Hi there. Using mysql and php Is there any reason / value when checking a password to query the database using the user name and password (after sanitizing, of course) and recording a failed attempt when no rows are returned vs querying the database using the user name and then comparing the return password string? EDIT: To those who mentioned it below, yes the password is hashed up in the database.