Use wp_hash_password() ?

[BrookeDot]

Just to chime in. I don't know if it's really necessary to use wp_hash_password() If you look at password protected post they don't use that function (to my knowledge) I don't see any disadvantage to using that function but really don't see a major advantage either.

[benhuson]

Probably not required, but has one minor advantage.

At the moment passwords are just stored as MD5 hashes rather than plain text. Using wp_hash_password() would provide better encryption and it is a pluggable function if a user want to integrate a more complex hashing system.

For the majority of users I'm sure MD5 is fine but at least this would offer flexibility.

[BrookeDot]

I was unaware you were hashing at all (didn't look at that part of the code) since you are hashing, I would say YES switch to wp_hash_password :)