using System.Security.Cryptography;
public static void Main()
string password = string.Empty;
Console.WriteLine("Write Password: \n");
password = Console.ReadLine();
string hash = GeneratePasswordHash(password);
Console.WriteLine("\n\n PasswordHash: " + hash);
bool isHash = ConfirmPasswordHash("Pass1234", "TXEBwrGaHoG/T731TN3X0OuykJ7jNuNiu56PCPjPcnznMeDA");
Console.Write("Is Hash " + isHash);
private static string GeneratePasswordHash(string password)
string passwordHash = string.Empty;
using (RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider())
rngCsp.GetBytes(salt = new byte[16]);
using (Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000))
hash = pbkdf2.GetBytes(20);
byte[] hashBytes = new byte[36];
Array.Copy(salt, 0, hashBytes, 0, 16);
Array.Copy(hash, 0, hashBytes, 16, 20);
passwordHash = Convert.ToBase64String(hashBytes);
private static bool ConfirmPasswordHash(string loginPassword, string userPasswordHash)
byte[] hashBytes = Convert.FromBase64String(userPasswordHash);
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
using (Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(loginPassword, salt, 10000))
hash = pbkdf2.GetBytes(20);
for (int i = 0; i < 20; i++)
if (hashBytes[i + 16] != hash[i])