Essentially all you need to focus on to use this library is the PBKDF2Helper class. This class contains the interface methods to interact with the library the easiest way.  Here is the simplest example on how to use this library.

On the Server:


// Generate a hash to store in the server database
var hash = PBKDF2Helper.CreatePackedHash("SomeSecurePassword123");


On the Client:


// Get the packed hash from the db
var dbHash = GetDBHashForUser("someuser");

// Check if the supplied password is valid
PBKDF2Helper.Validate(dbHash, userSuppliedPassword);


This is all that is required to use the library. There are overloads for the helper functions that allow you to customize how the hash is generated (more security, faster hashing, etc...) but these defaults are set up to use what today would be considered an appropriate level of security for password storage.

The default parameters are the following:

  • Iterations = 4096 + rand(0, 1024)
  • Salt Length = 32 bytes + rand(0, 32) bytes
  • Key Length = 32 bytes + rand(0, 32) bytes

Last edited Jan 18, 2013 at 6:31 PM by patsissons, version 2


No comments yet.