I recently began to rebuild a legacy application using Laravel. I soon ran into a problem: the passwords stored in the database were using an old SHA hashing mechanism. I didn’t want to bother existing users to enter a new password, so I wanted to easily upgrade the passwords without causing these users any trouble. The problem is that you can’t backtrack their passwords, so just rehashing them isn’t an option. How do you go about doing this? Let me show you what I came up with.
This post covers all the steps needed to rehash passwords in your Laravel App. Another option which I covered a few weeks ago is the password validator package.