ASP.NET Core
A set of technologies in the .NET Framework for building web applications and XML web services.
4,816 questions
Microsoft Identity: Password Hash from Framework 4.8 to .NET 8
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 34%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Rassbach, Scott
5
Reputation points
I have a legacy application that I'm trying to update to .NET 8. Currently working on a locally hosted Identity solution.
Legacy App is an ASP.NET Webforms project done in .NET Framework 4.8.1, using the following packages:
Microsoft.AspNet.Identity.Core 2.2.4
Microsoft.AspNet.Identity.EntityFramework 2.2.4
Microsoft.AspNet.Identity.Owin 2.2.4
I've implemented an Authenitcation API service, using Microsoft Identity for .NET 8, using the following packages:
Microsoft.AspNetCore.Identity.EntityFramework 2.2.4
I've updated the database tables to work with AspNetCore, while leaving the passwords hashed as in the legacy version. I've tried to set the compatibility mode to the older version of the password hasher using:
builder.Services.Configure<PasswordHasherOptions>(options =>
options.CompatibilityMode = PasswordHasherCompatibilityMode.IdentityV2
);
So far, I've had no luck using the Identity Framework to log in. I'm using a standard SignInManager. All I get is a 'failed.
I'm getting a bit beyond my cryptographic knowledge, so I'm looking for assistance to solve this issue. Thanks.
ASP.NET Core
{count} vote
-
SurferOnWww 4,396 Reputation points2023-12-16T01:13:24.39+00:00 Can the following document provide you with the information to solve your issue?
-
Rassbach, Scott 5 Reputation points
2023-12-18T15:19:04.94+00:00 I've been following that document, and it hasn't helped so far. Anything specific I should pay attention to?
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Anonymous2023-12-22T07:35:11.76+00:00 Actually, using the asp.net identity hash inside the asp.net core is a big plan, you should modify a lot of codes, I suggest you could consider directly using the new hash for the user password, just migrate the old user email or else information to the new asp.net core identity database and write the logic to let the user set the password if the user doesn't contain the new password.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 28.000000000000004%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERM%3C/text%3E%3C/svg%3E)
Ria Manglani 0 Reputation points2024-02-01T15:05:00.66+00:00 I have the same problem, so is the solution that we should just ask all users to reset password to create a new hash? Is there no way to be able to use the old passwords?
Sign in to comment
Sign in to answer