Migrating to password_verify

I’ve recently been updating a website that was written a long time ago that has not been touched in a meaningful way in many years. In addition to the actual work I was asked to do, I took the opportunity to update the password hashing routines.
This site is so old that the passwords are stored using MD5 hashes. and that’s not really good enough today. So I included updating to bcrypt hashing with password_hash() and password_verify() in my statement of work.

Link: https://dzone.com/articles/migrating-to-password-verify?utm_medium=feed&utm_source=feedpress.me&utm_campaign=Feed%3A+dzone%2Fwebdev