Which Hash algorithm is being used by default in ASP.NET MVC 4 when using asp.net identity. How does it work? How secure is it?
ASP.NET Identity uses PBKDF2. It is implemented using Rfc2898DeriveBytes.
This answere goes into some details of the how and why. This is a very broad question and the answer can span many many pages. Perhaps you can google about the specifics yourself. I tried googling and there is a ton you can read about depending on your level of curiosity.