Forem: Stuart Greig The latest articles on Forem by Stuart Greig (@stuartgreig). https://forem.com/stuartgreig https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3806168%2F463318ef-4fd3-45dc-8ab5-244a1f2da851.jpg Forem: Stuart Greig https://forem.com/stuartgreig en Migrating Legacy Password Hashes Stuart Greig Tue, 10 Mar 2026 16:17:01 +0000 https://forem.com/stuartgreig/migrating-legacy-password-hashes-58jg https://forem.com/stuartgreig/migrating-legacy-password-hashes-58jg <h2> The Problem: Legacy Password Migration </h2> <p>When migrating an existing application to ASP.NET Core Identity, you often face a critical challenge: your users' passwords are hashed using a legacy algorithm that differs from Identity's default password hasher.</p> <p>You can't simply re-hash the passwords because:</p> <p>• You don't have access to the plaintext passwords (and shouldn't!)</p> <p>• Forcing all users to reset their passwords creates a poor user experience</p> <p>• Mass password resets can trigger security concerns among users</p> <h2> The Solution: A Fallback Password Hasher </h2> <p>The FallbackPasswordHasher provides an elegant solution by supporting both legacy and modern password hashing schemes simultaneously.</p> <p>How It Works</p> <p>The hasher follows a simple but powerful pattern:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">public</span> <span class="k">override</span> <span class="n">PasswordVerificationResult</span> <span class="nf">VerifyHashedPassword</span><span class="p">(</span> <span class="n">TUser</span> <span class="n">user</span><span class="p">,</span> <span class="kt">string</span> <span class="n">hashedPassword</span><span class="p">,</span> <span class="kt">string</span> <span class="n">providedPassword</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// 1. Try to detect legacy format (pipe-delimited: hash|?|salt)</span> <span class="kt">string</span><span class="p">[]</span> <span class="n">passwordProperties</span> <span class="p">=</span> <span class="n">hashedPassword</span><span class="p">.</span><span class="nf">Split</span><span class="p">(</span><span class="sc">'|'</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">passwordProperties</span><span class="p">.</span><span class="n">Length</span> <span class="p">!=</span> <span class="m">3</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Modern format - use standard ASP.NET Core Identity hashing</span> <span class="k">return</span> <span class="k">base</span><span class="p">.</span><span class="nf">VerifyHashedPassword</span><span class="p">(</span><span class="n">user</span><span class="p">,</span> <span class="n">hashedPassword</span><span class="p">,</span> <span class="n">providedPassword</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// 2. Legacy format detected - verify using old algorithm</span> <span class="kt">string</span> <span class="n">passwordHash</span> <span class="p">=</span> <span class="n">passwordProperties</span><span class="p">[</span><span class="m">0</span><span class="p">];</span> <span class="kt">string</span> <span class="n">salt</span> <span class="p">=</span> <span class="n">passwordProperties</span><span class="p">[</span><span class="m">2</span><span class="p">];</span> <span class="k">if</span> <span class="p">(</span><span class="n">String</span><span class="p">.</span><span class="nf">Equals</span><span class="p">(</span><span class="nf">EncryptPassword</span><span class="p">(</span><span class="n">providedPassword</span><span class="p">,</span> <span class="n">salt</span><span class="p">),</span> <span class="n">passwordHash</span><span class="p">,</span> <span class="n">StringComparison</span><span class="p">.</span><span class="n">CurrentCultureIgnoreCase</span><span class="p">))</span> <span class="p">{</span> <span class="c1">// Success! Signal that password should be rehashed</span> <span class="k">return</span> <span class="n">PasswordVerificationResult</span><span class="p">.</span><span class="n">SuccessRehashNeeded</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="n">PasswordVerificationResult</span><span class="p">.</span><span class="n">Failed</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <h2> The Magic: SuccessRehashNeeded </h2> <p>The key to seamless migration is returning PasswordVerificationResult.SuccessRehashNeeded. This tells ASP.NET Core Identity:</p> <p>• The password is correct - let the user in<br> • The password needs to be rehashed using the modern algorithm<br> • Save the new hash on the next password update</p> <p>This means users are automatically migrated from legacy to modern hashing without any action required on their part.</p> <h2> Understanding the Legacy Algorithm </h2> <p>Many older ASP.NET systems used HMACSHA512 with custom salt handling. The EncryptPassword(string, string) method reconstructs this legacy process:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">private</span> <span class="kt">string</span> <span class="nf">EncryptPassword</span><span class="p">(</span><span class="kt">string</span> <span class="n">pass</span><span class="p">,</span> <span class="kt">string</span> <span class="n">salt</span><span class="p">)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">bPassword</span> <span class="p">=</span> <span class="n">Encoding</span><span class="p">.</span><span class="n">Unicode</span><span class="p">.</span><span class="nf">GetBytes</span><span class="p">(</span><span class="n">pass</span><span class="p">);</span> <span class="kt">var</span> <span class="n">bSalt</span> <span class="p">=</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">FromBase64String</span><span class="p">(</span><span class="n">salt</span><span class="p">);</span> <span class="k">using</span> <span class="nn">var</span> <span class="n">hashAlgorithm</span> <span class="p">=</span> <span class="n">HashAlgorithm</span><span class="p">.</span><span class="nf">Create</span><span class="p">(</span><span class="s">"HMACSHA512"</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="n">hashAlgorithm</span> <span class="k">is</span> <span class="n">KeyedHashAlgorithm</span> <span class="n">keyedHashAlgorithm</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// Adjust the key to match the salt length</span> <span class="n">keyedHashAlgorithm</span><span class="p">.