How to securely hash and salt passwords with verifying them in PHP?