authenticate performs actual authentication, after an authentication
request has been generated for a user (see class documentation for
a description of two-phased authentification process).
generateSingleUsePassword generates and returns a five digit single-use password
encoded as a string, using the secure random generator. this value is used in to be
used in the second phase of the authentication process
requestAuthentication performs the first phase of authentication (see class
documentation for further details of the two-phase authentification process).
setAuthenticationReturnValue sets the return value from the actual
authenticateSession call, performed by the Controller before generating
this command object.
verify that the specified password hash compares successfully with the
stored password hash, for the specified user. we assume that the user id
exists in the system, i.e. that this has been verified before this method
is invoked (but we won't crash horribly if this verification has not been done).