Storing passwords as plain text is dangerous. Instead, you should hash them using a strong, slow hashing algorithm like BCrypt, which includes built-in salting and resistance to brute-force attacks.
Step 1: Install BCrypt NuGet Package
Before using BCrypt, install the BCrypt.Net-Next package:
dotnet add package BCrypt.Net-Next
or via NuGet Package Manager:
Install-Package BCrypt.Net-Next
Step 2: Hash a Password
Use BCrypt.HashPassword() to securely hash a password before storing it:
using BCrypt.Net; string password = "mySecurePassword123"; string hashedPassword = BCrypt.HashPassword(password); Console.WriteLine(hashedPassword); // Output: $2a$12$...
Step 3: Verify a Password
To check a user's login attempt, use BCrypt.Verify():
bool isMatch = BCrypt.Verify("mySecurePassword123", hashedPassword); Console.WriteLine(isMatch); // Output: True
Ensuring proper hashing should be at the top of your list when it comes to building authentication systems.
Reading a file line by line is useful when handling large files without loading everything into memory at once.
✅ Best Practice: Use File.ReadLines() which is more memory efficient.
Example
foreach (string line in File.ReadLines("file.txt")) { Console.WriteLine(line); }
Why use ReadLines()?
Reads one line at a time, reducing overall memory usage. Ideal for large files (e.g., logs, CSVs).
Alternative: Use StreamReader (More Control)
For scenarios where you need custom processing while reading the contents of the file:
using (StreamReader reader = new StreamReader("file.txt")) { string? line; while ((line = reader.ReadLine()) != null) { Console.WriteLine(line); } }
Why use StreamReader?
Lets you handle exceptions, encoding, and buffering. Supports custom processing (e.g., search for a keyword while reading).
When to Use ReadAllLines()? If you need all lines at once, use:
string[] lines = File.ReadAllLines("file.txt");
Caution: Loads the entire file into memory—avoid for large files!
Raw string literals in C# provide a flexible way to work with multiline strings, with some interesting rules around how quotes work.
The key insight is that you can use any number of double quotes (three or more) to delimit your string, as long as the opening and closing sequences have the same number of quotes.
"""
// Three quotes - most common usage string basic = """ This is a basic multiline string """; // Four quotes - when your content has three quotes string withThreeQuotes = """" Here's some text with """quoted""" content """"; // Five quotes - when your content has four quotes string withFourQuotes = """"" Here's text with """"nested"""" quotes """""; // Six quotes - for even more complex scenarios string withFiveQuotes = """""" Look at these """""nested""""" quotes! """""";
The general rule is that if your string content contains N consecutive double quotes, you need to wrap the entire string with at least N+1 quotes. This ensures the compiler can properly distinguish between your content and the string's delimiters.
// Example demonstrating the N+1 rule string example1 = """ No quotes inside """; // 3 quotes is fine string example2 = """" Contains """three quotes""" """"; // Needs 4 quotes (3+1) string example3 = """"" Has """"four quotes"""" """""; // Needs 5 quotes (4+1)
// Indentation example string properlyIndented = """ { "property": "value", "nested": { "deeper": "content" } } """; // This line's position determines the indentation
This flexibility with quote counts makes raw string literals extremely versatile, especially when dealing with content that itself contains quotes, like JSON, XML, or other structured text formats.
String interpolation, introduced in C# 6.0, provides a more readable and concise way to format strings compared to traditional concatenation (+) or string.Format(). Instead of manually inserting variables or placeholders, you can use the $ symbol before a string to directly embed expressions inside brackets.
string name = "Walt"; string job = 'Software Engineer'; string message = $"Hello, my name is {name} and I am a {job}"; Console.WriteLine(message);
This would produce the final output of:
Hello, my name is Walt and I am a Software Engineer
String interpolation can also be chained together into a multiline string (@) for even cleaner more concise results:
string name = "Walt"; string html = $@" <div> <h1>Welcome, {name}!</h1> </div>";
Register for my free weekly newsletter.