import user accounts from the BrockAllen MembershipReboot to Ory

Question

I am going to convert an old project implemented with asp.net to a new one with nest.js the current identity management has been implemented with the BrockAllen MembershipReboot and the new one is gonna be the Ory Kratos

the following algorithms are supported by the Ory Kratos :

BCrypt, PKBDF2, Argon2, SCrypt family hashed password

but the problem is that I can't figure out the hash algorithm of the below passwords :

2710.ANlSrEDPfo+IxpN24Q6eKobjDgpigKPnixLSabVzRzWc348ul9GkoNwCKQv6PIWw6g==
2710.AGUkLKG7mb431uOReeR16u6VreIfYKBKu/tsoNW9w+OtcpalhTt/BuGKYkZpoQAoYw==
2710.AEb5ZOc81Hyt4X2iq73yjZGpfpnBojU+y6fRq+TpN5EBUB5OQTemKqjE9UHzIdEbXA==
2710.AF7fxxNtdf89YVMdvM20HXbErZbOr8ewYuB/b/xWntxbY/DElxOo5R8EqzBdyEy3Dw==
2710.ACIWUs28BhPZhOOhTtCzRoopscQXT/px/aRQndHRmwH2bWnaned/eb3r6OAmmV5YBQ==

as you can see all of the hashed passwords start with 2710.A... there is a chance to keep the current passwords?

Answer 1

This looks like the code used to calculate and verify password hashes in that library:

• https://github.com/brockallen/BrockAllen.MembershipReboot/blob/d2a7325fc4bd406b8ad861d54fd932aed540b770/src/BrockAllen.MembershipReboot/Crypto/DefaultCrypto.cs
• https://github.com/brockallen/BrockAllen.MembershipReboot/blob/d2a7325fc4bd406b8ad861d54fd932aed540b770/src/BrockAllen.MembershipReboot/Crypto/System.Web.Helpers.Crypto.cs

I don't know any C#, but I think it is pretty clear that the number before the dot . is the number of iterations, while the rest is the hash itself. The algorithm used seems to be PKBDF2, and the encoding is explained here.

I guess you can write a short program or script to transform one hash format into the other using these information.