BCryptHelper.CheckPassword always returns false

Question

BCryptHelper.CheckPassword always returns false

I use password hashing using BCrypt, which should be fairly easy to use. However, when the password is verified against a hashed password, using

BCryptHelper.CheckPassword(Password, hashedDBPassword)

it always returns false.

Here is my hash class:

 public static class BCryptHasher { public static string EncryptPassword(string password) { var passwordToHash = password; var hashedPassword = BCryptHelper.HashPassword(passwordToHash, BCryptHelper.GenerateSalt(6)); return hashedPassword; } public static bool CheckPasswordMatch(string userPassword, string hashedDBPassword) { return BCryptHelper.CheckPassword(userPassword, hashedDBPassword); } }

I debugged password validation and hashedPassword. There are not many other cases of this problem, so there must be something that I am doing wrong.

Here I found the same question: ASP.NET MVC 3 application , BCrypt.CheckPassword failed , but no solution found yet.

Perhaps there are other and better hashing solutions?

thanks

+1

bcrypt asp.net-mvc-4 string-hashing

user3493049 Apr 3 '14 at 9:39

source share

1 answer

Davor Zlotrg · Accepted Answer · 2014-04-03T10:15:16+0000

Perhaps the problem is not hashing, but maybe the way you store the password in the database and extract its afterwords or something like that.

The first step I would like to take is to write a unit test to test the functionality of this class

 [TestClass] public class BCryptHasherTest { [TestMethod] public void check_hashing_works_for_valid_password() { string password = "myDummyPassword!"; string hashedPassword = BCryptHasher.EncryptPassword(password); var passwordsMatch = BCryptHasher.CheckPasswordMatch(password, hashedPassword); Assert.IsTrue(passwordsMatch); } }

If this goes away, the problem is somewhere else in your code, so you can continue and check other things until you find the problem.

BCryptHelper.CheckPassword always returns false

More articles: