我使用的是SqlMembershipProvider,并将密码存储为哈希值。同时,我还在另一张表中保存了(哈希后的)密码历史记录。我想要比较用户尝试更改密码时输入的密码与他们旧密码的差异,并在太近的情况下抛出错误。但我似乎无法找到如何使用哈希函数来实现这一点。基本上我正在寻找这样一个方法:
public bool PasswordCompare(string plaintextPassword, string salt, string hashedPassword)
{
//where the salt and hashedPassword are pulled out of the aspnet_Membership table
//which are automatically generated by the provider
}
I hope this is clear, thank you.