How to determine which password hash is used?

We have migrated website from a vanilla coded PHP to Drupal, and I have also migrated all the users.

The old website has been using the password_hash() function to encrypt the password.

The website has been running for a month now. I'm looking at the user table, and I want to know determine which users has been encrypted using password_hash() or the default Drupal one.

I have this code

$query = \Drupal::entityQuery('user');

$uids = $query->execute();

foreach ($uids as $uid) {
    $user = User::load($uid);

    // Checking to do here...
}

Given the code used by PhpassHashedPassword::needsRehash(), a method implemented by the class used for the default password hashing service, a password is stored using the Drupal hashing schema when:

• The first three hash characters are $, S, and $
• The hash length is PhpassHashedPassword::HASH_LENGTH

The other hashing schemas Drupal recognizes are the following.

• When the first two hash characters are U and $, the password hash has been updated by user_update_7000() from a MD5 hash used in Drupal 6
• When the first three characters are $, H, and $ (or $, P, and $) the hash has been generated by phpass via MD5

As side note, a password hash is regenerated when the user logs in, which is the only moment Drupal has the password. To check for which users the stored password hash isn't using the default Drupal hash schema, it's quicker to check which users haven't logged in after the site was migrated to Drupal.