diff --git a/src/Lodash/Auth/Contracts/AuthServiceContract.php b/src/Lodash/Auth/Contracts/AuthServiceContract.php
index a132b41..f0f5d72 100644
--- a/src/Lodash/Auth/Contracts/AuthServiceContract.php
+++ b/src/Lodash/Auth/Contracts/AuthServiceContract.php
@@ -34,6 +34,8 @@ public function retrieveUserByToken(int $identifier, string $token): ?UserContra
 
     public function validateCredentials(UserContract $user, string $password): bool;
 
+    public function rehashPasswordIfRequired(UserContract $user, array $credentials, bool $force = false): void;
+
     public function canUserEmulateOtherUser(UserContract $emulatorUser, UserContract $emulatedUser): bool;
 
     public function getGoogleUserByAccessToken(string $googleToken): ?UserContract;
diff --git a/src/Lodash/Auth/InternalUserProvider.php b/src/Lodash/Auth/InternalUserProvider.php
index 7b7b3a8..6fc4027 100644
--- a/src/Lodash/Auth/InternalUserProvider.php
+++ b/src/Lodash/Auth/InternalUserProvider.php
@@ -19,30 +19,35 @@ public function __construct(AuthServiceContract $authService, array $config)
         $this->config = $config;
     }
 
-    public function retrieveById($identifier)
+    public function retrieveById($identifier): ?Authenticatable
     {
         return $this->authService->retrieveUserById((int) $identifier);
     }
 
-    public function retrieveByToken($identifier, $token)
+    public function retrieveByToken($identifier, $token): ?Authenticatable
     {
         return $this->authService->retrieveUserByToken((int) $identifier, $token);
     }
 
-    public function updateRememberToken(Authenticatable $user, $token)
+    public function updateRememberToken(Authenticatable $user, $token): void
     {
         $this->authService->updateRememberToken($user, $token);
     }
 
-    public function retrieveByCredentials(array $credentials)
+    public function retrieveByCredentials(array $credentials): ?Authenticatable
     {
         return $this->authService->retrieveByCredentials($credentials);
     }
 
-    public function validateCredentials(Authenticatable $user, array $credentials)
+    public function validateCredentials(Authenticatable $user, array $credentials): bool
     {
         $plain = $credentials['password'];
 
         return $this->authService->validateCredentials($user, $plain);
     }
+
+    public function rehashPasswordIfRequired(Authenticatable $user, array $credentials, bool $force = false): void
+    {
+        $this->authService->rehashPasswordIfRequired($user, $credentials, $force);
+    }
 }
diff --git a/src/Lodash/Auth/Services/AuthService.php b/src/Lodash/Auth/Services/AuthService.php
index fa4fe7c..c3efb21 100644
--- a/src/Lodash/Auth/Services/AuthService.php
+++ b/src/Lodash/Auth/Services/AuthService.php
@@ -171,6 +171,17 @@ public function validateCredentials(UserContract $user, string $password): bool
         return $this->hasher->check($password, $user->getAuthPassword());
     }
 
+    public function rehashPasswordIfRequired(UserContract $user, array $credentials, bool $force = false): void
+    {
+        if (! $this->hasher->needsRehash($user->getAuthPassword()) && ! $force) {
+            return;
+        }
+
+        $user->forceFill([
+            $user->getAuthPasswordName() => $this->hasher->make($credentials['password']),
+        ])->save();
+    }
+
     public function canUserEmulateOtherUser(UserContract $emulatorUser, UserContract $emulatedUser): bool
     {
         // Should be override in subclass