coopster - 4:30 pm on Jul 3, 2013 (gmt 0)
The hashing part is a bit confusing to me, unless I am misunderstanding it. Let's say I start using this function and store the hashed password in the database. Over the course of time, PHP decides to update the default hashing algo. I get a user from days of old trying to login and I compare the logged in password with the hashed algo using the new hash from the latest PHP release -- they are not going to match! Am I missing something?