Currently, KAnonimityHelper.GetHashForPassword(string) returns the full SHA1 hashstring for the specified password. We later take substrings from this hash in HttpHaveIBeenPwnedClient.IsPwnedPasswordInternalAsync(string, CancellationToken) to get the KAnonimity part (the 5 characters sent to the HIBP API) and the suffix (the remainder of the hash). So, we create a string to later create two new strings out of it. That's a bit useless.
Suggestion: Change the KAnonimityHelper.GetHashForPassword(string) method to return a value tuple with the KAnonimity part and the suffix. E.g., change the signature to: public static (string kAnonimityPart, string kAnonimitySuffix) GetKAnonimityPartsForPassword(string password)
Currently,
KAnonimityHelper.GetHashForPassword(string)
returns the full SHA1 hashstring for the specified password. We later take substrings from this hash inHttpHaveIBeenPwnedClient.IsPwnedPasswordInternalAsync(string, CancellationToken)
to get the KAnonimity part (the 5 characters sent to the HIBP API) and the suffix (the remainder of the hash). So, we create a string to later create two new strings out of it. That's a bit useless.Suggestion: Change the
KAnonimityHelper.GetHashForPassword(string)
method to return a value tuple with the KAnonimity part and the suffix. E.g., change the signature to:public static (string kAnonimityPart, string kAnonimitySuffix) GetKAnonimityPartsForPassword(string password)