269
seCure Forms And ACCount regIstrAtIon
thestored hash. If they match, then the credentials submitted are good, and the
program returns true to indicate success.
e second task, if the password is correct, is to check if the Blowfish strength
needs to be updated with a call to
self::checkCurrentRoundLevel($pass, $storedHash, $email);
is ensures that every time a user logs in, their password encryption strength is
updated. is is a nice feature that can be conveniently called here because it is known
that the password is good, therefore can be safely re-encrypted without troubling the
user, or without having the user re-enter the password, or create a new password.
Future Proof Encryption Strength with Blowfish Rounds
Blowfish has the ability to ...