diff --git a/django/contrib/auth/hashers.py b/django/contrib/auth/hashers.py
index c1de2597ad6..e6544c7b556 100644
--- a/django/contrib/auth/hashers.py
+++ b/django/contrib/auth/hashers.py
@@ -295,7 +295,7 @@ class PBKDF2PasswordHasher(BasePasswordHasher):
     """
 
     algorithm = "pbkdf2_sha256"
-    iterations = 580000
+    iterations = 720000
     digest = hashlib.sha256
 
     def encode(self, password, salt, iterations=None):
diff --git a/docs/releases/4.2.txt b/docs/releases/4.2.txt
index 2f91282e73d..9f3ddfd3ffc 100644
--- a/docs/releases/4.2.txt
+++ b/docs/releases/4.2.txt
@@ -141,7 +141,7 @@ Minor features
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 * The default iteration count for the PBKDF2 password hasher is increased from
-  390,000 to 480,000.
+  390,000 to 600,000.
 
 * :class:`~django.contrib.auth.forms.UserCreationForm` now saves many-to-many
   form fields for a custom user model.
diff --git a/docs/releases/5.0.txt b/docs/releases/5.0.txt
index 05dded12260..8146f3bb67c 100644
--- a/docs/releases/5.0.txt
+++ b/docs/releases/5.0.txt
@@ -54,7 +54,7 @@ Minor features
 ~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 * The default iteration count for the PBKDF2 password hasher is increased from
-  480,000 to 580,000.
+  600,000 to 720,000.
 
 :mod:`django.contrib.contenttypes`
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/tests/auth_tests/test_hashers.py b/tests/auth_tests/test_hashers.py
index 71f2864063a..e41fbf9b780 100644
--- a/tests/auth_tests/test_hashers.py
+++ b/tests/auth_tests/test_hashers.py
@@ -74,7 +74,7 @@ class TestUtilsHashPass(SimpleTestCase):
         encoded = make_password("lètmein", "seasalt", "pbkdf2_sha256")
         self.assertEqual(
             encoded,
-            "pbkdf2_sha256$580000$seasalt$2sMWfhmkPY33gxRmJ4qOvKMhbLEWgy9yOGCMmzRG4v4=",
+            "pbkdf2_sha256$720000$seasalt$eDupbcisD1UuIiou3hMuMu8oe/XwnpDw45r6AA5iv0E=",
         )
         self.assertTrue(is_password_usable(encoded))
         self.assertTrue(check_password("lètmein", encoded))
@@ -379,8 +379,8 @@ class TestUtilsHashPass(SimpleTestCase):
         encoded = hasher.encode("lètmein", "seasalt2")
         self.assertEqual(
             encoded,
-            "pbkdf2_sha256$580000$"
-            "seasalt2$BLfRdHlAvfDMYcb+HhJhZe849VzO7vuXgxGLqx3hwI0=",
+            "pbkdf2_sha256$720000$"
+            "seasalt2$e8hbsPnTo9qWhT3xYfKWoRth0h0J3360yb/tipPhPtY=",
         )
         self.assertTrue(hasher.verify("lètmein", encoded))
 
@@ -388,7 +388,7 @@ class TestUtilsHashPass(SimpleTestCase):
         hasher = PBKDF2SHA1PasswordHasher()
         encoded = hasher.encode("lètmein", "seasalt2")
         self.assertEqual(
-            encoded, "pbkdf2_sha1$580000$seasalt2$KLjMFKSPXZb6nco1W2hi/NtT4gk="
+            encoded, "pbkdf2_sha1$720000$seasalt2$2DDbzziqCtfldrRSNAaF8oA9OMw="
         )
         self.assertTrue(hasher.verify("lètmein", encoded))