</span><span class="n">Key</span> <span class="p">=</span> <span class="nf">AdjustKeyToSaltLength</span><span class="p">(</span><span class="n">bSalt</span><span class="p">,</span> <span class="n">keyedHashAlgorithm</span><span class="p">.</span><span class="n">Key</span><span class="p">.</span><span class="n">Length</span><span class="p">);</span> <span class="n">hash</span> <span class="p">=</span> <span class="n">keyedHashAlgorithm</span><span class="p">.</span><span class="nf">ComputeHash</span><span class="p">(</span><span class="n">bPassword</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="n">Convert</span><span class="p">.</span><span class="nf">ToBase64String</span><span class="p">(</span><span class="n">hash</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>EncryptPassword</p> <h2> The Key Adjustment Challenge </h2> <p>One subtle complexity is that HMACSHA512 has a fixed key length (128 bytes), but legacy salts might be any length. The AdjustKeyToSaltLength(byte[], int) method handles three scenarios:</p> <p>• Exact match: Use the salt as-is<br> • Salt too long: Truncate to the required length<br> • Salt too short: Repeat the salt until it fills the key<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight csharp"><code><span class="k">private</span> <span class="k">static</span> <span class="kt">byte</span><span class="p">[]</span> <span class="nf">AdjustKeyToSaltLength</span><span class="p">(</span><span class="kt">byte</span><span class="p">[]</span> <span class="n">salt</span><span class="p">,</span> <span class="kt">int</span> <span class="n">requiredKeyLength</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="n">salt</span><span class="p">.</span><span class="n">Length</span> <span class="p">==</span> <span class="n">requiredKeyLength</span><span class="p">)</span> <span class="k">return</span> <span class="n">salt</span><span class="p">;</span> <span class="kt">var</span> <span class="n">adjustedKey</span> <span class="p">=</span> <span class="k">new</span> <span class="kt">byte</span><span class="p">[</span><span class="n">requiredKeyLength</span><span class="p">];</span> <span class="k">if</span> <span class="p">(</span><span class="n">requiredKeyLength</span> <span class="p">&lt;</span> <span class="n">salt</span><span class="p">.</span><span class="n">Length</span><span class="p">)</span> <span class="p">{</span> <span class="n">Buffer</span><span class="p">.</span><span class="nf">BlockCopy</span><span class="p">(</span><span class="n">salt</span><span class="p">,</span> <span class="m">0</span><span class="p">,</span> <span class="n">adjustedKey</span><span class="p">,</span> <span class="m">0</span><span class="p">,</span> <span class="n">requiredKeyLength</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="c1">// Repeat salt to fill the required key length</span> <span class="k">for</span> <span class="p">(</span><span class="kt">var</span> <span class="n">i</span> <span class="p">=</span> <span class="m">0</span><span class="p">;</span> <span class="n">i</span> <span class="p">&lt;</span> <span class="n">requiredKeyLength</span><span class="p">;)</span> <span class="p">{</span> <span class="kt">var</span> <span class="n">len</span> <span class="p">=</span> <span class="n">Math</span><span class="p">.</span><span class="nf">Min</span><span class="p">(</span><span class="n">salt</span><span class="p">.</span><span class="n">Length</span><span class="p">,</span> <span class="n">requiredKeyLength</span> <span class="p">-</span> <span class="n">i</span><span class="p">);</span> <span class="n">Buffer</span><span class="p">.</span><span class="nf">BlockCopy</span><span class="p">(</span><span class="n">salt</span><span class="p">,</span> <span class="m">0</span><span class="p">,</span> <span class="n">adjustedKey</span><span class="p">,</span> <span class="n">i</span><span class="p">,</span> <span class="n">len</span><span class="p">);</span> <span class="n">i</span> <span class="p">+=</span> <span class="n">len</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="k">return</span> <span class="n">adjustedKey</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>AdjustKeyToSaltLength</p> <h2> Implementation Benefits </h2> <h3> Zero Downtime Migration </h3> <p>Users continue logging in normally during and after the migration. No maintenance windows required.</p> <h3> Gradual Security Improvement </h3> <p>As users log in, they're automatically upgraded to the more secure ASP.NET Core Identity password hashing algorithm (PBKDF2 with HMAC-SHA256 by default).</p> <h3> Backward Compatibility </h3> <p>The system continues to support legacy hashes indefinitely for users who don't log in frequently.</p> <h3> Fail-Safe Design </h3> <p>If the legacy format isn't detected, the hasher falls back to the standard Identity implementation, maintaining forward compatibility.</p> <h2> When Should You Use This Pattern? </h2> <p>• Consider implementing a fallback password hasher when:<br> • Migrating from legacy .NET Framework applications to .NET Core<br> • Adopting ASP.NET Core Identity in an existing system</p> <h2> Security Considerations </h2> <p>While this pattern is practical, keep in mind:</p> <p>• Legacy algorithms may be weaker than modern standards. Monitor and eventually deprecate support for the legacy format.<br> • Document the migration timeline. Consider forcing password resets for users who haven't logged in after a reasonable period (e.g., 6-12 months).<br> • The modern Identity hasher uses PBKDF2 with adaptive iteration counts, making it much more resistant to brute-force attacks.</p> <h2> Conclusion </h2> <p>The Fallback Password Hasher pattern demonstrates how thoughtful software design can bridge the gap between legacy systems and modern security practices. By supporting both old and new hashing schemes simultaneously, you can migrate users seamlessly while improving security over time.</p> <p>This approach respects your users' experience while maintaining the highest</p> dotnet cshar