After upgrading to .Net 4.5, I am now getting the warning that "System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile is obsolete" and the suggestion is to use the membership APIs instead.
This is all very well and good for new projects, but at this stage (with user data and hashed passwords existing), I can't very well change to a custom membership provider with potentially different ways of hashing.
Whats the recommended way forward for issues like this? Continuing to use "obsolete" calls is obviously not the suggested path, so has it been replaced by something else other than "just use the membership APIs"?
This is a solution for SHA1 variant.
public static string GetSwcSHA1(string value)
{
SHA1 algorithm = SHA1.Create();
byte[] data = algorithm.ComputeHash(Encoding.UTF8.GetBytes(value));
string sh1 = "";
for (int i = 0; i < data.Length; i++)
{
sh1 += data[i].ToString("x2").ToUpperInvariant();
}
return sh1;
}
For MD5 you only need to change the algorithm to:
MD5 algorithm = MD5.Create();
Hope you don't mind, just going to add a VB.NET variant of your code above:
Public Shared Function CreateHash(saltAndPassword) As String
Dim Algorithm As SHA1 = SHA1.Create()
Dim Data As Byte() = Algorithm.ComputeHash(Encoding.UTF8.GetBytes(saltAndPassword))
Dim Hashed As String = ""
For i As Integer = 0 To Data.Length - 1
Hashed &= Data(i).ToString("x2").ToUpperInvariant()
Next
Return Hashed
End Function