diff --git a/UPGRADING b/UPGRADING
index 14be7a5ad00..45a1780b32c 100644
--- a/UPGRADING
+++ b/UPGRADING
@@ -97,6 +97,9 @@ PHP 8.0 UPGRADE NOTES
     string. Previously non-string needles were interpreted as an ASCII code
     point. An explicit call to chr() can be used to restore the previous
     behavior.
+  . The 'salt' option of password_hash() is no longer supported. If the 'salt'
+    option is used a warning is generated, the provided salt is ignored, and a
+    generated salt is used instead.
 
 - Zlib:
   . gzgetss() has been removed.
diff --git a/ext/standard/password.c b/ext/standard/password.c
index 477d07f01b2..1a6f8729c97 100644
--- a/ext/standard/password.c
+++ b/ext/standard/password.c
@@ -52,19 +52,6 @@ void php_password_algo_unregister(const char *ident) {
 	zend_hash_str_del(&php_password_algos, ident, strlen(ident));
 }
 
-static int php_password_salt_is_alphabet(const char *str, const size_t len) /* {{{ */
-{
-	size_t i = 0;
-
-	for (i = 0; i < len; i++) {
-		if (!((str[i] >= 'A' && str[i] <= 'Z') || (str[i] >= 'a' && str[i] <= 'z') || (str[i] >= '0' && str[i] <= '9') || str[i] == '.' || str[i] == '/')) {
-			return FAILURE;
-		}
-	}
-	return SUCCESS;
-}
-/* }}} */
-
 static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret) /* {{{ */
 {
 	size_t pos = 0;
@@ -123,65 +110,11 @@ static zend_string* php_password_make_salt(size_t length) /* {{{ */
 /* }}} */
 
 static zend_string* php_password_get_salt(zval *unused_, size_t required_salt_len, HashTable *options) {
-	zend_string *buffer;
-	zval *option_buffer;
-
-	if (!options || !(option_buffer = zend_hash_str_find(options, "salt", sizeof("salt") - 1))) {
-		return php_password_make_salt(required_salt_len);
+	if (options && zend_hash_str_exists(options, "salt", sizeof("salt") - 1)) {
+		php_error_docref(NULL, E_WARNING, "The 'salt' option is no longer supported. The provided salt has been been ignored");
 	}
 
-	php_error_docref(NULL, E_DEPRECATED, "Use of the 'salt' option to password_hash is deprecated");
-
-	switch (Z_TYPE_P(option_buffer)) {
-		case IS_STRING:
-			buffer = zend_string_copy(Z_STR_P(option_buffer));
-			break;
-		case IS_LONG:
-		case IS_DOUBLE:
-		case IS_OBJECT:
-			buffer = zval_get_string(option_buffer);
-			break;
-		case IS_FALSE:
-		case IS_TRUE:
-		case IS_NULL:
-		case IS_RESOURCE:
-		case IS_ARRAY:
-		default:
-			php_error_docref(NULL, E_WARNING, "Non-string salt parameter supplied");
-			return NULL;
-	}
-
-	/* XXX all the crypt related APIs work with int for string length.
-		That should be revised for size_t and then we maybe don't require
-		the > INT_MAX check. */
-	if (ZEND_SIZE_T_INT_OVFL(ZSTR_LEN(buffer))) {
-		php_error_docref(NULL, E_WARNING, "Supplied salt is too long");
-		zend_string_release_ex(buffer, 0);
-		return NULL;
-	}
-
-	if (ZSTR_LEN(buffer) < required_salt_len) {
-		php_error_docref(NULL, E_WARNING, "Provided salt is too short: %zd expecting %zd", ZSTR_LEN(buffer), required_salt_len);
-		zend_string_release_ex(buffer, 0);
-		return NULL;
-	}
-
-	if (php_password_salt_is_alphabet(ZSTR_VAL(buffer), ZSTR_LEN(buffer)) == FAILURE) {
-		zend_string *salt = zend_string_alloc(required_salt_len, 0);
-		if (php_password_salt_to64(ZSTR_VAL(buffer), ZSTR_LEN(buffer), required_salt_len, ZSTR_VAL(salt)) == FAILURE) {
-			php_error_docref(NULL, E_WARNING, "Provided salt is too short: %zd", ZSTR_LEN(buffer));
-			zend_string_release_ex(salt, 0);
-			zend_string_release_ex(buffer, 0);
-			return NULL;
-		}
-		zend_string_release_ex(buffer, 0);
-		return salt;
-	} else {
-		zend_string *salt = zend_string_alloc(required_salt_len, 0);
-		memcpy(ZSTR_VAL(salt), ZSTR_VAL(buffer), required_salt_len);
-		zend_string_release_ex(buffer, 0);
-		return salt;
-	}
+	return php_password_make_salt(required_salt_len);
 }
 
