diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php
index e4117e14d..bed4696d9 100644
--- a/modules/comment/comment.controller.php
+++ b/modules/comment/comment.controller.php
@@ -253,10 +253,10 @@ class commentController extends comment
 		// get a object of document model
 		$oDocumentModel = getModel('document');
 
-		// even for manual_inserted if password exists, md5 it.
+		// even for manual_inserted if password exists, hash it.
 		if($obj->password)
 		{
-			$obj->password = md5($obj->password);
+			$obj->password = getModel('member')->hashPassword($obj->password);
 		}
 
 		// get the original posting
@@ -677,7 +677,7 @@ class commentController extends comment
 
 		if($obj->password)
 		{
-			$obj->password = md5($obj->password);
+			$obj->password = getModel('member')->hashPassword($obj->password);
 		}
 
 		if($obj->homepage) 
diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php
index 05f9ecafc..912d8568e 100644
--- a/modules/document/document.controller.php
+++ b/modules/document/document.controller.php
@@ -251,8 +251,11 @@ class documentController extends document
 		if(!$obj->readed_count) $obj->readed_count = 0;
 		if($isLatest) $obj->update_order = $obj->list_order = $obj->document_srl * -1;
 		else $obj->update_order = $obj->list_order;
-		// Check the status of password hash for manually inserting. Apply md5 hashing for otherwise.
-		if($obj->password && !$obj->password_is_hashed) $obj->password = md5($obj->password);
+		// Check the status of password hash for manually inserting. Apply hashing for otherwise.
+		if($obj->password && !$obj->password_is_hashed)
+		{
+			$obj->password = getModel('member')->hashPassword($obj->password);
+		}
 		// Insert member's information only if the member is logged-in and not manually registered.
 		$logged_info = Context::get('logged_info');
 		if(Context::get('is_logged') && !$manual_inserted && !$isRestore)
@@ -437,8 +440,11 @@ class documentController extends document
 		}
 		// Change the update order
 		$obj->update_order = getNextSequence() * -1;
-		// Hash by md5 if the password exists
-		if($obj->password) $obj->password = md5($obj->password);
+		// Hash the password if it exists
+		if($obj->password)
+		{
+			$obj->password = getModel('member')->hashPassword($obj->password);
+		}
 		// If an author is identical to the modifier or history is used, use the logged-in user's information.
 		if(Context::get('is_logged'))
 		{