diff --git a/3rdparty b/3rdparty
index 912a45c3458685a1105fba38a39a3a71c7348ed9..dd0e7b6dcec142c790a6325b74a7c4fd3c6d7233 160000
--- a/3rdparty
+++ b/3rdparty
@@ -1 +1 @@
-Subproject commit 912a45c3458685a1105fba38a39a3a71c7348ed9
+Subproject commit dd0e7b6dcec142c790a6325b74a7c4fd3c6d7233
diff --git a/apps/files_sharing/lib/connector/publicauth.php b/apps/files_sharing/lib/connector/publicauth.php
index c9d545180b31c239501d377c9eba0c51370ab18c..4144dafa3794e0c92ff16c294b12eda41d5c3011 100644
--- a/apps/files_sharing/lib/connector/publicauth.php
+++ b/apps/files_sharing/lib/connector/publicauth.php
@@ -48,12 +48,26 @@ class PublicAuth extends \Sabre\DAV\Auth\Backend\AbstractBasic {
 		if (isset($linkItem['share_with'])) {
 			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
 				// Check Password
-				$forcePortable = (CRYPT_BLOWFISH != 1);
-				$hasher = new \PasswordHash(8, $forcePortable);
-				if (!$hasher->CheckPassword($password . $this->config->getSystemValue('passwordsalt', ''), $linkItem['share_with'])) {
-					return false;
-				} else {
+				$newHash = '';
+				if(\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) {
+					/**
+					 * FIXME: Migrate old hashes to new hash format
+					 * Due to the fact that there is no reasonable functionality to update the password
+					 * of an existing share no migration is yet performed there.
+					 * The only possibility is to update the existing share which will result in a new
+					 * share ID and is a major hack.
+					 *
+					 * In the future the migration should be performed once there is a proper method
+					 * to update the share's password. (for example `$share->updatePassword($password)`
+					 *
+					 * @link https://github.com/owncloud/core/issues/10671
+					 */
+					if(!empty($newHash)) {
+
+					}
 					return true;
+				} else {
+					return false;
 				}
 			} else {
 				return false;
diff --git a/apps/files_sharing/lib/controllers/sharecontroller.php b/apps/files_sharing/lib/controllers/sharecontroller.php
index e5fd0f401c253aa349f6df8dfb91de60fe8003c4..552d91643448374e27469bc672e1513c178b2700 100644
--- a/apps/files_sharing/lib/controllers/sharecontroller.php
+++ b/apps/files_sharing/lib/controllers/sharecontroller.php
@@ -99,6 +99,7 @@ class ShareController extends Controller {
 
 	/**
 	 * @PublicPage
+	 * @UseSession
 	 *
 	 * Authenticates against password-protected shares
 	 * @param $token
diff --git a/apps/files_sharing/lib/helper.php b/apps/files_sharing/lib/helper.php
index 3a2d51cddb7f21b1900ed5b4cc717ef0be4cb162..f7204a8db8f6af560726e5eb63064e8fee2a284a 100644
--- a/apps/files_sharing/lib/helper.php
+++ b/apps/files_sharing/lib/helper.php
@@ -3,7 +3,6 @@
 namespace OCA\Files_Sharing;
 
 use OC_Config;
-use PasswordHash;
 
 class Helper {
 
@@ -99,14 +98,28 @@ class Helper {
 		if ($password !== null) {
 			if ($linkItem['share_type'] == \OCP\Share::SHARE_TYPE_LINK) {
 				// Check Password
-				$forcePortable = (CRYPT_BLOWFISH != 1);
-				$hasher = new PasswordHash(8, $forcePortable);
-				if (!($hasher->CheckPassword($password.OC_Config::getValue('passwordsalt', ''),
-											 $linkItem['share_with']))) {
-					return false;
-				} else {
+				$newHash = '';
+				if(\OC::$server->getHasher()->verify($password, $linkItem['share_with'], $newHash)) {
 					// Save item id in session for future requests
 					\OC::$server->getSession()->set('public_link_authenticated', $linkItem['id']);
+
+					/**
+					 * FIXME: Migrate old hashes to new hash format
+					 * Due to the fact that there is no reasonable functionality to update the password
+					 * of an existing share no migration is yet performed there.
+					 * The only possibility is to update the existing share which will result in a new
+					 * share ID and is a major hack.
+					 *
+					 * In the future the migration should be performed once there is a proper method
+					 * to update the share's password. (for example `$share->updatePassword($password)`
+					 *
+					 * @link https://github.com/owncloud/core/issues/10671
+					 */
+					if(!empty($newHash)) {
+
+					}
+				} else {
+					return false;
 				}
 			} else {
 				\OCP\Util::writeLog('share', 'Unknown share type '.$linkItem['share_type']
diff --git a/lib/base.php b/lib/base.php
index c97c158a1fb160087294f64cbefe15ba6281cbb8..9353de5588a311db67b6ffd734ab491e045c757c 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -464,8 +464,7 @@ class OC {
 		// setup 3rdparty autoloader
 		$vendorAutoLoad = OC::$THIRDPARTYROOT . '/3rdparty/autoload.php';
 		if (file_exists($vendorAutoLoad)) {
-			$loader = require_once $vendorAutoLoad;
-			$loader->add('PasswordHash', OC::$THIRDPARTYROOT . '/3rdparty/phpass');
+			require_once $vendorAutoLoad;
 		} else {
 			OC_Response::setStatus(OC_Response::STATUS_SERVICE_UNAVAILABLE);
 			OC_Template::printErrorPage('Composer autoloader not found, unable to continue.');
diff --git a/lib/private/share/share.php b/lib/private/share/share.php
index cd5decf6f718da0695187c6bbec06f9b1bcc09b3..a8febc9aca7236446790785ad007f776c5cddb0c 100644
--- a/lib/private/share/share.php
+++ b/lib/private/share/share.php
@@ -633,9 +633,7 @@ class Share extends \OC\Share\Constants {
 
 				// Generate hash of password - same method as user passwords
 				if (!empty($shareWith)) {
-					$forcePortable = (CRYPT_BLOWFISH != 1);
-					$hasher = new \PasswordHash(8, $forcePortable);
-					$shareWith = $hasher->HashPassword($shareWith.\OC_Config::getValue('passwordsalt', ''));
+					$shareWith = \OC::$server->getHasher()->hash($shareWith);
 				} else {
 					// reuse the already set password, but only if we change permissions
 					// otherwise the user disabled the password protection