Return a one-way encrypted hash of the user’s password.
This hash is the value that should be stored in the database.
A hash can not be decrypted back into its original plaintext. It is only compared with the hash of another value to see if they match.
This method currently uses the industry-standard
bcrypt (Blowfish) hashing algorithm.
==, as it is vulnerable to timing attacks. Use the