NOTE: think about backwards compatibility
User passwords are stored hashed with SHA-1
Std. Message Digest
Remark to review hint: parameterized JUnit tests for the DatabasePrefixHandlerTest class make no sense here, as they clutter up the test result making it hard to find out which test actually failed.