLength = 16; var keyLength = 64; var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512, IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength)); var rng = Substitute.For <ICryptoRng>(); rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]); var service = new PasswordService(parameters, rng); var password = PlaintextPassword.From("somePass"); var otherPass = PlaintextPassword.From("otherPass"); // Act var hash = service.GeneratePasswordHashAndSalt(password); var checkResult = service.CheckIfPasswordMatchesHash(otherPass, hash); // Assert Assert.IsFalse(checkResult); }