1. Enjoy this blog? My book, ASP.NET Core in Action is available now! Click here to get the 1st chapter free.
2. Safely migrating passwords in ASP.NET Core Identity with a custom PasswordHasher

   In this post I create a custom IPasswordHasher implementation that can be used in ASP.NET Core Identity to migrate from weak hashes like MD5 or SHA1.…

   May 07, 2019 in ASP.NET Core ASP.NET Core 2.0 ASP.NET Core Identity Security
3. Implementing custom token providers for passwordless authentication in ASP.NET Core Identity

   In this post I show how to create 2 custom token providers for ASP.NET Core Identity, so that you can implement passwordless login with a short token expiry…

   April 10, 2018 in ASP.NET Core ASP.NET Core Identity Auth Security
4. Gotchas upgrading from IdentityServer 3 to IdentityServer 4

   This post covers a couple of gotchas I experienced upgrading an IdentityServer 3 implementation to IdentityServer 4. In particular, changing URLs and a…

   February 20, 2018 in ASP.NET Core ASP.NET Core Identity IdentityServer Security Auth Issues
5. Migrating passwords in ASP.NET Core Identity with a custom PasswordHasher

   In this post I create a custom IPasswordHasher implementation that can be used in ASP.NET Core Identity to support other hashing formats, such as BCrypt.…

   October 26, 2017 in ASP.NET Core ASP.NET Core 2.0 ASP.NET Core Identity Security
6. Exploring the ASP.NET Core Identity PasswordHasher

   In this post I take a look at the PasswordHasher implementation from the ASP.NET Core Identity framework, and how it supports multiple hashing algorithms.…

   October 24, 2017 in ASP.NET Core ASP.NET Core Identity Security Source Code Dive
7. Debugging JWT validation problems between an OWIN app and IdentityServer4

   This post describes an issue that arose migrating from IdentityServer3 to IdentityServer4, where an OWIN app cannot validate a JWT issued by IdentityServer4…

   October 10, 2017 in ASP.NET Core ASP.NET Core Identity IdentityServer