You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Cofoundry currently supports upgradeable password hashing algorithms, which is a system put in place prior to migrating to .NET Core. Now that .NET Core Identity also supports upgradeable and improved algorithms we should move to use their IPasswordHasher implementation so we can keep parity with the Identity system and defer security decisions to their experts. This will also improve any migration of user accounts to and from Cofoundry.
Current algorithm used by Cofoundry: PBKDF2 with HMAC-SHA1, 192-bit salt, 64000 iterations
Current alorithm used by Identity: PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations
The text was updated successfully, but these errors were encountered:
Cofoundry currently supports upgradeable password hashing algorithms, which is a system put in place prior to migrating to .NET Core. Now that .NET Core Identity also supports upgradeable and improved algorithms we should move to use their IPasswordHasher implementation so we can keep parity with the Identity system and defer security decisions to their experts. This will also improve any migration of user accounts to and from Cofoundry.
Current algorithm used by Cofoundry: PBKDF2 with HMAC-SHA1, 192-bit salt, 64000 iterations
Current alorithm used by Identity: PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations
The text was updated successfully, but these errors were encountered: