Class LegacyPasswordSecurity
Handles password hashing and formatting for legacy hashing algorithms.
Inheritance
Namespace: Umbraco.Cms.Core.Security
Assembly: Umbraco.Core.dll
Syntax
public class LegacyPasswordSecurityRemarks
Should probably be internal.
Constructors
View SourceLegacyPasswordSecurity()
Declaration
public LegacyPasswordSecurity()Methods
View SourceGenerateSalt()
Generates a cryptographically secure random salt.
Declaration
public static string GenerateSalt()Returns
| Type | Description |
|---|---|
| string | A base64-encoded salt string. |
ParseStoredHashPassword(string, string, out string)
Parses out the hashed password and the salt from the stored password string value.
Declaration
public string ParseStoredHashPassword(string algorithm, string storedString, out string salt)Parameters
| Type | Name | Description |
|---|---|---|
| string | algorithm | The hashing algorithm for the stored password. |
| string | storedString | The stored password string containing salt and hash. |
| string | salt | Returns the extracted salt. |
Returns
| Type | Description |
|---|---|
| string | The hashed password portion of the stored string. |
SupportHashAlgorithm(string)
Determines whether the specified hash algorithm is supported.
Declaration
public bool SupportHashAlgorithm(string algorithm)Parameters
| Type | Name | Description |
|---|---|---|
| string | algorithm | The algorithm name to check. |
Returns
| Type | Description |
|---|---|
| bool |
|
VerifyLegacyHashedPassword(string, string)
Verifies a legacy hashed password that was created using HMACSHA1.
Declaration
public bool VerifyLegacyHashedPassword(string password, string dbPassword)Parameters
| Type | Name | Description |
|---|---|---|
| string | password | The password to verify. |
| string | dbPassword | The stored hashed password from the database. |
Returns
| Type | Description |
|---|---|
| bool |
|
VerifyPassword(string, string, string)
Verifies if the password matches the expected hash+salt of the stored password string.
Declaration
public bool VerifyPassword(string algorithm, string password, string dbPassword)Parameters
| Type | Name | Description |
|---|---|---|
| string | algorithm | The hashing algorithm for the stored password. |
| string | password | The password to verify. |
| string | dbPassword | The value of the password stored in a data store. |
Returns
| Type | Description |
|---|---|
| bool |
|