drupal/core/modules/phpass/phpass.module

<?php

/**
 * @file
 * Provides the password checking algorithm used prior to version 10.1.0.
 */

use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Routing\RouteMatchInterface;

/**
 * Implements hook_help().
 */
function phpass_help($route_name, RouteMatchInterface $route_match) {
  switch ($route_name) {
    case 'help.page.phpass':
      $output = '';
      $output .= '<h3>' . t('About') . '</h3>';
      $output .= '<p>' . t('The Password Compatibility module provides the password checking algorithm for user accounts created with Drupal prior to version 10.1.0. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module']) . '</p>';
      $output .= '<p>' . t('Drupal 10.1.0 and later use a different algorithm to compute the hashed password. This provides better security against brute-force attacks. The hashed passwords are different from the ones computed with Drupal versions before 10.1.0.') . '</p>';
      $output .= '<p>' . t('When the Password Compatibility module is installed, a user can log in with a username and password created before Drupal 10.1.0. The first time these credentials are used, a new hash is computed and saved. From then on, the user will be able to log in with the same username and password whether or not this module is installed.') . '</p>';
      $output .= '<p>' . t('Passwords created before Drupal 10.1.0 <strong>will not work</strong> unless they are used at least once while this module is installed. Make sure that you can log in before uninstalling this module.') . '</p>';
      return $output;

  }
}

/**
 * Implements hook_form_FORM_ID_alter() for system_modules_uninstall_confirm_form.
 */
function phpass_form_system_modules_uninstall_confirm_form_alter(array &$form, FormStateInterface $form_state): void {
  $modules = \Drupal::keyValueExpirable('modules_uninstall')
    ->get(\Drupal::currentUser()->id());
  if (!in_array('phpass', $modules)) {
    return;
  }
  \Drupal::messenger()->addWarning(t('Make sure that you can log in before uninstalling the Password Compatibility module. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [
    ':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module',
  ]));
}
Issue #1845004 by znerol, claudiu.cristea, Spokje, neclimdul, VladimirAus, slasher13, tvb, pwolanin, NivethaSubramaniyan, pradhumanjainOSL, Ratan Priya, longwave, catch, Crell, andypost, xjm, dawehner, voleger, alexpott, Berdir, klausi, DamienMcKenna, mfb, borisson_, Jalandhar, mohit1604, mcdruid: Replace custom password hashing library with PHP password_hash() 2023-04-04 10:36:05 +00:00			`<?php`

			`/**`
			`* @file`
Issue #3358524 by benjifisher, quietone, smustgrave: Users cannot log in if Password Compatibility module is not enabled 2023-05-22 09:38:04 +00:00			`* Provides the password checking algorithm used prior to version 10.1.0.`
Issue #1845004 by znerol, claudiu.cristea, Spokje, neclimdul, VladimirAus, slasher13, tvb, pwolanin, NivethaSubramaniyan, pradhumanjainOSL, Ratan Priya, longwave, catch, Crell, andypost, xjm, dawehner, voleger, alexpott, Berdir, klausi, DamienMcKenna, mfb, borisson_, Jalandhar, mohit1604, mcdruid: Replace custom password hashing library with PHP password_hash() 2023-04-04 10:36:05 +00:00			`*/`

Issue #3358524 by benjifisher, quietone, smustgrave: Users cannot log in if Password Compatibility module is not enabled 2023-05-22 09:38:04 +00:00			`use Drupal\Core\Form\FormStateInterface;`
Issue #1845004 by znerol, claudiu.cristea, Spokje, neclimdul, VladimirAus, slasher13, tvb, pwolanin, NivethaSubramaniyan, pradhumanjainOSL, Ratan Priya, longwave, catch, Crell, andypost, xjm, dawehner, voleger, alexpott, Berdir, klausi, DamienMcKenna, mfb, borisson_, Jalandhar, mohit1604, mcdruid: Replace custom password hashing library with PHP password_hash() 2023-04-04 10:36:05 +00:00			`use Drupal\Core\Routing\RouteMatchInterface;`

			`/**`
			`* Implements hook_help().`
			`*/`
			`function phpass_help($route_name, RouteMatchInterface $route_match) {`
			`switch ($route_name) {`
			`case 'help.page.phpass':`
			`$output = '';`
			`$output .= '<h3>' . t('About') . '</h3>';`
Issue #3358524 by benjifisher, quietone, smustgrave: Users cannot log in if Password Compatibility module is not enabled 2023-05-22 09:38:04 +00:00			`$output .= '<p>' . t('The Password Compatibility module provides the password checking algorithm for user accounts created with Drupal prior to version 10.1.0. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module']) . '</p>';`
			`$output .= '<p>' . t('Drupal 10.1.0 and later use a different algorithm to compute the hashed password. This provides better security against brute-force attacks. The hashed passwords are different from the ones computed with Drupal versions before 10.1.0.') . '</p>';`
			`$output .= '<p>' . t('When the Password Compatibility module is installed, a user can log in with a username and password created before Drupal 10.1.0. The first time these credentials are used, a new hash is computed and saved. From then on, the user will be able to log in with the same username and password whether or not this module is installed.') . '</p>';`
			`$output .= '<p>' . t('Passwords created before Drupal 10.1.0 <strong>will not work</strong> unless they are used at least once while this module is installed. Make sure that you can log in before uninstalling this module.') . '</p>';`
Issue #1845004 by znerol, claudiu.cristea, Spokje, neclimdul, VladimirAus, slasher13, tvb, pwolanin, NivethaSubramaniyan, pradhumanjainOSL, Ratan Priya, longwave, catch, Crell, andypost, xjm, dawehner, voleger, alexpott, Berdir, klausi, DamienMcKenna, mfb, borisson_, Jalandhar, mohit1604, mcdruid: Replace custom password hashing library with PHP password_hash() 2023-04-04 10:36:05 +00:00			`return $output;`

			`}`
			`}`
Issue #3358524 by benjifisher, quietone, smustgrave: Users cannot log in if Password Compatibility module is not enabled 2023-05-22 09:38:04 +00:00
			`/**`
			`* Implements hook_form_FORM_ID_alter() for system_modules_uninstall_confirm_form.`
			`*/`
			`function phpass_form_system_modules_uninstall_confirm_form_alter(array &$form, FormStateInterface $form_state): void {`
			`$modules = \Drupal::keyValueExpirable('modules_uninstall')`
			`->get(\Drupal::currentUser()->id());`
			`if (!in_array('phpass', $modules)) {`
			`return;`
			`}`
			`\Drupal::messenger()->addWarning(t('Make sure that you can log in before uninstalling the Password Compatibility module. For more information, see the <a href=":phpass">online documentation for the Password Compatibility module</a>.', [`
			`':phpass' => 'https://www.drupal.org/docs/core-modules-and-themes/core-modules/password-compatibility-module',`
			`]));`
			`}`