I have a question regarding the validate a hashed text in the database. Right now, UserType that has been registered in the database is hashed like the image below:

I want it to when there is an Administrator text that is stored as hash in the database, the program will validate the hash and check if the validation is an Administrator text. If yes, then it will simply remove the Administrator text in the combo box list.

The reason why I stored the UserType to the database by Hash, is I am restrict the other UserType to gain full access to the system and to prevent the hacker to change the UserType to the other than Administrator (if I store it by the plain text only) in the database once they found it.

The image above shows that UserType has been hashed, and the text that is hashed is Administrator for the UserType.

Right now, I am add and store the hashed UserType to the database like this:

public static void AddDatabase(string _selectedIndex)
        {
            using (OleDbConnection connection = new OleDbConnection(connectionString))
            {
                string query = "INSERT INTO [Member] ([UserType]) VALUES (@UserType)";

                connection.Open();

                _hashedType = BCrypt.CreateHash(_selectedIndex, BCrypt.GenerateSalt(12));

                using (OleDbCommand command = new OleDbCommand(query, connection))
                {
                    command.Parameters.Add("@UserType", OleDbType.VarChar);
                    command.Parameters["@UserType"].Value = _hashedType;
                    command.ExecuteNonQuery();
                }

                connection.Close();
            }
        }

void button2_Click(object sender, EventArgs e)
        {
  SystemManager.AddDatabase(this.comboBox1.Text);
        }

void Registration_Load(object sender, EventArgs e)
        {
            if (SystemManager.CheckType("Administrator") != true)
            {
                this.comboBox1.Items.Add("Administrator");
            }

            this.comboBox1.Items.Add("Member");

            this.comboBox1.SelectedIndex = 0;
        }

To validate it, I am using it like the code below. But, once I run the program, everything become empty (the combo box drop down list not shows anything (empty text) like image below):

public static bool CheckType(string _value1)
        {
            using (OleDbConnection connection = new OleDbConnection(SystemManager.connectionString))
            {
                string query = "SELECT COUNT(*) FROM [Member] WHERE [UserType] = @UserType";

                connection.Open();

                using (OleDbCommand command = new OleDbCommand(query, connection))
                {
                    command.Parameters.Add("@UserType", OleDbType.VarChar);
                    command.Parameters["@UserType"].Value = BCrypt.ValidateHash(_value1, _hashedType);

                    _count = (int)command.ExecuteScalar();

                    connection.Close();
                }

            }

            return _count > 0;
        }

Thank you very much!

I really appreciate your answer

Two things:

First, since the code you show includes an unconditional add of the string "Member" to your ComboBox, then it is certain either that method is not being called at all, or that some code later is clearing the ComboBox. You didn't post a complete enough sample for anyone else to know which is the correct answer, so you'll have to debug that yourself. Start by putting a breakpoint on the method to determine whether it's being called at all.

Second, I question this whole strategy of using a hashed value to ensure against someone changing the value. If they have access to the database and can modify its elements, they have everything they need. Hashing sensitive information is only useful when you can assume that the stored hash itself cannot be modified and you want to require someone else to provide some data (such as a password) which only they know, so that you can hash that data and compare it to the stored hash. And of course this only works when using a secure hash.

Without salt, if I'm an attacker, and I have access to the database, and I want to change one user's type to something different, all I need to do is copy the value I find in some other user of the same type that I want to change it to. Here you salt, but even that doesn't help, if as the attacker I'm aware of the salt being used and the hash algorithm (both pieces of information you've provided here); I can just generate the hash from scratch at will.

If you want the database secure against changes, you need to not let attackers change it in the first place.