diff --git a/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php b/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php
index c4316703b..f5c73e281 100644
--- a/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php
+++ b/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php
@@ -99,6 +99,9 @@ class Application extends \RainLoop\Config\AbstractConfig
 	 */
 	public function SetPassword($sPassword)
 	{
+		if (function_exists('password_hash')) {
+			return $this->Set('security', 'admin_password', password_hash($sPassword, PASSWORD_DEFAULT));
+		}
 		return $this->Set('security', 'admin_password', \md5(APP_SALT.$sPassword.APP_SALT));
 	}
 
@@ -112,8 +115,18 @@ class Application extends \RainLoop\Config\AbstractConfig
 		$sPassword = (string) $sPassword;
 		$sConfigPassword = (string) $this->Get('security', 'admin_password', '');
 
-		return 0 < \strlen($sPassword) &&
-			(($sPassword === $sConfigPassword && '12345' === $sConfigPassword) || \md5(APP_SALT.$sPassword.APP_SALT) === $sConfigPassword);
+		if (0 < strlen($sConfigPassword)) {
+			if (($sPassword === $sConfigPassword) && ('12345' === $sConfigPassword)) {
+				return true;
+			}
+			if (32 == strlen($sConfigPassword)) {	// legacy md5 hash
+				return (\md5(APP_SALT.$sPassword.APP_SALT) === $sConfigPassword);
+			}
+			if (function_exists('password_verify')) {
+				return password_verify($sPassword, $sConfigPassword);
+			}
+		}
+		return false;
 	}
 
 	/**