What does ASP.NET Identity use for hashing/salting? I've noticed that when I create an user it has a hash in the database but where can I see what it uses and can I possibly change it to use PBKDF2 with HMAC-SHA1?
Not sure what is used by default, but you can write your custom password hasher by implementing
IPassowrdHasher interface. Here are some related discussion about this :
I have a NuGet package called IdentityReboot that implements the password hasher and uses PBKDF2. It's easy, as all you need to do is configure the password hashing iteration count:
