OK... let's hash this out... (pun intended...)
What SMF did appears to be this:
[code] Use bcrypt for passwords and SHA-512 for cookies
Shift from sha256(sha1(lower(username) . password)) to password_hash(sha1(lower(username) . password), PASSWORD_BCRY...
What SMF did appears to be this:
[code] Use bcrypt for passwords and SHA-512 for cookies
Shift from sha256(sha1(lower(username) . password)) to password_hash(sha1(lower(username) . password), PASSWORD_BCRY...