inspectdb will do a pretty decent stab of things, although there is
always some rewriting necessary in order to give the model attributes
appropriate names (they don't have to match the table column name,
that is what the db_column attribute is for).
Django does not support composite primary keys; where this will
particularly bite is on M2M "through" or "link" tables; 3NF/BCNF would
have those tables with (foreign_key_to_table_a,
foreign_key_to_table_b) as the primary key, where as django will want
a separate "id" column as a primary key.
For passwords, Django provides a password hashing framework:
https://docs.djangoproject.com/en/1.9/topics/auth/passwords/#how-django-stores-passwords
This allows you to define your own custom password hashing algorithm
to accommodate the existing passwords. Ideally, you will update the
stored passwords to the same format
("<algorithm>$<iterations>$<salt>$<hash>"), defining your own custom
name for the algorithm.
Adding your new custom password hasher class to the end of
settings.PASSWORD_HASHERS will then allow users to authenticate, and
then on login or password change - basically, any time the system
verifies a plaintext password - the password hash will be updated to
the preferred hasher (settings.PASSWORD_HASHERS[0]).
If your current hashing algorithm is not secure, eg unsalted md5, then
after a certain amount of time (business decision), you should email
all users who have not got an up-to-date hash that in X weeks you will
reset their passwords and they will have to reset their password.
Cheers
Tom