There is not a server behavior or automatic process for updating the password but you could create a page to do this.
The page would need a recordset to pull the users records from the db. Next you would add an update server behavior to the page. For the update you can just update the password field and reference the value from the recordset but choose to format it with sha1. This should update the user's record with an encrypted version of the password. If you were to do this manually you could have a page with a form on it that you enter the old password in, then have the form submit to the same page and use the bindings to show it on the page. After you put the binding on the page you can put the sha1 formatting around it to have it give you the sha1 version of the value.
There is also probably websites out there that can do this for you as well but I would not recommend entering passwords into a website.
As far as any new files to upload you may need to update the sha1 file if it was not there previously. Re-uploading the entire folder might not be a bad idea just to be sure.