 /* bcrypt implementation */
diff --git a/ext/standard/tests/password/password_bcrypt_errors.phpt b/ext/standard/tests/password/password_bcrypt_errors.phpt
index a0826080e62..64496744cb1 100644
--- a/ext/standard/tests/password/password_bcrypt_errors.phpt
+++ b/ext/standard/tests/password/password_bcrypt_errors.phpt
@@ -8,14 +8,6 @@ var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 3)));
 
 var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => 32)));
 
-var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "foo")));
-
-var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => "123456789012345678901")));
-
-var_dump(password_hash("foo", PASSWORD_BCRYPT, array("salt" => 123)));
-
-var_dump(password_hash("foo", PASSWORD_BCRYPT, array("cost" => "foo")));
-
 ?>
 --EXPECTF--
 Warning: password_hash(): Invalid bcrypt cost parameter specified: 3 in %s on line %d
@@ -23,21 +15,3 @@ NULL
 
 Warning: password_hash(): Invalid bcrypt cost parameter specified: 32 in %s on line %d
 NULL
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-
-Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on line %d
-NULL
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-
-Warning: password_hash(): Provided salt is too short: 21 expecting 22 in %s on line %d
-NULL
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-
-Warning: password_hash(): Provided salt is too short: 3 expecting 22 in %s on line %d
-NULL
-
-Warning: password_hash(): Invalid bcrypt cost parameter specified: 0 in %s on line %d
-NULL
diff --git a/ext/standard/tests/password/password_deprecated_salts.phpt b/ext/standard/tests/password/password_deprecated_salts.phpt
deleted file mode 100644
index c173401067d..00000000000
--- a/ext/standard/tests/password/password_deprecated_salts.phpt
+++ /dev/null
@@ -1,20 +0,0 @@
---TEST--
-Test deprecated operation of password_hash()
---FILE--
-<?php
-//-=-=-=-
-
-
-var_dump(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "salt" => "usesomesillystringforsalt")));
-
-var_dump(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0))));
-
-echo "OK!";
-?>
---EXPECTF--
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-string(60) "$2y$07$usesomesillystringfore2uDLvp1Ii2e./U9C8sBjqp8I90dH6hi"
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-string(60) "$2y$10$MTIzNDU2Nzg5MDEyMzQ1Nej0NmcAWSLR.oP7XOR9HD/vjUuOj100y"
-OK!
diff --git a/ext/standard/tests/password/password_hash_error.phpt b/ext/standard/tests/password/password_hash_error.phpt
index 6416eca91b1..89ca127bc42 100644
--- a/ext/standard/tests/password/password_hash_error.phpt
+++ b/ext/standard/tests/password/password_hash_error.phpt
@@ -16,11 +16,6 @@ var_dump(password_hash("foo", PASSWORD_BCRYPT, "baz"));
 
 var_dump(password_hash(array(), PASSWORD_BCRYPT));
 
-var_dump(password_hash("123", PASSWORD_BCRYPT, array("salt" => array())));
-
-/* Non-string salt, checking for memory leaks */
-var_dump(password_hash('123', PASSWORD_BCRYPT, array('salt' => 1234)));
-
 ?>
 --EXPECTF--
 Warning: password_hash() expects at least 2 parameters, 0 given in %s on line %d
@@ -42,13 +37,3 @@ NULL
 
 Warning: password_hash() expects parameter 1 to be string, array given in %s on line %d
 NULL
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-
-Warning: password_hash(): Non-string salt parameter supplied in %s on line %d
-NULL
-
-Deprecated: password_hash(): Use of the 'salt' option to password_hash is deprecated in %s on line %d
-
-Warning: password_hash(): Provided salt is too short: 4 expecting 22 in %s on line %d
-NULL
diff --git a/ext/standard/tests/password/password_removed_salt_option.phpt b/ext/standard/tests/password/password_removed_salt_option.phpt
new file mode 100644
index 00000000000..356bdec3e8a
--- /dev/null
+++ b/ext/standard/tests/password/password_removed_salt_option.phpt
@@ -0,0 +1,20 @@
+--TEST--
+Test removed support for explicit salt option
+--FILE--
+<?php
+//-=-=-=-
+
+
+var_dump(strlen(password_hash("rasmuslerdorf", PASSWORD_BCRYPT, array("cost" => 7, "salt" => "usesomesillystringforsalt"))));
+
+var_dump(strlen(password_hash("test", PASSWORD_BCRYPT, array("salt" => "123456789012345678901" . chr(0)))));
+
+echo "OK!";
+?>
+--EXPECTF--
+Warning: password_hash(): The 'salt' option is no longer supported. The provided salt has been been ignored in %s on line %d
+int(60)
+
+Warning: password_hash(): The 'salt' option is no longer supported. The provided salt has been been ignored in %s on line %d
+int(60)
+OK!