diff --git a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
index 0f4829d2ec..e896a03184 100644
--- a/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
+++ b/src/applications/diffusion/panel/DiffusionSetPasswordPanel.php
@@ -178,11 +178,13 @@ final class DiffusionSetPasswordPanel extends PhabricatorSettingsPanel {
         ->setLabel(pht('Best Available Algorithm'))
         ->setValue(PhabricatorPasswordHasher::getBestAlgorithmName()));
 
-    if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
-      $errors[] = pht(
-        'The strength of your stored VCS password hash can be upgraded. '.
-        'To upgrade, either: use the password to authenticate with a '.
-        'repository; or change your password.');
+    if (strlen($hash_envelope->openEnvelope())) {
+      if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+        $errors[] = pht(
+          'The strength of your stored VCS password hash can be upgraded. '.
+          'To upgrade, either: use the password to authenticate with a '.
+          'repository; or change your password.');
+      }
     }
 
     $object_box = id(new PHUIObjectBoxView())
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
index 769ab03a90..bc229fbaab 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
@@ -113,11 +113,13 @@ final class PhabricatorSettingsPanelPassword
     }
 
     $hash_envelope = new PhutilOpaqueEnvelope($user->getPasswordHash());
-    if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
-      $errors[] = pht(
-        'The strength of your stored password hash can be upgraded. '.
-        'To upgrade, either: log out and log in using your password; or '.
-        'change your password.');
+    if (strlen($hash_envelope->openEnvelope())) {
+      if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) {
+        $errors[] = pht(
+          'The strength of your stored password hash can be upgraded. '.
+          'To upgrade, either: log out and log in using your password; or '.
+          'change your password.');
+      }
     }
 
     $len_caption = null;
diff --git a/src/infrastructure/util/password/PhabricatorPasswordHasher.php b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
index b344893689..338a7615ee 100644
--- a/src/infrastructure/util/password/PhabricatorPasswordHasher.php
+++ b/src/infrastructure/util/password/PhabricatorPasswordHasher.php
@@ -333,6 +333,11 @@ abstract class PhabricatorPasswordHasher extends Phobject {
    * @task hashing
    */
   public static function canUpgradeHash(PhutilOpaqueEnvelope $hash) {
+    if (!strlen($hash->openEnvelope())) {
+      throw new Exception(
+        pht('Expected a password hash, received nothing!'));
+    }
+
     $current_hasher = self::getHasherForHash($hash);
     $best_hasher = self::getBestHasher();