Generate a salt for use with the hashpass function.

The log_rounds parameter determines the computational complexity of the generation of the password hash. Its default is 12, the minimum is 4, and the maximum is 31.

The legacy option is for generating salts with the old $2a$ prefix. Only use this option if you need to generate hashes that are then checked by older libraries.

Hash the password with a salt which is randomly generated.

To change the complexity (and the time taken) of the password hash calculation, you need to change the value for bcrypt_log_rounds in the config file.

Perform a dummy check for a user that does not exist.

This always returns false. The reason for implementing this check is in order to make user enumeration by timing responses more difficult.

Check the password.

The check is performed in constant time to avoid timing attacks.