Curious if anyone has been able to successfully import hashed passwords from an ASP.NET Identity based solution.
Everything I am seeing indicates that I should be able to do this but so far I haven’t had any luck.
The default hashing algorithm is implemented with PDKDF2 & HMAC-SHA1 (1000 iterations)[Reference]
This hashing scheme appears to be supported in the documentation Bulk Import #PBKDF2 and the import job does successfully complete but when I attempt to log in with the imported user’s password I get a message indicating that I need to reset the password.
I am aware that the ASP.NET PasswordHasher is pre-pending a single byte to the hash that is stored in the database that indicates the algorithm version and I am removing that before passing in the hash.
Here is an example of what I am sending in w/ the actual hash removed.
[
{
“email”: “example@example.com”,
“email_verified”: false,
“custom_password_hash”: {
“algorithm”: “pbkdf2”,
“hash”: {
“value”: “$pbkdf2-sha1$i=1000,l=64${realHashRemoved}”,
“encoding”: “utf8”
}
}
}
]
Any help would be appreciated. Thanks!