First you would have to update your login and user update page to make sure they save an encrypted value in the database. I'd probably create a copy of the existing pages and edit them to get that working.
Then you can work on updating the login page to work with the newly registered users.
Then the final step would be to create the update password page and send out the emails to the existing users to update their passwords. Make sure your forgot password page uses the same reset password logic for users that might miss the email.
I wouldn't start from scratch, but it isn't a small amount of work to pull off with all of the pages effected.