The Bcrypt plugin is a secure and lightweight password hashing library.
$crypt = \Bcrypt::instance();
Generate bcrypt hash of string
string|FALSE hash ( string $pw [, string $salt = NULL [, int $cost = 10 ]] )
If provided, the
$salt parameter must be at least 22 alphanumeric characters.
$cost parameter triggers the iteration count for the underlying Blowfish-based hashing algorithmeter and must be in range
Check if password is still strong enough
bool needs_rehash ( string $hash [, int $cost = 10 ] )
If you decide to move to stronger passwords, you can check if the password hash will meet that
$cost requirement. In case it's too weak, you could inform the user to choose a stronger one.
Verify password against hash using timing attack resistant approach
bool verify ( string $pw, string $hash )