If I create salt by using something like this:
public class User
{
private const int Hash_Salt_Length = 8;
private byte[] saltBytes = new byte[Hash_Salt_Length];
public User()
{
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetNonZeroBytes(saltBytes);
}
....
}
The saltBytes
bytes array will be different for each session (restart the application). How can I check password to allow user login our application?