diff --git a/tfa.inc b/tfa.inc
index e0ffa15..9571fe5 100644
--- a/tfa.inc
+++ b/tfa.inc
@@ -528,17 +528,17 @@ protected function encrypt($text) {
   }
 
   /**
-   * Encrypt using the deprecated mcrypt extension.
+   * Encrypt using the deprecated MCrypt extension.
    *
    * @param string $text
+   *   The text to encrypt.
    *
    * @return string
+   *   The text encrypted using MCrypt.
    */
-  protected function encryptWithMCrypt($text, $iv = null) {
+  protected function encryptWithMCrypt($text) {
     $td = mcrypt_module_open('rijndael-128', '', 'cbc', '');
-    if (empty($iv)) {
-      $iv = drupal_random_bytes(mcrypt_enc_get_iv_size($td));
-    }
+    $iv = drupal_random_bytes(mcrypt_enc_get_iv_size($td));
 
     $key = substr($this->encryptionKey, 0, mcrypt_enc_get_key_size($td));
 
@@ -569,27 +569,27 @@ protected function decrypt($data) {
     $is_legacy = TRUE;
     $crypto_data = drupal_json_decode($data);
     if (!empty($crypto_data['version']) && !empty($crypto_data['iv_base64']) && !empty($crypto_data['ciphertext_base64'])) {
-      $is_legacy = FALSE;
+      $iv = base64_decode($crypto_data['iv_base64']);
+      $ciphertext = base64_decode($crypto_data['ciphertext_base64']);
+      return openssl_decrypt($ciphertext, 'AES-256-CBC', $this->encryptionKey, TRUE, $iv);
     }
+
     // Backwards compatibility with the old MCrypt scheme.
-    if ($is_legacy === TRUE) {
-      if (extension_loaded('openssl')) {
-        return $this->decryptLegacyDataWithOpenSSL($data);
-      }
-      if (extension_loaded('mcrypt')) {
-        return $this->decryptLegacyDataWithMCrypt($data);
-      }
-      return FALSE;
+    if (extension_loaded('openssl')) {
+      return $this->decryptLegacyDataWithOpenSSL($data);
     }
-    $iv = base64_decode($crypto_data['iv_base64']);
-    $ciphertext = base64_decode($crypto_data['ciphertext_base64']);
-    return openssl_decrypt($ciphertext, 'AES-256-CBC', $this->encryptionKey, TRUE, $iv);
+    if (extension_loaded('mcrypt')) {
+      return $this->decryptLegacyDataWithMCrypt($data);
+    }
+
+    return FALSE;
   }
 
   /**
    * Decrypt using the deprecated MCrypt extension.
    *
    * @param string $data
+   *   The data to be decrypted.
    *
    * @return string|boolean
    *   The plaintext, or FALSE on failure.
@@ -615,10 +615,12 @@ protected function decryptLegacyDataWithMCrypt($data) {
   }
 
   /**
-   * Use OpenSSL to decrypt data that was originally encrypted with MCrypt
-   * (by an earlier version of this module).
+   * Use OpenSSL to decrypt data that was originally encrypted with MCrypt.
+   *
+   * As used by an earlier version of this module.
    *
    * @param string $data
+   *   The data to be decrypted.
    *
    * @return string|boolean
    *   The plaintext, or FALSE on failure.
@@ -630,8 +632,7 @@ protected function decryptLegacyDataWithOpenSSL($data) {
     $iv = substr($data, 0, $iv_size);
     $data = substr($data, $iv_size);
     // Using 3 instead of the constant OPENSSL_NO_PADDING, for PHP 5.3.
-    $options = 3;
-    $decrypted_text = openssl_decrypt($data, 'AES-256-CBC', $key, $options, $iv);
+    $decrypted_text = openssl_decrypt($data, 'AES-256-CBC', $key, 3, $iv);
     if ($decrypted_text === FALSE) {
       return FALSE;
     }
@@ -658,8 +659,12 @@ interface TfaValidationPluginInterface {
    * Get TFA process form from plugin.
    *
    * @param array $form
+   *   The form array structure.
    * @param array $form_state
-   * @return array Form API array.
+   *   The current form state array.
+   *
+   * @return array
+   *   Form API array.
    */
   public function getForm(array $form, array &$form_state);
 
@@ -667,8 +672,12 @@ public function getForm(array $form, array &$form_state);
    * Validate form.
    *
    * @param array $form
+   *   The form array structure.
    * @param array $form_state
-   * @return bool Whether form passes validation or not
+   *   The current form state array.
+   *
+   * @return bool
+   *   Whether form passes validation or not.
    */
   public function validateForm(array $form, array &$form_state);
 }
@@ -685,6 +694,7 @@ interface TfaLoginPluginInterface {
    * Whether authentication should be interrupted.
    *
    * @return bool
+   *   Indicates whether authentication should be interrupted.
    */
   public function loginAllowed();
 }
@@ -716,20 +726,28 @@ interface TfaSetupPluginInterface {
 
   /**
    * @param array $form
+   *   The form array structure.
    * @param array $form_state
+   *   The current form state array.
    */
   public function getSetupForm(array $form, array &$form_state);
 
   /**
    * @param array $form
+   *   The form array structure.
    * @param array $form_state
+   *   The current form state array.
    */
   public function validateSetupForm(array $form, array &$form_state);
 
   /**
    * @param array $form
+   *   The form array structure.
    * @param array $form_state
+   *   The current form state array.
+   *
    * @return bool
+   *   Indicates whether the form submission succeeded.
    */
   public function submitSetupForm(array $form, array &$form_state);