One thing I like about bcrypt is that the output includes the data necessary for comparison (rounds, salt, etc). Down side is it's not quite in the box in terms of a solution.
Alternatively, may want to use pbkdf2 with a high iterations (10k-100k) and keep the salt/iterations in the stored output.
I'll usually do something like the following in an NVarChar(500) field...
v#:details-base64:salt-base64:hashed-base64
Where I keep the version number of the hash implementation, so I can iterate and roll forward, the details for the hash, iterations, etc, the salt bytes in base64, and the hash output in base64.
Also, it's best to normalize the input (NFKC) before hashing. [1] Also, worth considering, if a hash attempt fails, and the last character is a whitespace character, try again with that last whitespace character removed (windows copy/paste). Beyond this, a random delay of 500-2500ms on failure before returning the error to reduce attacks.
There are other considerations as well... serializing requests from a single IP, rate limiting, etc... since strong hashing algorithms and authentication in general are a potential DDOS vector, beyond just the risk of entry.
1. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/normalize
One thing I like about bcrypt is that the output includes the data necessary for comparison (rounds, salt, etc). Down side is it's not quite in the box in terms of a solution. Alternatively, may want to use pbkdf2 with a high iterations (10k-100k) and keep the salt/iterations in the stored output. I'll usually do something like the following in an NVarChar(500) field... v#:details-base64:salt-base64:hashed-base64 Where I keep the version number of the hash implementation, so I can iterate and roll forward, the details for the hash, iterations, etc, the salt bytes in base64, and the hash output in base64. Also, it's best to normalize the input (NFKC) before hashing. [1] Also, worth considering, if a hash attempt fails, and the last character is a whitespace character, try again with that last whitespace character removed (windows copy/paste). Beyond this, a random delay of 500-2500ms on failure before returning the error to reduce attacks. There are other considerations as well... serializing requests from a single IP, rate limiting, etc... since strong hashing algorithms and authentication in general are a potential DDOS vector, beyond just the risk of entry. 1. https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/normalize