diff --git a/History.md b/History.md
index fd8d3d41a..87bc7a697 100644
--- a/History.md
+++ b/History.md
@@ -13,6 +13,7 @@
 - Content pages can now have attached files, just like the welcome text on the home page.
 - Access to content pages can now be restricted to logged in users, admins or specific user groups.
 - When merging amendments into a motion, the default setting now is to create a resolution, not a new motion.
+- Security improvement: When logging in, and a new verion of PHP (like 8.4) suggests a stronger default password hashing, the stored hash is updated accordingly.
 - A new translation is provided: Montenegrin (thanks to Danilo Boskovic)
 - Some compatibility issues with PHP 8.4 were resolved.
 - Bugfix: Tabular data was not encoded correctly in the PHP-based PDF export.
diff --git a/models/db/User.php b/models/db/User.php
index 7732a4243..142abef51 100644
--- a/models/db/User.php
+++ b/models/db/User.php
@@ -516,7 +516,14 @@ public function getSelectableUserOrganizations(): ?array
 
     public function validatePassword(string $password): bool
     {
-        return password_verify($password, $this->pwdEnc);
+        $correctPassword = password_verify($password, $this->pwdEnc);
+
+        if ($correctPassword && password_needs_rehash($this->pwdEnc, PASSWORD_DEFAULT)) {
+            $this->pwdEnc = password_hash($password, PASSWORD_DEFAULT);
+            $this->save();
+        }
+
+        return $correctPassword;
     }
 
     public function changePassword(string $newPassword): void