Migrate old md5 passwords to bcrypt passwords

Question

I\'m reworking a website in Rails using Devise for authentication. The previous website works with a database of users with md5 passwords, and therefore I want to migrate th

Answer 1

I have an alternative solution:

1. Add bcrypt column.
2. Populate bcrypt column by running MD5 hash through bcrypt algorithm.
3. Change login to always use bcrypt column and hashing function that is plain text->md5->bcrypt.

This way all passwords can be migrated at once and MD5 hashes discarded permanently. Considering doing this myself, can't pick any faults with this idea. Any takers? Am I missing something obvious?