diff --git a/submit.php b/submit.php
index e944ba6..05cc260 100644
--- a/submit.php
+++ b/submit.php
@@ -953,12 +953,13 @@ if (isset($_POST['edit'])) {
 
             $user = $db->db_select($query);
 
-            if(!strcmp(md5($user_currentpass), $user[0]['user_pass'])) {
+            if (password_verify($user_currentpass, $user[0]['user_pass'])) {
                 if(!strcmp($user_newpass1, $user_newpass2)) {
+                    $newhash = password_hash($user_newpass1, PASSWORD_BCRYPT);
                     $query = "UPDATE
                             user
                         SET
-                            user_pass='" . md5($user_newpass1) . "'
+                            user_pass='" . $newhash . "'
                         WHERE
                             user_id=" . $user_id;