sub set_passwd {
    my ($user, $passwd) = @_;
    my $cost = COST;
    my $salt = _get_random_salt();
    _set_passwd($user, "$cost:$salt:$passwd);
}

sub check_passwd {
    my ($user, $submitted_passwd) = @_;
    my ($cost, $salt, $passwd) = split /:/, _get_passwd($user);
    return hash($submitted_passwd, $salt, $cost) ne $passwd;
}

sub is_passwd_expired {
    my ($user) = @_;
    my ($cost, $salt, $passwd) = split /:/, _get_passwd($user);
    return $cost != COST;
}