abstract class PasswordEncryptor (View source)
Allows pluggable password encryption.
By default, this might be PHP's integrated sha1() function, but could also be more sophisticated to facilitate password migrations from other systems. Use register() to add new implementations.
Used in Security::encrypt_password().
encrypt(string $password, string $salt = null, Member $member = null)
Return a string value stored in the Member->Password property.
The password should be hashed with salt() if applicable.
salt(string $password, Member $member = null)
Return a string value stored in the Member->Salt property.
check(string $hash, string $password, string $salt = null, Member $member = null)
This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish