We now use a one-time PIN delivered by email, instead of having users choose and remember a password. Our previous authentication mechanism was based on a service called Auth0 that proved not to be reliable enough for our purposes.
Log-in and sign-up flows now start at the same place, and which path you take depends only on whether you signed up already with the email address you provide.
The first time you log in with the new system, if you had a user profile with the same email previously, it will be migrated. For example if you had set your name or display picture, this will be migrated over.
We no longer require the "content settings" permission to be given at installation time, a change we are able to make now that we have changed the log-in mechanism, as it was required only to allow certain pop-ups.
When creating or editing a new user account, administrators can now optionally set the name and headline/title for the account.