diff -u b/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php b/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php
--- b/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php
+++ b/core/lib/Drupal/Core/Field/Plugin/Field/FieldType/PasswordItem.php
@@ -45,13 +45,18 @@
 
     $entity = $this->getEntity();
 
-    // Update the user password if it has changed.
-    if (!$this->pre_hashed && ($entity->isNew() || (strlen(trim($this->value)) > 0 && $this->value != $entity->original->{$this->getFieldDefinition()->getName()}->value))) {
-      // Allow alternate password hashing schemes.
-      $this->value = \Drupal::service('password')->hash(trim($this->value));
-      // Abort if the hashing failed and returned FALSE.
-      if (!$this->value) {
-        throw new EntityMalformedException('The entity does not have a password.');
+    // Skip if the password is pre hashed. This is set when migrating users from
+    // Drupal 7.
+    if (!$this->pre_hashed) {
+      // Update the user password for a new user or if the password has changed.
+      if ($entity->isNew() ||
+          (strlen(trim($this->value)) > 0 && $this->value != $entity->original->{$this->getFieldDefinition()->getName()}->value)) {
+        // Allow alternate password hashing schemes.
+        $this->value = \Drupal::service('password')->hash(trim($this->value));
+        // Abort if the hashing failed and returned FALSE.
+        if (!$this->value) {
+          throw new EntityMalformedException('The entity does not have a password.');
+        }
       }
     }