The Password4j-based password encoders currently return false for the upgradeEncodingNonNull method, which means they don't support automatic password encoding upgrades when configuration parameters change. This should be enhanced to properly detect when a password needs to be re-encoded with updated parameters.
Affected Classes Password4jPasswordEncoder (base class) Argon2Password4jPasswordEncoder BcryptPassword4jPasswordEncoder ScryptPassword4jPasswordEncoder Pbkdf2Password4jPasswordEncoder BalloonHashingPassword4jPasswordEncoder