Starting with `libxcrypt` 4.4.21, weak password hashes (such as *MD5* and
*SHA1*) are no longer accepted for new passwords. Users that still have
their passwords stored with a weak hash will be asked to update their
password on their next login.
If the login just fails (for example from display manager) switch to a
virtual terminal (*Ctrl-Alt-F2*) and log in there once.