Skip to main content

· 2 min read

This is a third part of the series of articles about some not-so-well-known features and tricks in ASP.NET Identity. Here are you can find the first and the second parts.


This task usually appears when you need to transfer your old MVC web application to ASP.NET Core. If you use MVC version 3 or 4 and your application provides a user authentication service, then most likely this part is done with the old ASP.NET Membership library.

So, imagine you have a bunch of users, each of them has some password and the hash of that password stored in some database. Now you need to transfer all your current users to the new system built with ASP.NET Core. Of course, it's not a big problem to transfer their names, addresses, and other information. The problem is in those password hashes. ASP.NET Core Identity uses another hashing algorithm so all current users will not be able to access the system with their old passwords - the hashes will not match.

· 3 min read

This is the second article in a series of articles about ASP.NET Core Identity. You can find the first one here.


Let's suppose you created a new ASP.NET Core with the default Authentication (like in previous article). Then you run it and try to register a new user. On the registration form, we need to enter a password. Since we need to register a user for testing purposes first of all - we don't want to make the password too complicated. We'd prefer to keep it simple and easy-to-remember (in the end - it's not a production-mode system!)

However, if you try to enter something simple like "qwerty" or your name - you will get the following bunch of error messages:

  • Passwords must have at least one non-alphanumeric character.
  • Passwords must have at least one digit ('0'-'9').
  • Passwords must have at least one uppercase ('A'-'Z').

The reason for all these validation errors is that by default ASP.NET Core Identity has very strong password policies for the users. In the error messages above you can see the constraints which must be satisfied.

· 5 min read

NB: The solution presented in this article will work in version 2.0 of ASP.NET Core only!
If you use a newer version of ASP.NET Core (e.g. 2.2) - here is a new post on the same topic.


With this post, we start a series of articles that describe the different aspects of using ASP.NET Identity in your ASP.NET (Core) applications. All the code in the following articles was built for and tested with ASP.NET Core 2.0. However, in most cases, it will work well in earlier versions of .NET framework (4.x) and ASP.NET Identity library (2.x)

One more note. We are NOT going to do an introduction to or describe the basic principles of ASP.NET Core in general or APS.NET Identity in particular. The following material is more for the developers who already have some experience with both of them. If you don't - please start by reading the tutorials on ASP.NET Core documentation website and creating your first web app with it.