Does asp.net identity 2.0 hash passwords differently than 1.0?
-
21-12-2019 - |
Question
I just updated my app from asp.net identity 1.0 to 2.0 to take advantage of the email confirmation, two-factor auth, etc...
However, user's cannot log in now. It seems await UserManager.FindAsync(model.UserName, model.Password);
doesn't find existing users who signed up on identity 1.0... but user's who signed up during identity 2.0 work fine.
Solution
Hashing is exactly the same.
Identity 2.0 UserManager.FindAsync(UserName, Password)
can return null for users registered with Identity 1.0.
There are some new fields in the AspNetUsers
table which are manadatory - NOT NULL.
Most possible reason is the AccessFailedCount
field. If it is null, you don't see any exceptions, only null user.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow