how custom do you want to get?
if you’‘re talking about central password management, you could cusomize a client (exodus, spark, whatever) such that it takes the user’'s passowrd input, adds a salt, md5s it and uses the result as the password it passes to the server.
on the server end you have a util that does the same thing in order to set the user’'s password.
This is certainly hackable, but it would take some skill to do it. if you further modify the client to never connect w/o TLS then they can’'t sniff the password and would have to hack into the executable to figure out the scheme…