diff --git a/libraries/src/Authentication/Password/SHA256Handler.php b/libraries/src/Authentication/Password/SHA256Handler.php
deleted file mode 100644
index 23217a206c83e..0000000000000
--- a/libraries/src/Authentication/Password/SHA256Handler.php
+++ /dev/null
@@ -1,97 +0,0 @@
-<?php
-/**
- * Joomla! Content Management System
- *
- * @copyright  Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved.
- * @license    GNU General Public License version 2 or later; see LICENSE.txt
- */
-
-namespace Joomla\CMS\Authentication\Password;
-
-\defined('JPATH_PLATFORM') or die;
-
-use Joomla\Authentication\Password\HandlerInterface;
-use Joomla\CMS\Crypt\Crypt;
-use Joomla\CMS\User\UserHelper;
-
-/**
- * Password handler for SHA256 hashed passwords
- *
- * @since       4.0.0
- * @deprecated  5.0  Support for SHA256 hashed passwords will be removed
- */
-class SHA256Handler implements HandlerInterface, CheckIfRehashNeededHandlerInterface
-{
-	/**
-	 * Check if the password requires rehashing
-	 *
-	 * @param   string  $hash  The password hash to check
-	 *
-	 * @return  boolean
-	 *
-	 * @since   4.0.0
-	 */
-	public function checkIfRehashNeeded(string $hash): bool
-	{
-		return true;
-	}
-
-	/**
-	 * Generate a hash for a plaintext password
-	 *
-	 * @param   string  $plaintext  The plaintext password to validate
-	 * @param   array   $options    Options for the hashing operation
-	 *
-	 * @return  string
-	 *
-	 * @since   4.0.0
-	 */
-	public function hashPassword($plaintext, array $options = [])
-	{
-		$salt = $options['salt'] ?? '';
-
-		if ($salt !== '')
-		{
-			$salt = preg_replace('|^{sha256}|i', '', $salt);
-		}
-		else
-		{
-			$salt = UserHelper::genRandomPassword(16);
-		}
-
-		$encrypted = ($salt) ? hash('sha256', $plaintext . $salt) . ':' . $salt : hash('sha256', $plaintext);
-
-		return '{SHA256}' . $encrypted;
-	}
-
-	/**
-	 * Check that the password handler is supported in this environment
-	 *
-	 * @return  boolean
-	 *
-	 * @since   4.0.0
-	 */
-	public static function isSupported()
-	{
-		return true;
-	}
-
-	/**
-	 * Validate a password
-	 *
-	 * @param   string  $plaintext  The plain text password to validate
-	 * @param   string  $hashed     The password hash to validate against
-	 *
-	 * @return  boolean
-	 *
-	 * @since   4.0.0
-	 */
-	public function validatePassword($plaintext, $hashed)
-	{
-		$parts     = explode(':', $hashed);
-		$salt      = @$parts[1];
-		$testcrypt = $this->hashPassword($plaintext, ['salt' => $salt]);
-
-		return Crypt::timingSafeCompare($hashed, $testcrypt);
-	}
-}
diff --git a/libraries/src/Service/Provider/Authentication.php b/libraries/src/Service/Provider/Authentication.php
index 7e09fe044bd76..f3fa95495a8d3 100644
--- a/libraries/src/Service/Provider/Authentication.php
+++ b/libraries/src/Service/Provider/Authentication.php
@@ -19,7 +19,6 @@
 use Joomla\CMS\Authentication\Password\ChainedHandler;
 use Joomla\CMS\Authentication\Password\MD5Handler;
 use Joomla\CMS\Authentication\Password\PHPassHandler;
-use Joomla\CMS\Authentication\Password\SHA256Handler;
 use Joomla\DI\Container;
 use Joomla\DI\ServiceProviderInterface;
 
@@ -84,7 +83,6 @@ function (Container $container)
 					}
 
 					$handler->addHandler($container->get(PHPassHandler::class));
-					$handler->addHandler($container->get(SHA256Handler::class));
 					$handler->addHandler($container->get(MD5Handler::class));
 
 					return $handler;
@@ -142,24 +140,5 @@ function (Container $container)
 				},
 				true
 			);
-
-		$container->alias('password.handler.sha256', SHA256Handler::class)
-			->share(
-				SHA256Handler::class,
-				function (Container $container)
-				{
-					@trigger_error(
-						sprintf(
-							'The "%1$s" class service is deprecated, use the "%2$s" service for the active password handler instead.',
-							SHA256Handler::class,
-							'password.handler.default'
-						),
-						E_USER_DEPRECATED
-					);
-
-					return new SHA256Handler;
-				},
-				true
-			);
 	}
 }
diff --git a/libraries/src/User/UserHelper.php b/libraries/src/User/UserHelper.php
index 00130345476a0..4f99980c19b72 100644
--- a/libraries/src/User/UserHelper.php
+++ b/libraries/src/User/UserHelper.php
@@ -18,7 +18,6 @@
 use Joomla\CMS\Authentication\Password\CheckIfRehashNeededHandlerInterface;
 use Joomla\CMS\Authentication\Password\MD5Handler;
 use Joomla\CMS\Authentication\Password\PHPassHandler;
-use Joomla\CMS\Authentication\Password\SHA256Handler;
 use Joomla\CMS\Crypt\Crypt;
 use Joomla\CMS\Factory;
 use Joomla\CMS\Language\Text;
@@ -87,15 +86,6 @@ abstract class UserHelper
 	 */
 	const HASH_PHPASS = 101;
 
-	/**
-	 * Constant defining the SHA256 password algorithm for use with password hashes
-	 *
-	 * @var    integer
-	 * @since  4.0.0
-	 * @deprecated  5.0  Support for SHA256 hashed passwords will be removed
-	 */
-	const HASH_SHA256 = 102;
-
 	/**
 	 * Method to add a user to a group.
 	 *
@@ -415,9 +405,6 @@ public static function hashPassword($password, $algorithm = self::HASH_BCRYPT, a
 
 			case self::HASH_PHPASS :
 				return $container->get(PHPassHandler::class)->hashPassword($password, $options);
-
-			case self::HASH_SHA256 :
-				return $container->get(SHA256Handler::class)->hashPassword($password, $options);
 		}
 
 		// Unsupported algorithm, sorry!
@@ -470,11 +457,6 @@ public static function verifyPassword($password, $hash, $user_id = 0)
 			/** @var BCryptHandler $handler */
 			$handler = $container->get(BCryptHandler::class);
 		}
-		elseif (substr($hash, 0, 8) === '{SHA256}')
-		{
-			/** @var SHA256Handler $handler */
-			$handler = $container->get(SHA256Handler::class);
-		}
 		else
 		{
 			/** @var ChainedHandler $handler */