Remove support for deprecated password-hashing algorithm

* Remove all methods implementing and checking for the old algorithm
* Document a pre-upgrade step to check for remaining obsolete passwords
* Remove config.salt

config/environments/cucumber.rb

@@ -38,7 +38,5 @@ Rails.application.configure do
   # Unique cookies and use cookies for session
   # config.action_controller.session_store :cookie_store, :key => 'TracksCucumber'
 
-  SITE_CONFIG['salt'] ||= 'change-me'
-  
   config.time_zone = 'UTC'
 end

config/environments/test.rb

@@ -34,8 +34,6 @@ Rails.application.configure do
   # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
 
-  SITE_CONFIG['salt'] ||= 'change-me'
-  
   config.time_zone = 'UTC'
 
   # Raises error for missing translations

config/site.yml.tmpl

@@ -1,8 +1,3 @@
-# This is the 'salt' to add to the password before it is encrypted
-# You need to change this to something unique for yourself
-salt: "change-me"
-
-
 # NOTE: openid, ldap and cas are currently not supported anymore.
 authentication_schemes:
   - "database"