diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
index 4b117a9..493114e 100644
--- a/lib/Crypto/Phpass.php
+++ b/lib/Crypto/Phpass.php
@@ -53,6 +53,12 @@ public function __construct(IL10N $localization, $iterationCount = 8)
      */
     public function checkPassword($password, $dbHash, $salt = null)
     {
+        // WordPress 6.8 upgraded password hashing for bcrypt
+        // https://make.wordpress.org/core/2025/02/17/wordpress-6-8-will-use-bcrypt-for-password-hashing/
+        if (str_starts_with( $dbHash, '$wp' )) {
+            $password_to_verify = base64_encode( hash_hmac( 'sha384', $password, 'wp-sha384', true ) );
+            return password_verify( $password_to_verify, substr( $dbHash, 3 ) );
+        }
         return hash_equals($dbHash, $this->crypt($password, $dbHash));
     }