private static string GenerateSaltValue()
{
    UnicodeEncoding utf16 = new UnicodeEncoding();
 
    if (utf16 != null)
    {
        // Create a random number object seeded from the value
        // of the last random seed value. This is done
        // interlocked because it is a static value and we want
        // it to roll forward safely.
 
        Random random = new Random(unchecked((int)DateTime.Now.Ticks));
 
        if (random != null)
        {
            // Create an array of random values.
 
            byte[] saltValue = new byte[SaltValueSize];
 
            random.NextBytes(saltValue);
 
            // Convert the salt value to a string. Note that the resulting string
            // will still be an array of binary values and not a printable string. 
            // Also it does not convert each byte to a double byte.
 
            string saltValueString = utf16.GetString(saltValue);
 
            // Return the salt value as a string.
 
            return saltValueString;
        }
    }
 
    return null;
}
 
private static string HashPassword(string clearData, string saltValue, HashAlgorithm hash)
{
    UnicodeEncoding encoding = new UnicodeEncoding();
 
    if (clearData != null && hash != null && encoding != null)
    {
        // If the salt string is null or the length is invalid then
        // create a new valid salt value.
 
        if (saltValue == null)
        {
            // Generate a salt string.
            saltValue = GenerateSaltValue();
        }
 
        // Convert the salt string and the password string to a single
        // array of bytes. Note that the password string is Unicode and
        // therefore may or may not have a zero in every other byte.
 
        byte[] binarySaltValue = new byte[SaltValueSize];
 
        binarySaltValue[0] = byte.Parse(saltValue.Substring(0, 2), System.Globalization.NumberStyles.HexNumber, CultureInfo.InvariantCulture.NumberFormat);
        binarySaltValue[1] = byte.Parse(saltValue.Substring(2, 2), System.Globalization.NumberStyles.HexNumber, CultureInfo.InvariantCulture.NumberFormat);
        binarySaltValue[2] = byte.Parse(saltValue.Substring(4, 2), System.Globalization.NumberStyles.HexNumber, CultureInfo.InvariantCulture.NumberFormat);
        binarySaltValue[3] = byte.Parse(saltValue.Substring(6, 2), System.Globalization.NumberStyles.HexNumber, CultureInfo.InvariantCulture.NumberFormat);
 
        byte[] valueToHash = new byte[SaltValueSize + encoding.GetByteCount(clearData)];
        byte[] binaryPassword = encoding.GetBytes(clearData);
 
        // Copy the salt value and the password to the hash buffer.
 
        binarySaltValue.CopyTo(valueToHash, 0);
        binaryPassword.CopyTo(valueToHash, SaltValueSize);
 
        byte[] hashValue = hash.ComputeHash(valueToHash);
 
        // The hashed password is the salt plus the hash value (as a string).
 
        string hashedPassword = saltValue;
 
        foreach (byte hexdigit in hashValue)
        {
            hashedPassword += hexdigit.ToString("X2", CultureInfo.InvariantCulture.NumberFormat);
        }
 
        // Return the hashed password as a string.
 
