Passwords are something that interest me when I’m not working on Anki, but I’m afraid I think the two are best kept separate 
Anki has a large attack surface - not only are you at the mercy of any add-ons you’ve installed, but also rogue JavaScript from decks you’ve imported from others, if the passwords are entered into the reviewer webview. And if we make a dedicated notetype or option for testing passwords, that paints a giant “important stuff here” sign that anything malicious can look for.
The idea of hashing the passwords is not a bad one provided it is done correctly (eg something like bcrypt or PBKDF), but I think it would be much safer to be doing the testing outside of the standard Anki GUI. If you wanted standard Anki review intervals, one option would be to make a small TUI app using either the Rust or Python Anki bindings; you’d likely have something workable in a few hours.
Having said that though, I’m not really sure I’d recommend going down that path. The passwords you use frequently will tend to stick in your head by the nature of repeating them frequently. And the ones you use infrequently - wouldn’t they be better placed in a password manager? Yes, it may take a bit longer to look them up when you do need them, but is that worth the time it takes to practice them, and the potential loss of entropy when you choose a password that’s not fully random but easier to remember?