From 1d0949338e3e4afd39e7429d53897ec8ca81ab6d Mon Sep 17 00:00:00 2001
From: Mathieu <mathieu.lechat@les-tilleuls.coop>
Date: Mon, 2 Jan 2023 09:21:31 +0100
Subject: [PATCH] [Security] Prevent unneeded implementation of
 `PasswordHasherAwareInterface` when migrating passwords

---
 security/passwords.rst | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/security/passwords.rst b/security/passwords.rst
index 2a2f7acc336..76ff9651c08 100644
--- a/security/passwords.rst
+++ b/security/passwords.rst
@@ -134,7 +134,7 @@ Further in this article, you can find a
     .. configuration-block::
 
         .. code-block:: yaml
-        
+
             # config/packages/test/security.yaml
             security:
                 # ...
@@ -544,8 +544,10 @@ migration by returning ``true`` in the ``needsRehash()`` method::
         }
     }
 
-Named Password Hashers
-----------------------
+.. _named-password-hashers:
+
+Dynamic Password Hashers
+------------------------
 
 Usually, the same password hasher is used for all users by configuring it
 to apply to all instances of a specific class. Another option is to use a
@@ -646,6 +648,12 @@ the name of the hasher to use::
         }
     }
 
+.. caution::
+
+    When :ref:`migrating passwords <security-password-migration>`, you don't need to implement ``PasswordHasherAwareInterface``
+    to return the legacy hasher name:
+    Symfony will detect it from your ``migrate_from`` configuration.
+
 If you created your own password hasher implementing the
 :class:`Symfony\\Component\\PasswordHasher\\PasswordHasherInterface`,
 you must register a service for it in order to use it as a named hasher: