Yeah its “Broke” you have to code around it 
using Epicor.Security.Cryptography.SHA;
if(Hasher.VerifyHash(base.callContextBpmData.Password, this.GetPasswordBySystemUserId(Db, callContextClient.CurrentUserId), "SHA256"))
{
//Valid
}
else
{
//Invalid
}