One way I've used hashes is to set the verified user's cookie to be something like:

$cookie = $user_id . $delimiter . hash( $user_id, "host secret passwor
+d" );
[download]

So on subsequent user accesses, all I need to do is split on the $delimiter and run $user_id, "host secret password" through the hashing algorithm and compare against the hash in the cookie to verify the user.

I haven't look at the code at everydevel, but it looks like perlmonks does something similar to this.

This trades a (slow) database access for a (slow) hash computation, so I'm not sure if there's a real winner (or if there is, it'll be system-dependent.) Just another option to consider ...