wp-password-bcrypt is a WordPress plugin to replace WP’s outdated and insecure MD5-based password hashing with the modern and secure bcrypt.
It is written by roots.io people.
This plugin requires PHP >= 5.5.0 which introduced the built-in
password_hash
and
password_verify
functions.
See Improving WordPress Password Security for more background on this plugin and the password hashing issue.
This plugin is available for download to be used on your WordPress self-hosted installation.