When using the Password cast on a model's password field, if the password is already hashed, this cast hashes the already hashed password again, thus making it fail any Hash::check() calls after that.

This could be problematic if you use features of Laravel such as Auth::logoutOtherDevices('password'), since Laravel re-hashses the password behind the scenes automatically, essentially causing the password to be double hashed.

Context

• Package version: 1.0.0
• Laravel version: 8.0.5

Fixed in 1.0.1