In this article, we are going to learn how to secure passwords with BCrypt.NET to ensure we are up to the industry standards when it comes to security in our .NET environment.
Let’s start.
Secure Password Storage
When storing passwords in a database, we must never store them in clear text. For that purpose, it is recommended to use techniques like hashing and salting to prevent passwords from being compromised in the event of a data breach.
What is BCrypt?
BCrypt is a popular password-hashing function based on the Blowfish cipher algorithm and was created originally for the OpenBSD operative system and presented in 1999. Consequently, OpenBSD and other Linux distributions use BCrypt as the default password hash algorithm.
BCrypt automatically generates random salts. Password salts make hashes unique and difficult to break by brute force. Additionally, BCrypt is an adaptable password-hashing function, meaning that it can generate hashes that are computationally more costly to calculate via its work factor parameter.
BCrypt is considered well-tested and stronger than other available hashing algorithms. Because of that, we can find BCrypt implementations in almost all major programming languages.
BCrypt Variants
Since its conception in 1999., its original authors updated the initial implementation BCrypt several times mainly to accommodate bug fixes. So, if we check the algorithm version in the generated hashes, we could find several different identifiers depending on the language, library, or version we use: $2$, $2a$, $2x$, $2y$, $2b$.
As long as we use an up-to-date version when using BCrypt.NET to secure passwords, we do not have to worry about different variants since all of them are fully compatible.
How to Use BCrypt.NET For Password Hashing
To use the BCrypt hashing function for the .NET framework we must include the BCrypt.Net-Next package in our project:
dotnet add package BCrypt.Net-Next
Once we add the package, we can generate a hash from a clear-text password using the HashPassword() static method in the BCrypt class:
var passwordHash = BCrypt.HashPassword("Password123!");
Moreover, verifying a hash is equally simple using the Verify() static method in the same class:
var result = BCrypt.Verify("Password123!", passwordHash);
Assert.True(result);
Increasing Computational Cost
We can create hashes more resilient to brute force by making the hash calculation purposedly slow so the many attempts attackers must perform to break a hash take as long as possible.
As computers become faster, a password-hashing function that used to be slow a few years ago, today may take very little time to compute.
BCrypt can adapt to the increase of available computational power by iterating over the input data several times. The more iterations the slower the calculation will be. We can control this with the workFactor parameter of the HashPassword() method:
var passwordHash = BCrypt.HashPassword("Password123!", workFactor: 13);
Here, we instruct BCrypt to apply the hashing function 2^13 times to the input string for a total of 8,192 iterations. In case we do not specify a work factor BCrypt uses a default value of 11.
Analyzing a BCrypt Hash
Whenever we use the HashPassword() method or one of its variants, BCrypt will generate a random salt and include it in the returned hash along with other data needed for the verification process.
This is what a BCrypt hash looks like. Essentially, it is a set of three values separated by a $ character:
$2a$13$gdtRuVYzDLFBUGnN1WxK/.1OFFoD7CbDZjRYGknrOwT9rus5AsqTu
2a stands for the BCrypt algorithm version used to generate the hash.
13 is the work factor.
gdtRuVYzDLFBUGnN1WxK/.1OFFoD7CbDZjRYGknrOwT9rus5AsqTu contains both the salt and the hashed input password concatenated and Base64 encoded. Both values have fixed lengths so they are easy to tell apart.
BCrypt.NET Enhanced Entropy Mode
Despite BCrypt being a fairly secure hashing function, the default BCrypt implementation truncates the input password to 72 bytes. This, potentially, reduces the brute-force attempts needed to break a hash.
To overcome this limitation, BCrypt.NET offers an enhanced entropy mode that pre-hashes the input password using SHA384. In this way, the input password turns into a fixed-length string that reflects all the variability of the original password regardless of its length.
Let’s use the enhanced entropy mode with EnhancedHashPassword() and EnhancedVerify() static methods instead of the basic HashPassword() and Verify():
var passwordHash = BCrypt.EnhancedHashPassword("Password123!");
var result = BCrypt.EnhancedVerify("Password123!", passwordHash);
Assert.True(result);
As mentioned, BCrypt uses SHA384 by default for the pre-hash step. However, there may be situations where we need to specify a different algorithm:
var passwordHash = BCrypt.EnhancedHashPassword("Password123!", HashType.SHA512);
var result = BCrypt.EnhancedVerify("Password123!", passwordHash, HashType.SHA512);
Conclusion
In this article, we’ve learned what is BCrypt and how it uses salts and configurable complexity to create secure password hashes, also, we’ve learned what BCrypt variants are.
We’ve learned how to use BCrypt.NET to secure passwords in our .NET projects and reviewed the anatomy of a BCrypt hash.
Finally, we learned how to make hashes even more secure using the enhanced entropy mode and increased computational cost.
Can anyone beat bcrypt
There are certainly other tools to secure passwords, but I can’t say whether those are better or not.