> Django keeps "weak" password hashers for support with legacy systems and
speeding up the tests. Moreover they are not enabled by
default, so you must add them explicitly to the
PASSWORD_HASHERS. Folks that do this should be aware of their weakness. IMO there is not need for a new system check.
Francisco, have you seen this mistake made? It doesn't seem very likely to me. Typically, the setting is customized in a test settings file; thus, I don't see how this could propagate to a production environment.