For hashing passwords I usually use SHA-256 PBKDF2. No project I ever made needed anything better than this. There is only one problem with this hashing function - it is not really compatible with anything.
Kinda unofficial standard for password hashing is an Unix crypt function. You can recognize its passwords by following format:
$id$salt$hash. It was originally used for hashing user password on *nix systems but with time it became common format for other usages also.
After scouring Internet to find C# implementation I decided to code it myself. It seems that C# porting stopped for everybody with MD-5 variant of crypt. While that lowest common format supported quite a few use cases, I wanted to use a bit newer SHA-512 based hashing. It should have been just an hour of coding. Eventually it took me almost eight to get it working.
Few things took me by surprise during development. I was surprised how many pointless steps were in SHA-256/512 hash creation. Best example would be base-64 implementation that not only uses incompatible character set but it also shuffles bytes around before encoding. These steps don't add any security nor they serve to slow attacker.
Lack of proper specification for MD-5 hash was annoying more than anything else. For most of part I used just specification for SHA-256/512 combined with reference implementation in C. Yes, it wasn't mission impossible, but lack of description for something that is part of every Unix/Linux system for more than decade is an annoyance at best.
Sample supporting MD-5 (
$1$), Apache MD-5 (
$apr1$), SHA-256 (
$5$) and SHA-512 (
$6$) password generation is available for download.
PS: If you are interested in test cases for it, you can check Medo.dll repository.