Do I have to (re)define my user passwords into the Framework?

You should not store passwords in your Framework definition.