Passwords should not be stored encrypted, they should be stored hashed. One-way cryptographic hash. There is no need to ever unencrypt a password. Hash whatever is entered and compare, don't decrypt what is stored and compare.
Of course, that requires changing the code that checks the passwords and the table design. If you can't do both, there's little to nothing you can effectively do.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability