score:3

Accepted answer

Create a User Repository that uses a POCO to store the User without the Password and Salt fields.

The Repository handles calling Entity Framework and populating your POCO with its data.

namespace MyCompany.Data.Repositories
{
    public class User
    {
        public int Id { get; set; }
        public string Username { get; set; }
        public string Name { get; set; }
        public bool Locked { get; private set; }
    }

    public class UserRepository
    {
        public User GetAll() { }
        public User GetById() { }

        // Add your check password method here
    }
}

Related Articles