Will Django update passwords that doesn't have the current password hasher?

Question

If I update PASSWORD_HASHERS in Django settings, will Django automatically update the passwords of users that were hashed with a previous algorithm when they sign in?

I'm working with a table of users and passwords where some has been hashed with sha1 or md5 and some with bcrypt. I want to make sure that as users sign in, their passwords are updated with bcrypt so that I can progressively become more secure.

Answer 1

Yes, "When users log in, if their passwords are stored with anything other than the preferred algorithm, Django will automatically upgrade the algorithm to the preferred one." Relevant docs.