diff --git a/TODO b/TODO
index cd930652..7eb18a66 100644
--- a/TODO
+++ b/TODO
@@ -2,4 +2,5 @@
 * Add registerable support
 * Add http authentication support
 * Extract SessionSerializer tests from Authenticatable
+* Extract CookieSerializer tests from Authenticatable
 * Extract Activatable tests from Confirmable
\ No newline at end of file
diff --git a/lib/devise/models/authenticatable.rb b/lib/devise/models/authenticatable.rb
index b57f0b23..c5ed4b38 100644
--- a/lib/devise/models/authenticatable.rb
+++ b/lib/devise/models/authenticatable.rb
@@ -53,6 +53,11 @@ module Devise
         password_digest(incoming_password) == encrypted_password
       end
 
+      # Checks if a resource is valid upon authentication.
+      def valid_for_authentication?(attributes)
+        valid_password?(attributes[:password])
+      end
+
       # Update record attributes when :old_password matches, otherwise returns
       # error on :old_password.
       def update_with_password(params={})
@@ -79,7 +84,13 @@ module Devise
           return unless authentication_keys.all? { |k| attributes[k].present? }
           conditions = attributes.slice(*authentication_keys)
           resource = find_for_authentication(conditions)
-          valid_for_authentication(resource, attributes) if resource
+          if respond_to?(:valid_for_authentication)
+            ActiveSupport::Deprecation.warn "valid_for_authentication class method is deprecated. " <<
+              "Use valid_for_authentication? in the instance instead."
+            valid_for_authentication(resource, attributes)
+          elsif resource.try(:valid_for_authentication?, attributes)
+            resource
+          end
         end
 
         # Returns the class for the configured encryptor.
@@ -103,11 +114,6 @@ module Devise
           find(:first, :conditions => conditions)
         end
 
-        # Contains the logic used in authentication. Overwritten by other devise modules.
-        def valid_for_authentication(resource, attributes)
-          resource if resource.valid_password?(attributes[:password])
-        end
-
         Devise::Models.config(self, :pepper, :stretches, :encryptor, :authentication_keys)
       end
     end
diff --git a/lib/devise/models/cookie_serializer.rb b/lib/devise/models/cookie_serializer.rb
new file mode 100644
index 00000000..0beb0c4a
--- /dev/null
+++ b/lib/devise/models/cookie_serializer.rb
@@ -0,0 +1,21 @@
+require 'devise/serializers/cookie'
+
+module Devise
+  module Models
+    module CookieSerializer
+      # Create the cookie key using the record id and remember_token
+      def serialize_into_cookie(record)
+        "#{record.id}::#{record.remember_token}"
+      end
+
+      # Recreate the user based on the stored cookie
+      def serialize_from_cookie(cookie)
+        record_id, record_token = cookie.split('::')
+        record = find(:first, :conditions => { :id => record_id }) if record_id
+        record if record.try(:valid_remember_token?, record_token)
+      end
+
+      Devise::Models.config(self, :remember_for)
+    end
+  end
+end
\ No newline at end of file
diff --git a/lib/devise/models/rememberable.rb b/lib/devise/models/rememberable.rb
index 0d27c7d0..51a4d356 100644
--- a/lib/devise/models/rememberable.rb
+++ b/lib/devise/models/rememberable.rb
@@ -1,8 +1,7 @@
-require 'devise/serializers/cookie'
+require 'devise/models/cookie_serializer'
 
 module Devise
   module Models
-
     # Rememberable manages generating and clearing token for remember the user
     # from a saved cookie. Rememberable also has utility methods for dealing
     # with serializing the user into the cookie and back from the cookie, trying
@@ -33,7 +32,7 @@ module Devise
 
       def self.included(base)
         base.class_eval do
-          extend ClassMethods
+          extend CookieSerializer
 
           # Remember me option available in after_authentication hook.
           attr_accessor :remember_me
@@ -71,22 +70,6 @@ module Devise
       def remember_expires_at
         remember_created_at + self.class.remember_for
       end
-
-      module ClassMethods
-        # Create the cookie key using the record id and remember_token
-        def serialize_into_cookie(rememberable)
-          "#{rememberable.id}::#{rememberable.remember_token}"
-        end
-
-        # Recreate the user based on the stored cookie
-        def serialize_from_cookie(cookie)
-          rememberable_id, remember_token = cookie.split('::')
-          rememberable = find(:first, :conditions => { :id => rememberable_id }) if rememberable_id
-          rememberable if rememberable.try(:valid_remember_token?, remember_token)
-        end
-
-        Devise::Models.config(self, :remember_for)
-      end
     end
   end
 end