Changelog » Change #1296

The retrieved hash from the database was checked if it needed to be rehashed (e.g. preferred hashing algorithm changed) before the password was actually verified. If the password needed to be rehashed, it would use the password that was attempted to log in with to create the new hash and would subsequently pass the verification.