In router.json, the third filter was used to hash the password field of create and update requests for internal user objects. That has been removed in favor of using the encryption key alias as defined in boot.properties since internal objects are now 1st class citizens.
Removal of this router filter should be noted as one of the update checklist items for those updating to 6.5 or later. It presently only impacts how internal user passwords are encrypted and is done as a result of the delegated admin work. It is not strictly necessary to remove the filter if the user doesn't intend to take advantage of DA.
The removed filter is: