Some other values are "sha256/salt", "md5", "rot13". Note that if your
application is already using 'md5' or 'sha1', you can remove the
argument entirely and your user passwords will keep working and will
automatically be "upgraded" to password_hash when used.
If you are having trouble with authentication, use auth->debug()