Computer networks

Is this encryption secure?

Hello,
The task is to encrypt the traffic of the game in order to prevent the interception and substitution of packets, the interception of game sessions. I came to this, what do you say? is it reliable?
1. Client registration The
password from the client is hashed by SHA256 and sent over an open channel to the server (the hash glows 1 time during registration!)
2. Interaction with a registered client
The client wants to enter the game, sends an intent to the server. The server sends a random number to the client over an open channel. The client encrypts its password using SHA256 and a random number from the server (RN):
CPASSWORD = SHA(RN + SHA(PASSWORD))
sends to the server, the server compares its generated hash based on the password hash and the known random number RN with the one received from the client:
if(SHA(RN + SHA(PASSWORD))client == SHA(RN + SHA(PASSWORD))server)
if they match, the client enters the game.
3. Traffic encryption
Now all traffic is encrypted using the symmetric Blowfish algorithm, and the password hash is used as the key.
data: 1,0,Login
key: 99c2bb3e7c93dd54a206c77388ee09708e39db1a6f544ff6887612495bce3920
alg: Blowfish
Output: tFoTF0Oms+8Z
Total: the encryption key glows only at the time of registration, which is not absolutely reliable, but not very scary either? you can use the Diffie-Hellman protocol for key exchange, but another problem arises, the algorithm is vulnerable to data modification in the communication channel, including the "Man in the middle" attack. If you choose between two evils, does the first seem simpler and more reliable, or not?