This is the query of edge as shown in the django debug toolbar when I update the user info. The password is md5 by default.

UPDATE "authtools_user" SET "password" = 'md5$…', 

Which is defined in development.py Is there a reason to use md5 here?:

edge/settings/development.py
# Less strict password authentication and validation
    'django.contrib.auth.hashers.MD5PasswordHasher',

Having stumbled upon projects that used md5 in production, I would argue to not even use it in development mode ;).

Please close if you disagree.

As you rightly pointed out this is a development only setting and we do mention Argon2 for production. MD5 was chosen for its speed and avoiding the need for another dependency. However, we can consider changing this to PBKDF2 if the performance impact is minimal.

Password algorithm is updated 😊