So, your manager asks for it, tells you we need it. You provide him the above explanation and his eyes glaze over. He clearly either doesn't understand your explanation or doesn't care. He repeats his original statement-- I want it, we need it. You go around that way a few times and get nowhere. What do you do?
I suppose you could look for another job.
So when that happened to me, pretty much just like that, what I did was use a hash on the passwords (SHA-256 IIRC, it was a long time ago), then asymmetrically encrypt/decrypt the resultant hash with hardcoded keys just so they could say they secured their passwords with asymmetrical encryption. And customers are very unlikely to know the difference (or at least, ours were), so there was no real risk if the sales force blabbed about it like that as if it were a useful feature. When management gets a security buzzword stuck in their heads and they think they want it and can't or won't be convinced it's not the solution they think it is, you give it to to them if you want to keep your job regardless of whether it makes any sense or not. Some developers won't even bother to find out what the right solution is, or have the luxury to actually implement it. I gave them what they needed, then bolted what they wanted on top as window dressing. And management will never read my comments on that code, which explain exactly what happened.