        return hashedPassword;
    }
 
    return null;
}

cHJpdmF0ZSBzdGF0aWMgc3RyaW5nIEdlbmVyYXRlU2FsdFZhbHVlKCkKewogICAgVW5pY29kZUVuY29kaW5nIHV0ZjE2ID0gbmV3IFVuaWNvZGVFbmNvZGluZygpOwoKICAgIGlmICh1dGYxNiAhPSBudWxsKQogICAgewogICAgICAgIC8vIENyZWF0ZSBhIHJhbmRvbSBudW1iZXIgb2JqZWN0IHNlZWRlZCBmcm9tIHRoZSB2YWx1ZQogICAgICAgIC8vIG9mIHRoZSBsYXN0IHJhbmRvbSBzZWVkIHZhbHVlLiBUaGlzIGlzIGRvbmUKICAgICAgICAvLyBpbnRlcmxvY2tlZCBiZWNhdXNlIGl0IGlzIGEgc3RhdGljIHZhbHVlIGFuZCB3ZSB3YW50CiAgICAgICAgLy8gaXQgdG8gcm9sbCBmb3J3YXJkIHNhZmVseS4KCiAgICAgICAgUmFuZG9tIHJhbmRvbSA9IG5ldyBSYW5kb20odW5jaGVja2VkKChpbnQpRGF0ZVRpbWUuTm93LlRpY2tzKSk7CgogICAgICAgIGlmIChyYW5kb20gIT0gbnVsbCkKICAgICAgICB7CiAgICAgICAgICAgIC8vIENyZWF0ZSBhbiBhcnJheSBvZiByYW5kb20gdmFsdWVzLgoKICAgICAgICAgICAgYnl0ZVtdIHNhbHRWYWx1ZSA9IG5ldyBieXRlW1NhbHRWYWx1ZVNpemVdOwoKICAgICAgICAgICAgcmFuZG9tLk5leHRCeXRlcyhzYWx0VmFsdWUpOwoKICAgICAgICAgICAgLy8gQ29udmVydCB0aGUgc2FsdCB2YWx1ZSB0byBhIHN0cmluZy4gTm90ZSB0aGF0IHRoZSByZXN1bHRpbmcgc3RyaW5nCiAgICAgICAgICAgIC8vIHdpbGwgc3RpbGwgYmUgYW4gYXJyYXkgb2YgYmluYXJ5IHZhbHVlcyBhbmQgbm90IGEgcHJpbnRhYmxlIHN0cmluZy4gCiAgICAgICAgICAgIC8vIEFsc28gaXQgZG9lcyBub3QgY29udmVydCBlYWNoIGJ5dGUgdG8gYSBkb3VibGUgYnl0ZS4KCiAgICAgICAgICAgIHN0cmluZyBzYWx0VmFsdWVTdHJpbmcgPSB1dGYxNi5HZXRTdHJpbmcoc2FsdFZhbHVlKTsKCiAgICAgICAgICAgIC8vIFJldHVybiB0aGUgc2FsdCB2YWx1ZSBhcyBhIHN0cmluZy4KCiAgICAgICAgICAgIHJldHVybiBzYWx0VmFsdWVTdHJpbmc7CiAgICAgICAgfQogICAgfQoKICAgIHJldHVybiBudWxsOwp9Cgpwcml2YXRlIHN0YXRpYyBzdHJpbmcgSGFzaFBhc3N3b3JkKHN0cmluZyBjbGVhckRhdGEsIHN0cmluZyBzYWx0VmFsdWUsIEhhc2hBbGdvcml0aG0gaGFzaCkKewogICAgVW5pY29kZUVuY29kaW5nIGVuY29kaW5nID0gbmV3IFVuaWNvZGVFbmNvZGluZygpOwoKICAgIGlmIChjbGVhckRhdGEgIT0gbnVsbCAmJiBoYXNoICE9IG51bGwgJiYgZW5jb2RpbmcgIT0gbnVsbCkKICAgIHsKICAgICAgICAvLyBJZiB0aGUgc2FsdCBzdHJpbmcgaXMgbnVsbCBvciB0aGUgbGVuZ3RoIGlzIGludmFsaWQgdGhlbgogICAgICAgIC8vIGNyZWF0ZSBhIG5ldyB2YWxpZCBzYWx0IHZhbHVlLgoKICAgICAgICBpZiAoc2FsdFZhbHVlID09IG51bGwpCiAgICAgICAgewogICAgICAgICAgICAvLyBHZW5lcmF0ZSBhIHNhbHQgc3RyaW5nLgogICAgICAgICAgICBzYWx0VmFsdWUgPSBHZW5lcmF0ZVNhbHRWYWx1ZSgpOwogICAgICAgIH0KCiAgICAgICAgLy8gQ29udmVydCB0aGUgc2FsdCBzdHJpbmcgYW5kIHRoZSBwYXNzd29yZCBzdHJpbmcgdG8gYSBzaW5nbGUKICAgICAgICAvLyBhcnJheSBvZiBieXRlcy4gTm90ZSB0aGF0IHRoZSBwYXNzd29yZCBzdHJpbmcgaXMgVW5pY29kZSBhbmQKICAgICAgICAvLyB0aGVyZWZvcmUgbWF5IG9yIG1heSBub3QgaGF2ZSBhIHplcm8gaW4gZXZlcnkgb3RoZXIgYnl0ZS4KCiAgICAgICAgYnl0ZVtdIGJpbmFyeVNhbHRWYWx1ZSA9IG5ldyBieXRlW1NhbHRWYWx1ZVNpemVdOwoKICAgICAgICBiaW5hcnlTYWx0VmFsdWVbMF0gPSBieXRlLlBhcnNlKHNhbHRWYWx1ZS5TdWJzdHJpbmcoMCwgMiksIFN5c3RlbS5HbG9iYWxpemF0aW9uLk51bWJlclN0eWxlcy5IZXhOdW1iZXIsIEN1bHR1cmVJbmZvLkludmFyaWFudEN1bHR1cmUuTnVtYmVyRm9ybWF0KTsKICAgICAgICBiaW5hcnlTYWx0VmFsdWVbMV0gPSBieXRlLlBhcnNlKHNhbHRWYWx1ZS5TdWJzdHJpbmcoMiwgMiksIFN5c3RlbS5HbG9iYWxpemF0aW9uLk51bWJlclN0eWxlcy5IZXhOdW1iZXIsIEN1bHR1cmVJbmZvLkludmFyaWFudEN1bHR1cmUuTnVtYmVyRm9ybWF0KTsKICAgICAgICBiaW5hcnlTYWx0VmFsdWVbMl0gPSBieXRlLlBhcnNlKHNhbHRWYWx1ZS5TdWJzdHJpbmcoNCwgMiksIFN5c3RlbS5HbG9iYWxpemF0aW9uLk51bWJlclN0eWxlcy5IZXhOdW1iZXIsIEN1bHR1cmVJbmZvLkludmFyaWFudEN1bHR1cmUuTnVtYmVyRm9ybWF0KTsKICAgICAgICBiaW5hcnlTYWx0VmFsdWVbM10gPSBieXRlLlBhcnNlKHNhbHRWYWx1ZS5TdWJzdHJpbmcoNiwgMiksIFN5c3RlbS5HbG9iYWxpemF0aW9uLk51bWJlclN0eWxlcy5IZXhOdW1iZXIsIEN1bHR1cmVJbmZvLkludmFyaWFudEN1bHR1cmUuTnVtYmVyRm9ybWF0KTsKCiAgICAgICAgYnl0ZVtdIHZhbHVlVG9IYXNoID0gbmV3IGJ5dGVbU2FsdFZhbHVlU2l6ZSArIGVuY29kaW5nLkdldEJ5dGVDb3VudChjbGVhckRhdGEpXTsKICAgICAgICBieXRlW10gYmluYXJ5UGFzc3dvcmQgPSBlbmNvZGluZy5HZXRCeXRlcyhjbGVhckRhdGEpOwoKICAgICAgICAvLyBDb3B5IHRoZSBzYWx0IHZhbHVlIGFuZCB0aGUgcGFzc3dvcmQgdG8gdGhlIGhhc2ggYnVmZmVyLgoKICAgICAgICBiaW5hcnlTYWx0VmFsdWUuQ29weVRvKHZhbHVlVG9IYXNoLCAwKTsKICAgICAgICBiaW5hcnlQYXNzd29yZC5Db3B5VG8odmFsdWVUb0hhc2gsIFNhbHRWYWx1ZVNpemUpOwoKICAgICAgICBieXRlW10gaGFzaFZhbHVlID0gaGFzaC5Db21wdXRlSGFzaCh2YWx1ZVRvSGFzaCk7CgogICAgICAgIC8vIFRoZSBoYXNoZWQgcGFzc3dvcmQgaXMgdGhlIHNhbHQgcGx1cyB0aGUgaGFzaCB2YWx1ZSAoYXMgYSBzdHJpbmcpLgoKICAgICAgICBzdHJpbmcgaGFzaGVkUGFzc3dvcmQgPSBzYWx0VmFsdWU7CgogICAgICAgIGZvcmVhY2ggKGJ5dGUgaGV4ZGlnaXQgaW4gaGFzaFZhbHVlKQogICAgICAgIHsKICAgICAgICAgICAgaGFzaGVkUGFzc3dvcmQgKz0gaGV4ZGlnaXQuVG9TdHJpbmcoIlgyIiwgQ3VsdHVyZUluZm8uSW52YXJpYW50Q3VsdHVyZS5OdW1iZXJGb3JtYXQpOwogICAgICAgIH0KCiAgICAgICAgLy8gUmV0dXJuIHRoZSBoYXNoZWQgcGFzc3dvcmQgYXMgYSBzdHJpbmcuCgogICAgICAgIHJldHVybiBoYXNoZWRQYXNzd29yZDsKICAgIH0KCiAgICByZXR1cm4gbnVsbDsKfQ==