diff --git a/app/controllers/UserController.php b/app/controllers/UserController.php
index 3d4aab1..a6973ef 100644
--- a/app/controllers/UserController.php
+++ b/app/controllers/UserController.php
@@ -31,7 +31,7 @@ class UserController extends ControllerBase
                 $new_pw = $form->getValue('passwordNew');
                 if (strlen($new_pw) > 0) {
 
-                    $hash = password_hash($new_pw, PASSWORD_BCRYPT);
+                    $hash = $this->security->hash($new_pw, 12);
 
                     // User had a password before. just update.
                     if (strlen($user->getPassword()) > 0) {